#!/bin/bash
# This utility keeps an encrypted password file and allows searching of it.
# The password file location may be set by the environment variable PASSFILE.
# To edit the password file, use pass -e.  You will be asked for the password,
# put into your favorite editor to make changes, then the file will be
# re-encrypted when you exit the editor.
# To find a password, use pass <servicename>.  All lines from the file that
# match the requested service are printed.  (It's just grep.)
# $Id: pass,v 1.9 2008/12/02 19:24:19 perette Exp $

function usage
{
	echo "$arg0 [-e] [-f file] pattern..."
	exit 0
}

arg0=$(basename $0)

edit=false
file=${PASSFILE:-~/Documents/Lists/passwords}
while getopts "ef:?" option
do
	case "$option" in
	    e)
		edit=true
		;;
	    f)
		file="$OPTARG"
		;;
	    \?)
		usage
		;;
	esac
done

shift $((OPTIND - 1))

if [ ! -f "$file.cpt" ]
then
	echo "$file.cpt: File doesn't exist."
	exit 1
fi

if $edit
then
	if ccrypt -c $file.cpt > $file && [ -s "$file" ]
	then
		oldsum=$(cksum $file)
		encrypt=true
		vi $file || encrypt=false
		newsum=$(cksum $file)
		[ "$newsum" = "$oldsum" ] &&
			echo "$file: No changes." && encrypt=false
		while $encrypt
		do
			# Ccrypt behaviour on EOF is inappropriate,
			# treating it as a normal condition and exiting
			# successfully.  This loop traps that condition
			# and forces the user to encrypt the file.
			rm -f "$file.cpt"
			ccrypt -e -t $file || continue
			[ -f "$file.cpt" ] || continue
			echo "$arg0: Encrypted."
			encrypt=false
		done
	fi
	rm -fP $file
elif [ $# -gt 0 ]
then
	greps=""
	for grep in "$@"
	do
		greps="$greps | grep -i \"$grep\""
	done
	eval "ccrypt -c $file.cpt $greps"
else
	usage
fi