102 lines
3.1 KiB
Bash
Executable file
102 lines
3.1 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
[[ -z "${RBW_PROFILE}" ]] && rbw_profile='rbw' || rbw_profile="rbw-${RBW_PROFILE}"
|
|
|
|
set -eEuo pipefail
|
|
|
|
function help() {
|
|
cat <<EOHELP
|
|
Use this script as pinentry to store master password for rbw into your keyring
|
|
|
|
Usage
|
|
- run "rbw-pinentry-keyring clear" to clear the master password from your keyring
|
|
- add "rbw-pinentry-keyring" as "pinentry" in rbw config (${XDG_CONFIG_HOME}/rbw/config.json)
|
|
- use rbw as normal
|
|
Notes
|
|
- needs "secret-tool" to access keyring
|
|
- setup tested with pinentry-gnome3, but you can run the "secret-tool store"-command manually as well
|
|
- master passwords are stored into the keyring as plaintext, so secure your keyring appropriately
|
|
- supports multiple profiles, simply set RBW_PROFILE during setup
|
|
- can easily be rewritten to use other backends than keyring by setting the "secret_value"-variable
|
|
EOHELP
|
|
}
|
|
|
|
function clear() {
|
|
secret-tool clear application rbw profile "$rbw_profile" type master_password
|
|
}
|
|
|
|
function getpin() {
|
|
echo 'OK'
|
|
|
|
title=""
|
|
prompt=""
|
|
desc=""
|
|
|
|
while IFS=' ' read -r command args ; do
|
|
case "$command" in
|
|
SETTITLE)
|
|
title="$args"
|
|
echo 'OK'
|
|
;;
|
|
SETDESC)
|
|
desc="$args"
|
|
echo 'OK'
|
|
;;
|
|
SETPROMPT)
|
|
prompt="$args"
|
|
echo 'OK'
|
|
;;
|
|
GETPIN)
|
|
if [[ "$prompt" == "Master Password" ]]; then
|
|
set +e
|
|
secret_value="$(secret-tool lookup application rbw profile "$rbw_profile" type master_password)"
|
|
err=$?
|
|
set -e
|
|
|
|
if [[ $err == 1 ]]; then
|
|
cmd="SETTITLE rbw\n"
|
|
cmd+="SETPROMPT Master Password\n"
|
|
cmd+="SETDESC Please enter the master password for '$rbw_profile'\n"
|
|
cmd+="GETPIN\n"
|
|
secret_value="$(printf "$cmd" | pinentry | grep -E "^D " | cut -c3-)"
|
|
if [ -n "$secret_value" ]; then
|
|
echo -n "$secret_value" | secret-tool store --label="$rbw_profile master password" application rbw profile "$rbw_profile" type master_password >/dev/null 2>&1
|
|
fi
|
|
fi
|
|
|
|
printf 'D %s\n' "$secret_value"
|
|
echo 'OK'
|
|
else
|
|
cmd="SETTITLE $title\n"
|
|
cmd+="SETPROMPT $prompt\n"
|
|
cmd+="SETDESC $desc\n"
|
|
cmd+="GETPIN\n"
|
|
|
|
secret_value="$(printf "$cmd" | pinentry | grep -E "^D " | cut -c3-)"
|
|
|
|
printf 'D %s\n' "$secret_value"
|
|
echo 'OK'
|
|
fi
|
|
;;
|
|
BYE)
|
|
exit
|
|
;;
|
|
*)
|
|
echo 'ERR Unknown command'
|
|
;;
|
|
esac
|
|
done
|
|
}
|
|
|
|
command="$1"
|
|
case "$command" in
|
|
-h|--help|help)
|
|
help
|
|
;;
|
|
-c|--clear|clear)
|
|
clear
|
|
;;
|
|
*)
|
|
getpin
|
|
;;
|
|
esac
|