-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathgpgsharedpass.sh
executable file
·144 lines (142 loc) · 4.96 KB
/
gpgsharedpass.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#!/bin/bash
if [ "$(uname)" == "Darwin" ]; then
SHRED=srm
elif [ "$(expr substr $(uname -s) 1 5)" == "Linux" ]; then
SHRED=shred
fi
while test $# -gt 0; do
case "$1" in
--list)
if [ $# -gt 1 ]
then
gpg --status-fd 1 --list-only -vv $2
gpg --verify ${2%.*}.sig $2
else
echo "Error: --list <myfile.gpg>"
fi
break
;;
--scan)
if [ $# -gt 1 ]
then
find $2 -path ./.git -prune -o ! -name '*.gpg' ! -name '*.sig' -type f -print
else
echo "Error: --scan <dir>"
fi
break
;;
--summary)
if [ $# -gt 1 ]
then
find . -type file -name '*.gpg' -print > .files.tmp
while read line
do
echo $line
gpg --list-only -vv $line
gpg --verify ${line%.*}.sig $line
echo ""
done < .files.tmp
$SHRED .files.tmp
else
echo "Error: --summary <dir>"
fi
break
;;
--add-file)
if [ $# -gt 2 ]
then
gpg -r $2 --encrypt $3
gpg --output $3.sig -u $2 --detach-sign $3.gpg
git add $3.gpg $3.sig
git commit
$SHRED $3
else
echo "Error: --add-file <[email protected]> <myfile>"
fi
break
;;
--cat)
if [ $# -gt 1 ]
then
gpg --verify ${2%.*}.sig $2
gpg --decrypt $2
else
echo "Error: --cat <myfile.gpg>"
fi
break
;;
--add-key)
if [ $# -gt 3 ]
then
gpg --verify ${4%.*}.sig $3
gpg --list-only -vv $4 2>> .list.tmp
sed -n 's/.*public key is \(.*\).*/\1/p' .list.tmp > .keys.tmp
echo $2 >> .keys.tmp
$SHRED ${4%.*}.sig .list.tmp
RECPT=""
while read line
do
RECPT="$RECPT -r $line"
done < .keys.tmp
gpg --decrypt $4 > ${4%.*}
gpg `echo $RECPT` --encrypt ${4%.*}
gpg --output ${4%.*}.sig -u $3 --detach-sign $4
$SHRED .keys.tmp
git add ${4%.*}.sig $4
git commit
$SHRED ${4%.*}
else
echo "Error: --add-key <[email protected]> <[email protected]> <myfile.gpg>"
fi
break
;;
--decrypt)
if [ $# -gt 2 ]
then
gpg --verify ${3%.*}.sig $3
gpg --list-only -vv $3 2>> .list.tmp
sed -n 's/.*public key is \(.*\).*/\1/p' .list.tmp > .keys.tmp
$SHRED .list.tmp
RECPT=""
while read line
do
RECPT="$RECPT -r $line"
done < .keys.tmp
gpg --decrypt $3 > ${3%.*}
shasum ${3%.*} > .shasum.tmp
echo "The file has been decrypted"
echo "Press [Enter] to encrypt it again and delete the decrypted file"
echo "A new signature and a new commit will be done if the file has changed"
# stop
read -p ""
shasum ${3%.*} > .shasum.new.tmp
if [ "`cmp ".shasum.new.tmp" ".shasum.tmp"`" != "" ]
then
gpg `echo $RECPT` --encrypt ${3%.*}
$SHRED ${3%.*}.sig
gpg --output ${3%.*}.sig -u $2 --detach-sign $3
$SHRED .keys.tmp
git add ${3%.*}.sig $3
git commit
fi
$SHRED ${3%.*} .shasum.tmp .shasum.new.tmp
else
echo "Error: --decrypt <[email protected]> <mysecretfile.gpg>"
fi
break;;
*)
echo "GPG Shared Password Manager"
echo "Anthony Verez (netantho) <[email protected]>"
echo " "
echo "-h, --help Show brief help"
echo "--summary <dir> Who has access to which file and last edited them"
echo "--list <myfile.gpg> List security information about an encrypted file including permissions"
echo "--cat <myfile.gpg> Display the content of an encrypted file"
echo "--decrypt <[email protected]> <myfile.gpg> Decrypt an encrypted file, wait for the user when they're finished and re-encrypt if the file was modified"
echo "--add-file <[email protected]> <myfile> Encrypt a file and add it to the repo"
echo "--add-key <[email protected]> <[email protected]> <myfile.gpg> Reencrypt a file adding a new recipient"
echo "--scan <dir> Scan a directory for non .sig or .gpg files"
exit 0
;;
esac
done