m-chrzan.xyz
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2012-09-21 03:32:09 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2012-09-21 03:32:09 +0200
commit93c025c69aac8867916bbd0f5813765fac7d852b (patch)
tree2cee4ec373e4f6b178798f751dde05d6db43e44e /src
parent74e4ea941bb61d9e830ae9d2a7cfe690c2df34f0 (diff)
Add option to init to reencrypt all passwords.
Reported-by: Simon KP <si@eskp.net>
Diffstat (limited to 'src')
-rwxr-xr-xsrc/password-store.sh24
1 files changed, 22 insertions, 2 deletions
diff --git a/src/password-store.sh b/src/password-store.sh
index 9923907..f137f55 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -30,8 +30,9 @@ usage() {
cat <<_EOF
Usage:
- $program init gpg-id
+ $program init [--reencrypt,-e] gpg-id
Initialize new password storage and use gpg-id for encryption.
+ Optionally reencrypt existing passwords using new gpg-id.
$program [ls] [subfolder]
List passwords.
$program [show] [--clip,-c] pass-name
@@ -134,15 +135,34 @@ fi
case "$command" in
init)
+ reencrypt=0
+
+ opts="$($GETOPT -o e -l reencrypt -n "$program" -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+ -e|--reencrypt) reencrypt=1; shift ;;
+ --) shift; break ;;
+ esac done
+
if [[ $# -ne 1 ]]; then
- echo "Usage: $program $command gpg-id"
+ echo "Usage: $program $command [--reencrypt,-e] gpg-id"
exit 1
fi
+
gpg_id="$1"
mkdir -v -p "$PREFIX"
echo "$gpg_id" > "$ID"
echo "Password store initialized for $gpg_id."
git_add_file "$ID" "Set GPG id to $gpg_id."
+
+ if [[ $reencrypt -eq 1 ]]; then
+ find "$PREFIX" -iname '*.gpg' | while read passfile; do
+ $GPG -d $GPG_OPTS "$passfile" | $GPG -e -r "$gpg_id" -o "$passfile.new" $GPG_OPTS &&
+ mv -v "$passfile.new" "$passfile"
+ done
+ git_add_file "$PREFIX" "Reencrypted entire store using new GPG id $gpg_id."
+ fi
exit 0
;;
help|--help)