dotfiles

Dotfiles for my OpenBSD environment.
git clone https://git.mtkn.jp/dotfiles
Log | Files | Refs

pass (2899B)

      1 #!/bin/sh
      2 basedir="$HOME/passwords"
      3 private_key="$HOME/rsa/key"
      4 public_key="$HOME/rsa/key.pub"
      5 
      6 if command libressl-openssl 2>/dev/null; then
      7   alias openssl=libressl-openssl
      8 fi
      9 
     10 fail() { echo "$1"; exit 1; }
     11 should_exist() { if [ ! -f "$1" ]; then fail "Can't find $1."; fi; }
     12 should_not_exist() { if [ -f "$1" ]; then fail "$1 already exists."; fi; }
     13 should_be_dir() { if [ ! -d "$1" ]; then fail "$1 is not a directory."; fi; }
     14 should_be_defined() { if [ ! "$1" ]; then fail "$2 should be defined."; fi; }
     15 
     16 keygen() {
     17   should_not_exist "$private_key"
     18   should_be_dir "$(dirname "$private_key")"
     19   should_not_exist "$public_key"
     20   should_be_dir "$(dirname "$public_key")"
     21 
     22   printf 'New pass phrase: '; stty -echo; read -r pass; stty echo; printf '\n'
     23   if [ ! "$pass" ]; then fail 'The pass phrase cannot be empty.'; fi
     24   printf 'Confirm: '; stty -echo; read -r pass_confirm; stty echo; printf '\n'
     25 
     26   if [ "$pass" = "$pass_confirm" ]; then
     27     openssl genrsa 2048 |
     28       openssl pkcs8 -topk8 -inform pem -outform pem -out "$private_key" -v2 aes256 -passout "pass:$pass"
     29     chmod 0400 "$private_key"
     30     openssl rsa -in "$private_key" -out "$public_key" -outform pem -pubout -passin "pass:$pass"
     31     chmod 0600 "$public_key"
     32   else
     33     fail 'Pass phrase mismatch.'
     34   fi
     35 }
     36 
     37 encrypt(){
     38   enc_file="$1"
     39   data="$2"
     40   should_be_defined "$enc_file" "Target file path"
     41   should_be_defined "$data" "Input data"
     42   file_dir="$(dirname "$enc_file")"
     43   mkdir -p "$file_dir"; chmod 0700 "$file_dir"
     44   should_be_dir "$file_dir"
     45   should_exist "$public_key" 
     46   should_not_exist "$enc_file"
     47   
     48    
     49   echo "$data" |
     50     openssl rsautl -encrypt -pubin -inkey "$public_key" -out "$enc_file" 
     51   chmod 0600 "$enc_file"
     52 }
     53 
     54 decrypt(){
     55   enc_file="$basedir/$1"
     56   if [ "$2" ]; then pass="$2"; fi
     57   should_be_defined "$enc_file" "Target file path"
     58   should_exist "$private_key"
     59   should_exist "$enc_file"
     60 
     61   if [ "$pass" ]; then
     62     openssl rsautl -decrypt -inkey "$private_key" -in "$enc_file" -passin "pass:$pass"
     63   else
     64     openssl rsautl -decrypt -inkey "$private_key" -in "$enc_file"
     65   fi
     66 }
     67 
     68 if [ "$2" ]; then ID="$2"; fi
     69 if [ "$3" ]; then pass="$3"; fi
     70 
     71 case "$1" in
     72 init)
     73   mkdir -p "$basedir"; chmod 0700 "$basedir"
     74   keygen
     75   ;;
     76 export)
     77   should_be_defined "$ID" "ID"
     78   decrypt "$ID" "$pass"
     79   ;;
     80 add)
     81   printf "site: " >&2
     82   read site
     83   printf "url: " >&2
     84   read url
     85   printf "user: " >&2
     86   read user
     87   printf "pass: " >&2
     88   stty -echo; read pass; stty echo; printf '\n'
     89   target="$basedir/$site/$user"
     90   data=$(printf "$url\n$pass")
     91   encrypt "$target" "$data"
     92   ;;
     93 ls)
     94   cd "$basedir"
     95   find . -type f ! -name *.key* | cut -f2,3 -d'/' | sort
     96   ;;
     97 dmenu)
     98   ID=$("$0" ls | dmenu -l 5)
     99   if [ -n "$ID" ] && should_exist "$basedir/$ID" ; then
    100     pass=$(dmenu -P -p "Password:")
    101     xdotool type $("$0" export "$ID" "$pass" | tail -n1)
    102   fi
    103   ;;
    104 *)
    105   echo 'usage: '"$0"' [init|add|export|ls|dmenu]' 
    106   ;;
    107 esac