[PATCH] Check command to ensure basic sanity

Wed, 22 Nov 2017 11:56:39 -0800 

I recently noticed that I could not decrypt some files in the password store
because I no longer had access to the keys. I also had some corrupt files. This
command adds some basic sanity checks to the password store and prints out files
it cannot successfully decrypt.

Exits 0 if everything is OK. Prints failed files and then exists with 1
otherwise. Takes no arguments.

Code adapted from grep command with minor modifications.

If the basic approach is OK, I'll be happy to add tests, completion and
documentation.

Sample run:

    $ pass check
    $ echo $?
    0
    $ touch ~/.password-store/junk.gpg
    $ pass check
    x junk
    $ echo $?
    1

Signed-off-by: Jaseem Abid <[email protected]>
---
 src/password-store.sh | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/password-store.sh b/src/password-store.sh
index b86631d..d655605 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -410,6 +410,25 @@ cmd_grep() {
        done < <(find -L "$PREFIX" -path '*/.git' -prune -o -iname '*.gpg' 
-print0)
 }
 
+cmd_check() {
+       [[ $# -ne 0 ]] && die "Usage: $PROGRAM $COMMAND"
+       local passfile ok=0
+       while read -r -d "" passfile; do
+               $($GPG -d "${GPG_OPTS[@]}" "$passfile" > /dev/null 2>&1)
+        # Decryption failed
+        if [[ $? -ne 0 ]]; then
+            ok=1
+                   passfile="${passfile%.gpg}"
+                   passfile="${passfile#$PREFIX/}"
+                   local passfile_dir="${passfile%/*}/"
+                   [[ $passfile_dir == "${passfile}/" ]] && passfile_dir=""
+                   passfile="${passfile##*/}"
+                   printf "\e[91m✘ \e[94m%s\e[1m%s\e[0m\n" "$passfile_dir" 
"$passfile"
+        fi
+       done < <(find -L "$PREFIX" -path '*/.git' -prune -o -iname '*.gpg' 
-print0)
+       [[ $ok -ne 0 ]] && exit 1
+}
+
 cmd_insert() {
        local opts multiline=0 noecho=1 force=0
        opts="$($GETOPT -o mef -l multiline,echo,force -n "$PROGRAM" -- "$@")"
@@ -686,6 +705,7 @@ case "$1" in
        show|ls|list) shift;            cmd_show "$@" ;;
        find|search) shift;             cmd_find "$@" ;;
        grep) shift;                    cmd_grep "$@" ;;
+       check) shift;                   cmd_check "$@" ;;
        insert|add) shift;              cmd_insert "$@" ;;
        edit) shift;                    cmd_edit "$@" ;;
        generate) shift;                cmd_generate "$@" ;;
-- 
2.15.0

_______________________________________________
Password-Store mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/password-store

Reply via email to