diff options
Diffstat (limited to 'lib/keyringer/actions')
-rwxr-xr-x | lib/keyringer/actions/append | 2 | ||||
l--------- | lib/keyringer/actions/clip | 1 | ||||
-rwxr-xr-x | lib/keyringer/actions/commands | 1 | ||||
-rwxr-xr-x | lib/keyringer/actions/decrypt | 2 | ||||
-rwxr-xr-x | lib/keyringer/actions/edit | 14 | ||||
-rwxr-xr-x | lib/keyringer/actions/encrypt | 4 | ||||
-rwxr-xr-x | lib/keyringer/actions/find | 19 | ||||
-rwxr-xr-x | lib/keyringer/actions/genpair | 2 | ||||
-rwxr-xr-x | lib/keyringer/actions/git | 10 | ||||
l--------- | lib/keyringer/actions/help | 1 | ||||
-rwxr-xr-x | lib/keyringer/actions/ls | 2 | ||||
-rwxr-xr-x | lib/keyringer/actions/mkdir | 19 | ||||
-rwxr-xr-x | lib/keyringer/actions/mv | 28 | ||||
-rwxr-xr-x | lib/keyringer/actions/options | 1 | ||||
-rwxr-xr-x | lib/keyringer/actions/preferences | 3 | ||||
-rwxr-xr-x | lib/keyringer/actions/recipients | 1 | ||||
-rwxr-xr-x | lib/keyringer/actions/recrypt | 2 | ||||
-rwxr-xr-x | lib/keyringer/actions/rmdir | 19 | ||||
-rwxr-xr-x | lib/keyringer/actions/shell | 57 | ||||
-rwxr-xr-x | lib/keyringer/actions/teardown | 28 | ||||
-rwxr-xr-x | lib/keyringer/actions/tree | 4 | ||||
-rwxr-xr-x | lib/keyringer/actions/usage | 3 | ||||
-rwxr-xr-x | lib/keyringer/actions/xclip | 59 |
23 files changed, 273 insertions, 9 deletions
diff --git a/lib/keyringer/actions/append b/lib/keyringer/actions/append index e307056..fbb6c1c 100755 --- a/lib/keyringer/actions/append +++ b/lib/keyringer/actions/append @@ -17,4 +17,4 @@ fi # Append content to an existing secret ( keyringer_exec decrypt "$BASEDIR" "$FILE" && cat ) | \ - keyringer_exec encrypt-batch $BASEDIR $FILE + keyringer_exec encrypt-batch "$BASEDIR" "$FILE" diff --git a/lib/keyringer/actions/clip b/lib/keyringer/actions/clip new file mode 120000 index 0000000..8b8c16c --- /dev/null +++ b/lib/keyringer/actions/clip @@ -0,0 +1 @@ +xclip
\ No newline at end of file diff --git a/lib/keyringer/actions/commands b/lib/keyringer/actions/commands index 2605666..cb49c02 100755 --- a/lib/keyringer/actions/commands +++ b/lib/keyringer/actions/commands @@ -7,4 +7,5 @@ LIB="`dirname $0`/../functions" source "$LIB" || exit 1 +# Dispatch keyringer_show_actions diff --git a/lib/keyringer/actions/decrypt b/lib/keyringer/actions/decrypt index 2b1401c..b63b74e 100755 --- a/lib/keyringer/actions/decrypt +++ b/lib/keyringer/actions/decrypt @@ -11,7 +11,7 @@ source "$LIB" || exit 1 keyringer_get_file "$2" # Decrypt -$GPG --quiet --use-agent -d "$KEYDIR/$FILE" +$GPG --use-agent -d "$KEYDIR/$FILE" # Exit exit "$?" diff --git a/lib/keyringer/actions/edit b/lib/keyringer/actions/edit index 9a3e488..03ccdab 100755 --- a/lib/keyringer/actions/edit +++ b/lib/keyringer/actions/edit @@ -24,6 +24,7 @@ keyringer_set_tmpfile $BASENAME.$EXTENSION # Decrypt the information to the file $GPG --yes -o "$TMPWORK" --use-agent -d "$KEYDIR/$FILE" +# Action check if [ "$BASENAME" == "edit" ]; then APP="$EDITOR" elif [ "$BASENAME" == "open" ]; then @@ -43,5 +44,18 @@ $APP "$TMPWORK" # Encrypt again $GPG --yes -o "$KEYDIR/$FILE" --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE") "$TMPWORK" +# Check exit status +errcrypt="$?" + # Remove temp file keyringer_unset_tmpfile "$TMPWORK" + +# Check exit status again +errwipe="$?" + +# Error handling must be done after temp file removal +if [ "$errcrypt" != "0" ]; then + exit "$errcrypt" +elif [ "$errwipe" != "0" ]; then + exit $errwipe +fi diff --git a/lib/keyringer/actions/encrypt b/lib/keyringer/actions/encrypt index 0a40bc1..e9bf453 100755 --- a/lib/keyringer/actions/encrypt +++ b/lib/keyringer/actions/encrypt @@ -106,12 +106,13 @@ else keyringer_encrypt $FILE $UNENCRYPTED_FILE fi +# Check exit status err="$?" - if [ "$err" != "0" ]; then exit "$err" fi +# Wipe information if [ "$UNENCRYPTED_FILE" != "-" ]; then echo "Done. PLEASE WIPE the non-encrypted $UNENCRYPTED_FILE." fi @@ -121,4 +122,5 @@ if [ -d "$BASEDIR/.git" ]; then keyringer_exec git "$BASEDIR" add "keys/$FILE" fi +# Done exit "$?" diff --git a/lib/keyringer/actions/find b/lib/keyringer/actions/find new file mode 100755 index 0000000..21afc7a --- /dev/null +++ b/lib/keyringer/actions/find @@ -0,0 +1,19 @@ +#!/bin/bash +# +# Find secrets. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Aditional parameters +CWD="`pwd`" + +# Avoid leading slash +shift +ARGS="`echo "$*" | sed -e "s|^/*||"`" + +# Run find command +cd "$KEYDIR/$RELATIVE_PATH" && find -iname "*$ARGS*" | sed -e 's|^./||g' +cd "$CWD" diff --git a/lib/keyringer/actions/genpair b/lib/keyringer/actions/genpair index f048bc7..6898b0f 100755 --- a/lib/keyringer/actions/genpair +++ b/lib/keyringer/actions/genpair @@ -184,7 +184,7 @@ source "$LIB" || exit 1 # Aditional parameters KEYTYPE="$2" -FILE="$3" +FILE="$RELATIVE_PATH/$3" NODE="$4" OUTFILE="$5" CWD="`pwd`" diff --git a/lib/keyringer/actions/git b/lib/keyringer/actions/git index 3c4f435..108ccea 100755 --- a/lib/keyringer/actions/git +++ b/lib/keyringer/actions/git @@ -12,5 +12,13 @@ CWD="`pwd`" # Run git command shift -mkdir -p "$BASEDIR" && cd "$BASEDIR" && git $* + +# Set working folder +if [ ! -z "$RELATIVE_PATH" ]; then + WORK="$KEYDIR/$RELATIVE_PATH" +else + WORK="$BASEDIR" +fi + +mkdir -p "$WORK" && cd "$WORK" && git $* cd "$CWD" diff --git a/lib/keyringer/actions/help b/lib/keyringer/actions/help new file mode 120000 index 0000000..ae18295 --- /dev/null +++ b/lib/keyringer/actions/help @@ -0,0 +1 @@ +usage
\ No newline at end of file diff --git a/lib/keyringer/actions/ls b/lib/keyringer/actions/ls index bb66263..93f5f75 100755 --- a/lib/keyringer/actions/ls +++ b/lib/keyringer/actions/ls @@ -15,5 +15,5 @@ shift ARGS="`echo "$*" | sed -e "s|^/*||"`" # Run list command -cd "$KEYDIR" && ls $ARGS +cd "$KEYDIR/$RELATIVE_PATH" && ls $ARGS cd "$CWD" diff --git a/lib/keyringer/actions/mkdir b/lib/keyringer/actions/mkdir new file mode 100755 index 0000000..b31eb0b --- /dev/null +++ b/lib/keyringer/actions/mkdir @@ -0,0 +1,19 @@ +#!/bin/bash +# +# Create folders. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Aditional parameters +CWD="`pwd`" + +# Avoid leading slash +shift +ARGS="`echo "$*" | sed -e "s|^/*||"`" + +# Run mkdir command +cd "$KEYDIR/$RELATIVE_PATH" && mkdir -p $ARGS +cd "$CWD" diff --git a/lib/keyringer/actions/mv b/lib/keyringer/actions/mv new file mode 100755 index 0000000..aaf6772 --- /dev/null +++ b/lib/keyringer/actions/mv @@ -0,0 +1,28 @@ +#!/bin/bash +# +# Move secrets. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Avoid leading slash +ORIG="$(keyringer_filename `echo "$2" | sed -e "s|^/*||"`)" +DEST="`echo "$3" | sed -e "s|^/*||"`" + +# Set destination +if [ ! -d "$KEYDIR/$RELATIVE_PATH/$DEST" ]; then + keyringer_get_new_file $DEST +else + FILE="$DEST" +fi + +# Check if secret exists +if ! echo "$ORIG" | grep -q '*' && [ ! -e "$KEYDIR/$RELATIVE_PATH/$ORIG" ]; then + echo "Secret not found: $ORIG" + exit 1 +fi + +# Run move command +keyringer_exec git "$BASEDIR" mv $ORIG $FILE diff --git a/lib/keyringer/actions/options b/lib/keyringer/actions/options index 8508aea..3bf0e43 100755 --- a/lib/keyringer/actions/options +++ b/lib/keyringer/actions/options @@ -17,6 +17,7 @@ if [ ! -e "$OPTIONS" ]; then keyringer_exec git "$BASEDIR" add config/options fi +# Dispatch if [ "$COMMAND" == "ls" ]; then cat "$OPTIONS" elif [ "$COMMAND" == "edit" ]; then diff --git a/lib/keyringer/actions/preferences b/lib/keyringer/actions/preferences index e82848d..f7507a7 100755 --- a/lib/keyringer/actions/preferences +++ b/lib/keyringer/actions/preferences @@ -7,8 +7,10 @@ LIB="`dirname $0`/../functions" source "$LIB" || exit 1 +# Options COMMAND="$2" +# Syntax check if [ -z "$COMMAND" ]; then echo "Usage: keyringer <keyring> preferences <command> [arguments]" echo "Available commands:" @@ -24,6 +26,7 @@ if [ ! -e "$PREFERENCES" ]; then touch "$PREFERENCES" fi +# Dispatch if [ "$COMMAND" == "ls" ]; then cat "$PREFERENCES" elif [ "$COMMAND" == "edit" ]; then diff --git a/lib/keyringer/actions/recipients b/lib/keyringer/actions/recipients index 7093a6b..4149786 100755 --- a/lib/keyringer/actions/recipients +++ b/lib/keyringer/actions/recipients @@ -13,6 +13,7 @@ keyringer_get_command "$2" # Set recipients file keyringer_set_new_recipients "$3" +# Syntax check and dispatcher if [ "$COMMAND" == "ls" ]; then if [ ! -z "$3" ]; then if [ -e "$RECIPIENTS_FILE" ]; then diff --git a/lib/keyringer/actions/recrypt b/lib/keyringer/actions/recrypt index 014fef7..696399b 100755 --- a/lib/keyringer/actions/recrypt +++ b/lib/keyringer/actions/recrypt @@ -7,6 +7,7 @@ LIB="`dirname $0`/../functions" source "$LIB" || exit 1 +# Recrypt a single secret function keyringer_recrypt { # Get file keyringer_get_file "$1" @@ -34,6 +35,7 @@ function keyringer_recrypt { echo "$recrypted" > "$KEYDIR/$FILE" } +# Syntax check and dispatcher if [ ! -z "$2" ]; then keyringer_recrypt $2 else diff --git a/lib/keyringer/actions/rmdir b/lib/keyringer/actions/rmdir new file mode 100755 index 0000000..398cf11 --- /dev/null +++ b/lib/keyringer/actions/rmdir @@ -0,0 +1,19 @@ +#!/bin/bash +# +# Remove folders. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Aditional parameters +CWD="`pwd`" + +# Avoid leading slash +shift +ARGS="`echo "$*" | sed -e "s|^/*||"`" + +# Run rmdir command +cd "$KEYDIR/$RELATIVE_PATH" && rmdir $ARGS +cd "$CWD" diff --git a/lib/keyringer/actions/shell b/lib/keyringer/actions/shell new file mode 100755 index 0000000..ab170b1 --- /dev/null +++ b/lib/keyringer/actions/shell @@ -0,0 +1,57 @@ +#!/bin/bash +# +# Interactive shell. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Basic parameters +SHELLPATH="/" + +# Show usage +keyringer_usage $KEYRING + +# While a "quit" command isn't entered, read STDIN +while read -rep "keyringer:/${KEYRING}${SHELLPATH}> " STDIN; do + if [ "$STDIN" == "quit" ] || [ "$STDIN" == "exit" ] || [ "$STDIN" == "bye" ]; then + break + elif [ "$STDIN" == "shell" ]; then + echo "Why you need nesting?" + elif [[ "$STDIN" == "cd"* ]]; then + + # Update current path + OLDPATH="$SHELLPATH" + SHELLPATH="`echo $STDIN | sed -e 's/^cd//' | cut -d ' ' -f 2`" + + # Fix current path + if [ "$SHELLPATH" == "/" ] || [ "$SHELLPATH" == "" ]; then + SHELLPATH="/" + elif [[ "$SHELLPATH" == ".."* ]]; then + ARGS="$SHELLPATH" + SHELLPATH="$OLDPATH" + for colons in `echo $ARGS | sed -e 's|/| |g'`; do + SHELLPATH="`dirname $SHELLPATH | sed -e 's|^\.||'`" + done + fi + + # Ensure path is absolute + if echo "$SHELLPATH" | grep -v -q -e "^/"; then + SHELLPATH="/$OLDPATH/$SHELLPATH" + fi + + # Removing multiple slashes + SHELLPATH="`echo $SHELLPATH | sed -e 's/\/\+/\//g'`" + + # Check if path exists + if [ ! -d "$KEYDIR/$SHELLPATH" ]; then + echo "No such folder $SHELLPATH" + SHELLPATH="$OLDPATH" + fi + + elif [[ -n "$STDIN" && "$STDIN" != "#"* ]]; then + # If line is not empty or commented, process command + RELATIVE_PATH="$SHELLPATH" keyringer "$KEYRING" $STDIN + fi +done diff --git a/lib/keyringer/actions/teardown b/lib/keyringer/actions/teardown new file mode 100755 index 0000000..64da740 --- /dev/null +++ b/lib/keyringer/actions/teardown @@ -0,0 +1,28 @@ +#!/bin/bash +# +# Remove a keyring. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Options +CONFIRM="$2" + +# Confirmation +if [ -z "$CONFIRM" ] || [ "$CONFIRM" != "-y" ]; then + echo "WARNING: about to remove the LOCAL copy of $KEYRING" + echo "WARNING: This will irrevocably destroy $KEYDIR" + echo "WARNING: the action cannot be undone!" + + read -rep "Are you sure to WIPE keyring $KEYRING (type YES to confirm)? " key + if [ "$key" != "YES" ]; then + exit 1 + fi +fi + +# Teardown +keyringer_shred `dirname $KEYDIR` +keyringer_shred $HOME/.keyringer/$KEYRING +sed -i -e "/^$KEYRING=/d" $HOME/.keyringer/config diff --git a/lib/keyringer/actions/tree b/lib/keyringer/actions/tree index 8e94cb0..8f9d7cd 100755 --- a/lib/keyringer/actions/tree +++ b/lib/keyringer/actions/tree @@ -1,6 +1,6 @@ #!/bin/bash # -# List keys. +# List keys, tree version. # # Thanks http://www.centerkey.com/tree/ @@ -27,5 +27,5 @@ else fi # Run list command -cd "$KEYDIR" && $TREE $ARGS +cd "$KEYDIR/$RELATIVE_PATH" && $TREE $ARGS cd "$CWD" diff --git a/lib/keyringer/actions/usage b/lib/keyringer/actions/usage index f4ac0fa..2ca7639 100755 --- a/lib/keyringer/actions/usage +++ b/lib/keyringer/actions/usage @@ -7,4 +7,5 @@ LIB="`dirname $0`/../functions" source "$LIB" || exit 1 -keyringer_usage +# Dispatch +keyringer_usage $KEYRING diff --git a/lib/keyringer/actions/xclip b/lib/keyringer/actions/xclip new file mode 100755 index 0000000..b28984f --- /dev/null +++ b/lib/keyringer/actions/xclip @@ -0,0 +1,59 @@ +#!/bin/bash +# +# Decrypt secret header to clipboard. +# + +# Copy contents to clipboard. +# Function thanks to Password Store by Jason A. Donenfeld <Jason@zx2c4.com> +# distributed under GPLv2+: http://www.zx2c4.com/projects/password-store/ +clip() { + # This base64 business is a disgusting hack to deal with newline inconsistancies + # in shell. There must be a better way to deal with this, but because I'm a dolt, + # we're going with this for now. + + before="$(xclip -o -selection clipboard | base64)" + echo -n "$1" | xclip -selection clipboard + ( + sleep 45 + now="$(xclip -o -selection clipboard | base64)" + if [[ $now != $(echo -n "$1" | base64) ]]; then + before="$now" + fi + + # It might be nice to programatically check to see if klipper exists, + # as well as checking for other common clipboard managers. But for now, + # this works fine -- if qdbus isn't there or if klipper isn't running, + # this essentially becomes a no-op. + # + # Clipboard managers frequently write their history out in plaintext, + # so we axe it here: + qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory &>/dev/null + + echo "$before" | base64 -d | xclip -selection clipboard + ) & disown + echo "Copied $2 to clipboard. Will clear in 45 seconds." +} + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Check for xclip +if ! which xclip; then + echo "fatal: xclip not found" + exit 1 +fi + +# Get file +keyringer_get_file "$2" + +# Decrypt +pass="$($GPG --use-agent -d "$KEYDIR/$FILE" | head -n 1)" + +# Copy to clipboard +if [ ! -z "$pass" ]; then + clip "$pass" "$2" +fi + +# Exit +exit "$?" |