[pass] Multiple keys per repo

Thu, 29 Nov 2012 10:41:01 -0800 

I would find it convenient to combine multiple data sources in one repo
(e.g. work stuff and personal stuff) which should be encrypted by
different keys.

I put together the attached patch which allows for .gpg-id files in
subdirectories of the repo. Deepest one wins, ala Apache httpd .htaccess
files.

And then I saw
http://lists.zx2c4.com/pipermail/password-store-zx2c4.com/2012-September/000014.html
and the env var solution. :)

Any interest in multiple keys per repo?

David


diff --git a/src/password-store.sh b/src/password-store.sh
index 26a4bd0..b51a55b 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -77,6 +77,18 @@ yesno() {
        read -p "$1 [y/N] " response
        [[ $response == "y" || $response == "Y" ]] || exit 1
 }
+set_gpg_id() {
+ if [[ -f "$1/.gpg-id" ]]; then
+     ID="$(head -n 1 "$1/.gpg-id")"
+     return 0
+ else
+   if [[ "$(dirname $1)" == "." ]]; then
+     return -1
+   else
+     find_id "$(dirname $1)"
+   fi
+ fi
+}
 #
 # BEGIN Platform definable
 #
@@ -254,6 +266,7 @@ case "$command" in
                [[ $force -eq 0 && -e $passfile ]] && yesno "An entry already 
exists for $path. Overwrite it?"
 
                mkdir -p -v "$PREFIX/$(dirname "$path")"
+               set_gpg_id "$PREFIX/$(dirname "$path")"
 
                if [[ $multiline -eq 1 ]]; then
                        echo "Enter contents of $path and press Ctrl+D when 
finished:"
@@ -286,6 +299,7 @@ case "$command" in
 
                path="$1"
                mkdir -p -v "$PREFIX/$(dirname "$path")"
+               set_gpg_id "$PREFIX/$(dirname "$path")"
                passfile="$PREFIX/$path.gpg"
                template="$program.XXXXXXXXXXXXX"
 
@@ -332,6 +346,7 @@ case "$command" in
                        exit 1
                fi
                mkdir -p -v "$PREFIX/$(dirname "$path")"
+               set_gpg_id "$PREFIX/$(dirname "$path")"
                passfile="$PREFIX/$path.gpg"
 
                [[ $force -eq 0 && -e $passfile ]] && yesno "An entry already 
exists for $path. Overwrite it?"
@@ -340,7 +355,7 @@ case "$command" in
                [[ -n $pass ]] || exit 1
                gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
                git_add_file "$passfile" "Added generated password for $path to 
store."
-               
+
                if [[ $clip -eq 0 ]]; then
                        echo "The generated password to $path is:"
                        echo "$pass"

_______________________________________________
Password-Store mailing list
[email protected]
http://lists.zx2c4.com/listinfo.cgi/password-store-zx2c4.com

Reply via email to