clortho.sh (1202B)
1 #!/bin/bash 2 3 # this is a very unsafe prototype. use with care. 4 5 mode="get" 6 kp=$1 7 vp= 8 9 if [ -z "$kp" ]; then 10 >&2 echo "usage: clortho <key> [value]" 11 exit 1; 12 fi 13 14 if [ ! -z "$2" ]; then 15 mode="set" 16 vp=$2 17 fi 18 19 20 set -e 21 cryptbin=$(which ccrypt) 22 data_dir=${CLORTHO_DATADIR:-~/.local/share/clortho} 23 data_dir=$(realpath $data_dir) 24 mkdir -vp $data_dir 25 set +e 26 27 passfile=${CLORTHO_KEYFILE} 28 if [ -z "$passfile" ]; then 29 passfile="$HOME/.clortho" 30 fi 31 32 if [ -f "$passfile" ]; then 33 read passphrase < "$passfile" 34 else 35 stty -echo 36 echo -n "passphrase: " 37 read passphrase 38 stty echo 39 echo 40 fi 41 42 43 t=$(mktemp) 44 45 hash_key() { 46 ktt=$(mktemp) 47 kt=$(mktemp) 48 chmod 200 $kt 49 echo $passphrase > $kt 50 chmod 600 $kt 51 kc=$(sha512sum $kt | awk '{print $1;}' > $ktt) 52 shred $kt 53 echo $kp >> $ktt 54 kc=$(sha512sum $ktt | awk '{print $1;}') 55 } 56 57 do_set_ccrypt() { 58 echo -n "$vp" > $t 59 ccrypt -k $passfile $t 60 if [ "$?" -gt "0" ]; then 61 >&2 echo set key fail 62 exit 1 63 fi 64 hash_key 65 cp $t.cpt $data_dir/$kc 66 shred $t.cpt 67 } 68 69 do_get_ccrypt() { 70 hash_key 71 cp $data_dir/$kc $t 72 if [ "$?" -gt "0" ]; then 73 exit 1; 74 fi 75 ccrypt -d -k $passfile $t 76 if [ "$?" -gt "0" ]; then 77 exit 1; 78 fi 79 cat $t 80 shred $t 81 } 82 83 do_${mode}_$(basename ${cryptbin})