├── LICENSE ├── README.md └── file.bash /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Lukas Kropatschek 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # pass file 2 | `pass file` is a extension for adding arbitary files to the [pass](https://www.passwordstore.org/) password store. Files will be encoded using `base64` before encryption. This extension is inspired by [gopass](https://github.com/justwatchcom/gopass)' `binary` function to which it is also compatible. Files stored with `gopass binary` can be retrieved with `pass file` and vice versa. 3 | 4 | ## Usage 5 | ``` 6 | Usage: pass file action pass-name [path] 7 | Actions: 8 | store|add|attach: add new file to password store 9 | retrieve|show|cat: retrieve file from password store and print it to stdout 10 | edit|vi: edit a file (warning: unencrypted file will be opened with $EDITOR) 11 | ``` 12 | 13 | ## Examples 14 | Storing a PNG picture and retrieving it. 15 | ``` 16 | pass file store pics/secretpic mypicture.png 17 | pass file retrieve pics/secretpic > retrieved-picture.png 18 | ``` 19 | Alternativley you can also use shortcuts for `attach` and `retrieve`: 20 | ``` 21 | pass file add article my_super_secret_revelations.txt 22 | pass file cat article 23 | ``` 24 | Use `edit` to edit a file: 25 | ``` 26 | pass file edit article 27 | ``` 28 | ## Installation 29 | See [here](https://www.passwordstore.org/#extensions) for details. There is also information on how to install extensions in the `pass` man page. 30 | -------------------------------------------------------------------------------- /file.bash: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | print_usage() { 4 | echo "Usage: $PROGRAM file action pass-name [path]" 5 | echo "Actions:" 6 | echo " store|add|attach: add new file to password store" 7 | echo " retrieve|show|cat: retrieve file from password store and print it to stdout" 8 | echo " edit|vi: edit a file (warning: unencrypted file will be opened with \$EDITOR)" 9 | exit 0 10 | } 11 | 12 | cmd_store() { 13 | local path="$1" 14 | local file="$2" 15 | 16 | if [[ ${path: -4} != ".b64" ]]; then 17 | path="${path}.b64" 18 | fi 19 | 20 | local passfile="$PREFIX/$path.gpg" 21 | 22 | cd $OLDPWD # fix for relative paths 23 | case "$file" in 24 | /*) local file_abs_path="$file";; 25 | *) local file_abs_path="$OLDPWD/$file";; 26 | esac 27 | 28 | check_sneaky_paths "$1" 29 | set_git "$passfile" 30 | 31 | if [[ -z $path || -z "$file_abs_path" ]]; then 32 | print_usage 33 | elif [[ ! -f "$file_abs_path" ]]; then 34 | die "Error: $file does not exist." 35 | fi 36 | 37 | if [[ -f $passfile ]] && [[ "$PASS_FILE_FORCE_OVERWRITE" != "true" ]]; then 38 | read -r -p "A file with this name already exists in the store. Do you want to overwrite it? [y/N] " response 39 | if [[ $response != [yY] ]]; then 40 | exit 0; 41 | fi 42 | fi 43 | 44 | mkdir -p "$(dirname "$passfile")" 45 | 46 | set_gpg_recipients "$(dirname "$path")" 47 | 48 | base64 $file_abs_path | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" 49 | 50 | git_add_file $passfile "Store arbitary file for $path to store." 51 | } 52 | 53 | cmd_retrieve() { 54 | local path="$1" 55 | 56 | if [[ ${path: -4} != ".b64" ]]; then 57 | path="${path}.b64" 58 | fi 59 | 60 | local passfile="$PREFIX/$path.gpg" 61 | 62 | if [[ -z $path ]]; then 63 | print_usage 64 | else 65 | check_sneaky_paths "$path" 66 | $GPG -d "${GPG_OPTS[@]}" "$passfile" | base64 -d || exit $? 67 | fi 68 | } 69 | 70 | cmd_edit() { 71 | local path="$1" 72 | 73 | if [[ -z $path ]]; then 74 | print_usage 75 | fi 76 | 77 | if [[ ${path: -4} != ".b64" ]]; then 78 | path="${path}.b64" 79 | fi 80 | 81 | local passfile="$PREFIX/$path.gpg" 82 | 83 | if [[ -z $EDITOR ]]; then 84 | echo "\$EDITOR not set, don't know how to open file." 85 | exit 1 86 | else 87 | local tmpfile=$(mktemp) 88 | local newfile=0 89 | chmod 0600 $tmpfile 90 | 91 | if [[ -f $passfile ]]; then 92 | cmd_retrieve $path > $tmpfile 93 | if [[ $? -ne 0 ]]; then 94 | rm $tmpfile 95 | exit 1 96 | fi 97 | else 98 | echo "File does not exist, creating new file..." 99 | sleep 3 100 | fi 101 | 102 | $EDITOR $tmpfile 103 | if [[ $? -ne 0 ]]; then 104 | rm $tmpfile 105 | exit 1 106 | fi 107 | 108 | PASS_FILE_FORCE_OVERWRITE="true" cmd_store $path $tmpfile 109 | if [[ $? -ne 0 ]]; then 110 | echo "Could not save file, please check yourself." 111 | echo "Tempfile: ${tmpfile}" 112 | exit 1 113 | fi 114 | 115 | rm $tmpfile 116 | fi 117 | } 118 | 119 | case $1 in 120 | store|add|attach) 121 | shift && cmd_store "$@" 122 | ;; 123 | retrieve|show|cat) 124 | shift && cmd_retrieve "$@" 125 | ;; 126 | edit|vi) 127 | shift && cmd_edit "$@" 128 | ;; 129 | *) 130 | print_usage 131 | ;; 132 | esac 133 | --------------------------------------------------------------------------------