-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgpgvim
executable file
·45 lines (44 loc) · 1.27 KB
/
gpgvim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#!/bin/bash
set -e
set -o pipefail
FPATH=$1
if [ "${FPATH: -4}" != '.gpg' ];then
echo 'Expected .gpg extension'
exit 1
fi
# readlink -f canonicalizes the path, resolving all symlinks
if uname | grep -q 'Darwin'; then
if ! hash greadlink ; then
echo 'Please install coreutils from homebrew or similar'
echo 'to provide greadlink (GNU readlink)'
exit 1
fi
SOURCE=$(greadlink -f ${BASH_SOURCE})
READLINK_TOOL=greadlink
else
# assume Linux with GNU readlink
SOURCE=$(readlink -f ${BASH_SOURCE})
READLINK_TOOL=readlink
fi
if ! hash vipe ; then
echo 'Please install moreutils from homebrew or dnf/yum'
echo 'to provide vipe'
exit 1
fi
if mountpoint -q /dev/shm ; then
# safer tmpdir for vipe
export TMPDIR=/dev/shm
fi
BASEDIR=$(dirname ${SOURCE})
export EDITOR=${EDITOR:-vim -n}
KEYFILE=${KEYFILE:-${BASEDIR/keys/ops.key}}
#
# vipe uses TMPDIR and cleans up after itself. On modern Linux and OS X, TMPDIR is a ramdisk.
#
# We use AES256 for compat with EncryptPad
(gpg2 -q --decrypt ${KEYFILE} | gpg2 -q --passphrase-fd 0 --batch --decrypt ${FPATH} ) \
| vipe \
| gpg2 -q --passphrase-fd 3 --batch -c --cipher-algo AES256 3< <(gpg2 -q --decrypt ${KEYFILE} ) \
> $FPATH.new
test -e $FPATH.new
mv -f $FPATH.new $1