[PATCH] show: add option to redact password (using red-on-red text) in show output

Sat, 19 Aug 2017 15:36:07 -0700 

Example usage:
  pass show --redact /test/test
  pass show --red /test/test
  pass show -r /test/test

The red-on-red text allows the password to be cut/pasted from the output
but can't be read on the display or in the scroll-back buffer.
---
 src/password-store.sh | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/password-store.sh b/src/password-store.sh
index b86631d..7a05bd4 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -345,24 +345,29 @@ cmd_init() {
 }
 
 cmd_show() {
-       local opts selected_line clip=0 qrcode=0
-       opts="$($GETOPT -o q::c:: -l qrcode::,clip:: -n "$PROGRAM" -- "$@")"
+       local opts selected_line clip=0 qrcode=0 redact=0
+       opts="$($GETOPT -o q::c::r -l qrcode::,clip::,redact -n "$PROGRAM" -- 
"$@")"
        local err=$?
        eval set -- "$opts"
        while true; do case $1 in
                -q|--qrcode) qrcode=1; selected_line="${2:-1}"; shift 2 ;;
                -c|--clip) clip=1; selected_line="${2:-1}"; shift 2 ;;
+               -r|--redact) redact=1; shift 1 ;;
                --) shift; break ;;
        esac done
 
-       [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 ) ]] && die "Usage: 
$PROGRAM $COMMAND [--clip[=line-number],-c[line-number]] 
[--qrcode[=line-number],-q[line-number]] [pass-name]"
+       [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 ) ]] && die "Usage: 
$PROGRAM $COMMAND [--clip[=line-number],-c[line-number]] 
[--qrcode[=line-number],-q[line-number]] [--redact,-r] [pass-name]"
 
        local path="$1"
        local passfile="$PREFIX/$path.gpg"
        check_sneaky_paths "$path"
        if [[ -f $passfile ]]; then
                if [[ $clip -eq 0 && $qrcode -eq 0 ]]; then
-                       $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
+                       if [[ $redact -eq 0 ]]; then
+                               $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
+                       else
+                               $GPG -d "${GPG_OPTS[@]}" "$passfile" | sed -Ee 
'1{s/^(.*)$/\x1b[41;31m\1\x1b[0m/}' || exit $?
+                       fi
                else
                        [[ $selected_line =~ ^[0-9]+$ ]] || die "Clip location 
'$selected_line' is not a number."
                        local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | 
tail -n +${selected_line} | head -n 1)"
-- 
2.14.1

_______________________________________________
Password-Store mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/password-store

Reply via email to