Home Explore Help
Sign In
azra
/
dotfiles
mirror of https://gitlab.com/azrazalea/dotfiles.git
Watch 1
Star 0
Fork 0
Code Issues 0 Commits 39 Releases 0

My various dotfiles

Tree: 84ba29d3e2
Branches Tags
dotfiles
/
gpg-sqlite.sh

gpg-sqlite.sh 2.2KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. #!/bin/sh
    2. 

  2. # Wrapper for shell editing of GnuPG-encrypted SQLite databases.
    3. 

  3. #
    4. 

  4. # Copyright © 2010-2011 Paul Natsuo Kishimoto <mail@paul.kishimoto.name>
    5. 

  5. # Made available under the GPLv3 (http://www.gnu.org/licenses/gpl-3.0.html)
    6. 

  6. #
    7. 

  7. # Usage: gpg-sqlite FILE [RECIPIENT]
    8. 

  8. #
    9. 

  9. # gpg-sqlite allows a user to edit a SQLite 3 database encrypted with GnuPG. The
    10. 

  10. # following steps are taken:
    11. 

  11. #
    12. 

  12. # 1. A temporary copy is made of the file to be edited with the owner set to
    13. 

  13. #    the invoking user.
    14. 

  14. # 2. The SQLirte 3 command-line interface sqlite3(1) is run to edit the
    15. 

  15. #    temporary file.
    16. 

  16. # 3. Whether or not it has been modified, the temporary file is re-encrypted
    17. 

  17. #    with GnuPG and returned to its original location and the temporary file is
    18. 

  18. #    removed.
    19. 

  19. #
    20. 

  20. 

  21. cleanup () {
    22. 

  22.   # shred and remove the temporary, unencrypted file
    23. 

  23.   shred -u "$TEMPDIR/$BN.$$"
    24. 

  24.   # remove the temporary output; probably don't need to shred, as it's encrypted
    25. 

  25.   rm -f "$TEMPDIR/$BN"
    26. 

  26. }
    27. 

  27. 

  28. # First and only argument is (or should be) the file to edit.
    29. 

  29. FILE=$1
    30. 

  30. if [ "$FILE" = "" ]; then
    31. 

  31.     echo "Usage: $(basename $0) filename"
    32. 

  32.     exit 1
    33. 

  33. fi
    34. 

  34. if [ "$2" = "" ]; then
    35. 

  35.   # encrypt to self to avoid tedious passphrase retyping
    36. 

  36.   ENCRYPT_FLAGS="-e --default-recipient-self"
    37. 

  37.   # comment out the above and uncomment the following to specify per-file
    38. 

  38.   # passphrases:
    39. 

  39.   #ENCRYPT_FLAGS="-c"
    40. 

  40. else
    41. 

  41.   ENCRYPT_FLAGS="-e -r $2"
    42. 

  42. fi
    43. 

  43. 

  44. # use a temporary directory in the user's home directory, instead of in /tmp or
    45. 

  45. # /var/tmp
    46. 

  46. TEMPDIR=~/.cache/gpg-sqlite
    47. 

  47. umask 077
    48. 

  48. mkdir -p $TEMPDIR || exit 1
    49. 

  49. 

  50. # strip directories for temporary file names
    51. 

  51. BN=`basename $FILE`
    52. 

  52. # if the file exists, try to decrypt it
    53. 

  53. if [ -e "$FILE" ]; then
    54. 

  54.   while ! gpg <"$FILE" >"$TEMPDIR/$BN.$$"; do
    55. 

  55.     echo "Uh"
    56. 

  56.   done
    57. 

  57. else
    58. 

  58.   # otherwise assume we're creating a new (empty) file
    59. 

  59.   touch "$TEMPDIR/$BN.$$"
    60. 

  60. fi
    61. 

  61. 

  62. # edit the unencrypted data
    63. 

  63. if sqlite3 "$TEMPDIR/$BN.$$" .tables >/dev/null 2>&1 ; then
    64. 

  64.   # file actually contains a sqlite database!
    65. 

  65.   sqlite3 "$TEMPDIR/$BN.$$"
    66. 

  66. else
    67. 

  67.   echo "$(basename $0): $FILE does not contain a sqlite3 database."
    68. 

  68.   cleanup
    69. 

  69.   exit 1
    70. 

  70. fi
    71. 

  71. 

  72. # if the file was modified, re-encrypt and overwrite the original
    73. 

  73. while ! gpg $ENCRYPT_FLAGS -a <"$TEMPDIR/$BN.$$" >"$TEMPDIR/$BN"; do
    74. 

  74.   echo "Uh, please try again..."
    75. 

  75. done
    76. 

  76. cat "$TEMPDIR/$BN" >"$FILE"
    77. 

  77. cleanup
    78. 

  78.