#!/bin/sh set -e sanitize() { s="${1#"${1%%[![:space:]]*}"}" s="${s%"${s##*[![:space:]]}"}" if [ "${#s}" -eq 0 ] then notify 'Invalid Input' 'Empty strings do not constitute valid input' exit 1 fi } usage() { cat <<-EOF >&2 Usage: ${0##*/} add [-c] ${0##*/} edit [-c] ${0##*/} get ${0##*/} rm [-c] EOF exit 1 } xecho() { printf '%s' "$@" } notify() { if [ -t 2 ] then printf "%s: %s\n" "${0##*/}" "$2" >&2 else notify-send -a "${0##*/}" "$1" "$2." fi } prompt() { if [ -t 2 ] then printf '%s ' "$1" read -r s else s="`zenity --title=zenity --entry --text="$1"`" fi sanitize "$s" } xprompt() { if [ -t 2 ] then printf '%s ' "$1" stty -echo trap 'stty echo' INT read -r s stty echo trap - INT echo else s="`zenity --title=zenity --password --text="$1"`" fi sanitize "$s" } add() { shift while getopts 'c' opt do case $opt in c) add_c exit 0 ;; *) usage ;; esac done readonly data="`enchive extract <"$VAULT"`" c="`xecho "$data" | jq -r 'keys | .[]' | osel`" prompt 'Password name:' n="$s" xecho "$data" \ | jq -e --arg c "$c" --arg n "$n" '.[$c] | has($n) | not' >/dev/null || { notify 'Failed To Add Password' "The password ‘$n’ already exists" exit 1 } if [ "$VAULT_2FA" = "$c" ] then xprompt 'Secret key:'; k="$s" prompt 'Digits:'; d="$s" prompt 'Period:' xecho "$data" \ | jq --arg c "$c" \ --arg n "$n" \ --arg s "$k" \ --arg d "$d" \ --arg p "$s" \ '.[$c] += {($n): { "secret": $s, "digits": ($d | tonumber), "period": ($p | tonumber) }}' \ | enchive archive >"$VAULT" [ ! -t 2 ] && notify '2FA Key Added' \ "The 2FA key ‘$n’ was added with the digit length ‘$d’ and period ‘$p’" else xprompt 'Password:' xecho "$data" \ | jq --arg c "$c" --arg n "$n" --arg s "$s" '.[$c] += {($n): $s}' \ | enchive archive >"$VAULT" [ ! -t 2 ] && notify 'Password Added' \ "The password ‘$n’ was added to the category ‘$c’" fi } add_c() { readonly data="`enchive extract <"$VAULT"`" prompt 'Category to create:' xecho "$data" | jq -e --arg s "$s" 'has($s) | not' >/dev/null || { notify 'Failed To Create Category' "The category ‘$s’ already exists" exit 1 } xecho "$data" \ | jq --arg s "$s" '. + {($s): {}}' \ | enchive archive >"$VAULT" [ ! -t 2 ] && \ notify 'Category Created' "The password category ‘$s’ was created" } get() { readonly data="`enchive extract <"$VAULT"`" c="`xecho "$data" | jq -r 'keys | .[]' | osel`" o="`xecho "$data" | jq -r --arg c "$c" '.[$c] | keys | .[]' | osel`" xecho "$data" | if [ "$VAULT_2FA" = "$c" ] then eval "`jq -r --arg c "$c" --arg o "$o" ' .[$c] | .[$o] | "totp -d" + (.digits | tostring) + " -p" + (.period | tostring) + " " + .secret '`" \ | wl-copy -no \ && [ ! -t 2 ] \ && notify '2FA Code Copied To The Clipboard' \ "The 2FA code for ‘$o’ was copied to the clipboard" else jq -r --arg c "$c" --arg o "$o" '.[$c] | .[$o]' \ | wl-copy -no \ && [ ! -t 2 ] \ && notify 'Password Copied To The Clipboard' \ "The password for ‘$o’ was copied to the clipboard" fi } rm_() { shift while getopts 'c' opt do case $opt in c) rm_c exit 0 ;; *) usage ;; esac done readonly data="`enchive extract <"$VAULT"`" c="`xecho "$data" | jq -r 'keys | .[]' | osel`" n="`xecho "$data" | jq -r --arg c "$c" '.[$c] | keys | .[]' | osel`" xecho "$data" \ | jq --arg c "$c" --arg n "$n" 'del(.[$c] | .[$n])' \ | enchive archive >"$VAULT" [ ! -t 2 ] && notify 'Removed Password' \ "The password ‘$n’ was removed from the category ‘$c’" } rm_c() { readonly data="`enchive extract <"$VAULT"`" c="`xecho "$data" | jq -r 'keys | .[]' | osel`" xecho "$data" \ | jq -e --arg c "$c" '.[$c] | length == 0' >/dev/null || { notify 'Failed To Remove Category' "The category ‘$c’ is not empty" exit 1 } xecho "$data" \ | jq --arg c "$c" 'del(.[$c])' \ | enchive archive >"$VAULT" [ ! -t 2 ] && notify 'Removed Category' "The category ‘$c’ was removed" } edit() { shift while getopts 'c' opt do case $opt in c) edit_c exit 0 ;; *) usage ;; esac done readonly data="`enchive extract <"$VAULT"`" c="`xecho "$data" | jq -r 'keys | .[]' | osel`" n="`xecho "$data" | jq -r --arg c "$c" '.[$c] | keys | .[]' | osel`" if [ "$VAULT_2FA" = "$c" ] then xprompt 'Secret key:'; k="$s" prompt 'Digits:'; d="$s" prompt 'Period:' xecho "$data" \ | jq --arg c "$c" \ --arg n "$n" \ --arg s "$k" \ --arg d "$d" \ --arg p "$s" \ '.[$c] += {($n): { "secret": $s, "digits": ($d | tonumber), "period": ($p | tonumber) }}' \ | enchive archive >"$VAULT" [ ! -t 2 ] && notify '2FA Key Added' \ "The 2FA key ‘$n’ was added with the digit length ‘$d’ and period ‘$p’" else xprompt 'Password:' xecho "$data" \ | jq --arg c "$c" --arg n "$n" --arg s "$s" '.[$c] += {($n): $s}' \ | enchive archive >"$VAULT" [ ! -t 2 ] && notify 'Password Edit' \ "The password ‘$n’ in the category ‘$c’ was changed" fi } edit_c() { readonly data="`enchive extract <"$VAULT"`" c="`xecho "$data" | jq -r 'keys | .[]' | osel`" prompt 'Category name:' xecho "$data" \ | jq --arg o "$c" --arg n "$s" \ 'with_entries(if .key == $o then .key = $n else . end)' \ | enchive archive >"$VAULT" [ ! -t 2 ] && notify 'Category Edit' "The category ‘$c’ was renamed" } raw() { shift enchive extract <"$VAULT" \ | jq --arg c "$1" --arg n "$2" -r '.[$c] | .[$n]' } : ${VAULT_2FA:="2fa"} : ${VAULT_HOME:=${XDG_DATA_HOME:-$HOME/.local/share}/vault} readonly VAULT="${VAULT_HOME}/vault.sec" export OSEL_GUI_FLAGS='-Oalphabetical' [ $# -eq 0 ] && usage case "$1" in add) add "$@" ;; edit) edit "$@" ;; get) get ;; raw) raw "$@" ;; rm) rm_ "$@" ;; *) usage ;; esac