33 lines
1.1 KiB
Bash
Executable File
33 lines
1.1 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
[[ $# -ne 1 ]] && die "Usage: $PROGRAM $COMMAND pass-name"
|
|
|
|
path=${1%/}
|
|
check_sneaky_paths "$path"
|
|
mkdir -p -v "$PREFIX/$(dirname -- "$path")"
|
|
set_gpg_recipients "$(dirname -- "$path")"
|
|
passfile="$PREFIX/$path.gpg"
|
|
set_git "$passfile"
|
|
|
|
tmpdir #Defines $SECURE_TMPDIR
|
|
tmp_file="$(mktemp -u "$SECURE_TMPDIR/XXXXXX")-${path//\//-}.txt"
|
|
|
|
action="Add"
|
|
if [[ -f $passfile ]]; then
|
|
$GPG -d "${GPG_OPTS[@]}" "$passfile" | tail -n +2 > "$tmp_file" || exit 1
|
|
action="Edit"
|
|
fi
|
|
${EDITOR:-vi} "$tmp_file"
|
|
[[ -f $tmp_file ]] || die "New password not saved."
|
|
$GPG -d -o - "${GPG_OPTS[@]}" "$passfile" 2>/dev/null | tail -n +2 | diff - "$tmp_file" &>/dev/null && die "Password unchanged."
|
|
|
|
tmp_file_joined="$(mktemp -u "$SECURE_TMPDIR/XXXXXX")-${path//\//-}.txt"
|
|
|
|
$GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n 1 > "$tmp_file_joined"
|
|
cat "$tmp_file" >> "$tmp_file_joined"
|
|
|
|
while ! $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" "$tmp_file_joined"; do
|
|
yesno "GPG encryption failed. Would you like to try again?"
|
|
done
|
|
git_add_file "$passfile" "$action password for $path using ${EDITOR:-vi}."
|