git.j3s.sh

add some more checks to pw_edit

j3s j3s@c3f.net

Thu, 28 Jan 2021 15:03:59 -0600

commit

977d38285e21433b2fcc35b2937632546d226347

parent

6d7b6a5c000ae8e81996d48b04ecdb9ffa0d12bd

1 files changed, 6 insertions(+), 0 deletions(-)

jump to

bin/pa

M bin/pa → bin/pa

@@ -52,6 +52,10 @@ 
 pw_edit() {
     name=$1
 
+    if [ ! -f "$name.age" ]; then
+        die "Failed to access $name"
+    fi
+
     # we use /dev/shm because it's an in-memory
     # space that we can use to store private data,
     # and securely wipe it without worrying about
@@ -64,12 +68,14 @@ mkdir -p /dev/shm/pa
     trap 'rm -rf /dev/shm/pa' EXIT
     tmpfile="/dev/shm/pa/$name.txt"
 
+    age -i ~/.age/key.txt --decrypt "$1.age" > "$tmpfile"
     "${EDITOR:-vi}" "$tmpfile"
 
     if [ ! -f $tmpfile ]; then
         die "New password not saved"
     fi
 
+    rm "$name.age"
     age -r "$pubkey" -o "$name.age" "$tmpfile"
 }