[pass] [PATCH] GPG improvements

Matthieu Weber mweber at free.fr
Thu Mar 20 19:35:58 CET 2014


Use gpg2 if available, or fallback to gpg
Use --batch option only if gpg-agent is available (i.e, if GPG_AGENT_INFO is
set)
---
 src/password-store.sh |   24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/src/password-store.sh b/src/password-store.sh
index e080627..3f5cd1d 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -8,7 +8,11 @@ umask 077
 PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
 ID="$PREFIX/.gpg-id"
 GIT_DIR="${PASSWORD_STORE_GIT:-$PREFIX}/.git"
-GPG_OPTS="--quiet --yes --batch"
+GPG=gpg
+[[ -n `which gpg2` ]] && GPG=gpg2
+GPG_OPTS="--quiet --yes"
+[[ -n "$GPG_AGENT_INFO" ]] && GPG_OPTS="$GPG_OPTS --batch"
+X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"
 
 export GIT_DIR
 export GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"
@@ -159,7 +163,7 @@ case "$command" in
 
 		if [[ $reencrypt -eq 1 ]]; then
 			find "$PREFIX" -iname '*.gpg' | while read passfile; do
-				gpg2 -d $GPG_OPTS "$passfile" | gpg2 -e -r "$gpg_id" -o "$passfile.new" $GPG_OPTS &&
+				$GPG -d $GPG_OPTS "$passfile" | $GPG -e -r "$gpg_id" -o "$passfile.new" $GPG_OPTS &&
 				mv -v "$passfile.new" "$passfile"
 			done
 			git_add_file "$PREFIX" "Reencrypted entire store using new GPG id $gpg_id."
@@ -210,9 +214,9 @@ case "$command" in
 		passfile="$PREFIX/$path.gpg"
 		if [[ -f $passfile ]]; then
 			if [[ $clip -eq 0 ]]; then
-				exec gpg2 -d $GPG_OPTS "$passfile"
+				exec $GPG -d $GPG_OPTS "$passfile"
 			else
-				pass="$(gpg2 -d $GPG_OPTS "$passfile" | head -n 1)"
+				pass="$($GPG -d $GPG_OPTS "$passfile" | head -n 1)"
 				[[ -n $pass ]] || exit 1
 				clip "$pass" "$path"
 			fi
@@ -257,7 +261,7 @@ case "$command" in
 		if [[ $multiline -eq 1 ]]; then
 			echo "Enter contents of $path and press Ctrl+D when finished:"
 			echo
-			gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS
+			$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
 		elif [[ $noecho -eq 1 ]]; then
 			while true; do
 				read -r -p "Enter password for $path: " -s password
@@ -265,7 +269,7 @@ case "$command" in
 				read -r -p "Retype password for $path: " -s password_again
 				echo
 				if [[ $password == "$password_again" ]]; then
-					gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+					$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
 					break
 				else
 					echo "Error: the entered passwords do not match."
@@ -273,7 +277,7 @@ case "$command" in
 			done
 		else
 			read -r -p "Enter password for $path: " -e password
-			gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+			$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
 		fi
 		git_add_file "$passfile" "Added given password for $path to store."
 		;;
@@ -295,11 +299,11 @@ case "$command" in
 
 		action="Added"
 		if [[ -f $passfile ]]; then
-			gpg2 -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+			$GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
 			action="Edited"
 		fi
 		${EDITOR:-vi} "$tmp_file"
-		while ! gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+		while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
 			echo "GPG encryption failed. Retrying."
 			sleep 1
 		done
@@ -337,7 +341,7 @@ case "$command" in
 
 		pass="$(pwgen -s $symbols $length 1)"
 		[[ -n $pass ]] || exit 1
-		gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+		$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
 		git_add_file "$passfile" "Added generated password for $path to store."
 		
 		if [[ $clip -eq 0 ]]; then
-- 
1.7.10.4



More information about the Password-Store mailing list