From 75ebbc781429eba269776dbd169140a491f99195 Mon Sep 17 00:00:00 2001 From: Luca Guzzon Date: Thu, 9 Jan 2020 11:50:48 +0100 Subject: [PATCH 1/4] Little silly changes using shellcheck tool --- encpass.sh | 46 ++++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/encpass.sh b/encpass.sh index 59ab0c9..395e64f 100755 --- a/encpass.sh +++ b/encpass.sh @@ -37,16 +37,16 @@ checks() { ENCPASS_HOME_DIR=$(get_abs_filename ~)/.encpass - if [ ! -d $ENCPASS_HOME_DIR ]; then - mkdir -m 700 $ENCPASS_HOME_DIR - mkdir -m 700 $ENCPASS_HOME_DIR/keys - mkdir -m 700 $ENCPASS_HOME_DIR/secrets + if [ ! -d "$ENCPASS_HOME_DIR" ]; then + mkdir -m 700 "$ENCPASS_HOME_DIR" + mkdir -m 700 "$ENCPASS_HOME_DIR/keys" + mkdir -m 700 "$ENCPASS_HOME_DIR/secrets" fi - if [ ! -z $1 ] && [ ! -z $2 ]; then + if [ -n "$1" ] && [ -n "$2" ]; then LABEL=$1 SECRET_NAME=$2 - elif [ ! -z $1 ]; then + elif [ -n "$1" ]; then LABEL=$(basename "$0") SECRET_NAME=$1 else @@ -60,12 +60,12 @@ checks() { generate_private_key() { KEY_DIR="$ENCPASS_HOME_DIR/keys/$LABEL" - if [ ! -d $KEY_DIR ]; then - mkdir -m 700 $KEY_DIR + if [ ! -d "$KEY_DIR" ]; then + mkdir -m 700 "$KEY_DIR" fi - if [ ! -f $KEY_DIR/private.key ]; then - (umask 0377 && printf "%s" "$(openssl rand -hex 32)" > $KEY_DIR/private.key) + if [ ! -f "$KEY_DIR/private.key" ]; then + (umask 0377 && printf "%s" "$(openssl rand -hex 32)" > "$KEY_DIR/private.key") fi } @@ -81,26 +81,26 @@ get_secret_abs_name() { SECRET_ABS_NAME="$ENCPASS_HOME_DIR/secrets/$LABEL/$SECRET_NAME.enc" if [ ! -f "$SECRET_ABS_NAME" ]; then - set_secret $1 $2 + set_secret "$1" "$2" fi } get_secret() { - checks $1 $2 + checks "$1" "$2" get_private_key_abs_name - get_secret_abs_name $1 $2 + get_secret_abs_name "$1" "$2" - dd if=$SECRET_ABS_NAME ibs=1 skip=32 2> /dev/null | openssl enc -aes-256-cbc \ - -d -a -iv $(head -c 32 $SECRET_ABS_NAME) -K $(cat $PRIVATE_KEY_ABS_NAME) + dd if="$SECRET_ABS_NAME" ibs=1 skip=32 2> /dev/null | openssl enc -aes-256-cbc \ + -d -a -iv "$(head -c 32 "$SECRET_ABS_NAME")" -K "$(cat "$PRIVATE_KEY_ABS_NAME")" } set_secret() { - checks $1 $2 + checks "$1" "$2" get_private_key_abs_name SECRET_DIR="$ENCPASS_HOME_DIR/secrets/$LABEL" - if [ ! -d $SECRET_DIR ]; then - mkdir -m 700 $SECRET_DIR + if [ ! -d "$SECRET_DIR" ]; then + mkdir -m 700 "$SECRET_DIR" fi echo "Enter $SECRET_NAME:" >&2 @@ -113,12 +113,13 @@ set_secret() { stty echo if [ "$SECRET" = "$CSECRET" ]; then printf "%s" "$(openssl rand -hex 16)" > \ - $SECRET_DIR/$SECRET_NAME.enc + "$SECRET_DIR/$SECRET_NAME.enc" echo "$SECRET" | openssl enc -aes-256-cbc -e -a -iv \ - $(cat $SECRET_DIR/$SECRET_NAME.enc) -K \ - $(cat $ENCPASS_HOME_DIR/keys/$LABEL/private.key) 1>> \ - $SECRET_DIR/$SECRET_NAME.enc + "$(cat "$SECRET_DIR/$SECRET_NAME.enc")" -K \ + "$(cat "$ENCPASS_HOME_DIR/keys/$LABEL/private.key")" 1>> \ + "$SECRET_DIR/$SECRET_NAME.enc_" \ + && mv "$SECRET_DIR/$SECRET_NAME.enc_" "$SECRET_DIR/$SECRET_NAME.enc" else echo "Error: secrets do not match. Please try again." >&2 exit 1 @@ -131,6 +132,7 @@ get_abs_filename() { parentdir=$(dirname "${filename}") if [ -d "${filename}" ]; then + # shellcheck disable=SC2005 echo "$(cd "${filename}" && pwd)" elif [ -d "${parentdir}" ]; then echo "$(cd "${parentdir}" && pwd)/$(basename "${filename}")" From d1d00db41adf362733cd1685a7667fb10970cb9c Mon Sep 17 00:00:00 2001 From: lguzzon Date: Thu, 9 Jan 2020 06:27:06 -0500 Subject: [PATCH 2/4] Beautified with shfmt --- encpass.sh | 20 +++++++++----------- tests/Dockerfile | 3 +-- tests/helpers/helper.sh | 14 ++++++-------- tests/suite.sh | 6 ------ 4 files changed, 16 insertions(+), 27 deletions(-) diff --git a/encpass.sh b/encpass.sh index 395e64f..e8a2b1b 100755 --- a/encpass.sh +++ b/encpass.sh @@ -31,7 +31,7 @@ checks() { if [ ! -x "$(command -v openssl)" ]; then echo "Error: OpenSSL is not installed or not accessible in the current path." \ - "Please install it and try again." >&2 + "Please install it and try again." >&2 exit 1 fi @@ -65,7 +65,7 @@ generate_private_key() { fi if [ ! -f "$KEY_DIR/private.key" ]; then - (umask 0377 && printf "%s" "$(openssl rand -hex 32)" > "$KEY_DIR/private.key") + (umask 0377 && printf "%s" "$(openssl rand -hex 32)" >"$KEY_DIR/private.key") fi } @@ -90,8 +90,8 @@ get_secret() { get_private_key_abs_name get_secret_abs_name "$1" "$2" - dd if="$SECRET_ABS_NAME" ibs=1 skip=32 2> /dev/null | openssl enc -aes-256-cbc \ - -d -a -iv "$(head -c 32 "$SECRET_ABS_NAME")" -K "$(cat "$PRIVATE_KEY_ABS_NAME")" + dd if="$SECRET_ABS_NAME" ibs=1 skip=32 2>/dev/null | openssl enc -aes-256-cbc \ + -d -a -iv "$(head -c 32 "$SECRET_ABS_NAME")" -K "$(cat "$PRIVATE_KEY_ABS_NAME")" } set_secret() { @@ -112,14 +112,12 @@ set_secret() { read -r CSECRET stty echo if [ "$SECRET" = "$CSECRET" ]; then - printf "%s" "$(openssl rand -hex 16)" > \ - "$SECRET_DIR/$SECRET_NAME.enc" + printf "%s" "$(openssl rand -hex 16)" >"$SECRET_DIR/$SECRET_NAME.enc" echo "$SECRET" | openssl enc -aes-256-cbc -e -a -iv \ - "$(cat "$SECRET_DIR/$SECRET_NAME.enc")" -K \ - "$(cat "$ENCPASS_HOME_DIR/keys/$LABEL/private.key")" 1>> \ - "$SECRET_DIR/$SECRET_NAME.enc_" \ - && mv "$SECRET_DIR/$SECRET_NAME.enc_" "$SECRET_DIR/$SECRET_NAME.enc" + "$(cat "$SECRET_DIR/$SECRET_NAME.enc")" -K \ + "$(cat "$ENCPASS_HOME_DIR/keys/$LABEL/private.key")" 1>>"$SECRET_DIR/$SECRET_NAME.enc_" && + mv "$SECRET_DIR/$SECRET_NAME.enc_" "$SECRET_DIR/$SECRET_NAME.enc" else echo "Error: secrets do not match. Please try again." >&2 exit 1 @@ -132,7 +130,7 @@ get_abs_filename() { parentdir=$(dirname "${filename}") if [ -d "${filename}" ]; then - # shellcheck disable=SC2005 + # shellcheck disable=SC2005 echo "$(cd "${filename}" && pwd)" elif [ -d "${parentdir}" ]; then echo "$(cd "${parentdir}" && pwd)/$(basename "${filename}")" diff --git a/tests/Dockerfile b/tests/Dockerfile index f0efc30..c501b9a 100644 --- a/tests/Dockerfile +++ b/tests/Dockerfile @@ -1,9 +1,8 @@ FROM ubuntu:18.04 -RUN apt-get update && \ +RUN apt-get update && apt-get install -qy zsh ksh expect openssl RUN mkdir /opt/encpass VOLUME /opt/encpass - diff --git a/tests/helpers/helper.sh b/tests/helpers/helper.sh index fed3b51..c434e7c 100644 --- a/tests/helpers/helper.sh +++ b/tests/helpers/helper.sh @@ -16,23 +16,21 @@ else TEST_FAILURE_COUNT=0 fi - test_success() { - echo "`tput setaf 2``tput bold`[SUCCESS]`tput sgr0`" - TEST_SUCCESS_COUNT=$((TEST_SUCCESS_COUNT+1)) + echo "$(tput setaf 2)$(tput bold)[SUCCESS]$(tput sgr0)" + TEST_SUCCESS_COUNT=$((TEST_SUCCESS_COUNT + 1)) } test_failure() { - echo "`tput setaf 1``tput bold`[FAILURE]`tput sgr0`" - TEST_FAILURE_COUNT=$((TEST_FAILURE_COUNT+1)) + echo "$(tput setaf 1)$(tput bold)[FAILURE]$(tput sgr0)" + TEST_FAILURE_COUNT=$((TEST_FAILURE_COUNT + 1)) } - test_print() { echo -n "$prefix $1" } test_complete() { - echo "$TEST_SUCCESS_COUNT" > /tmp/encpass_test_success_count - echo "$TEST_FAILURE_COUNT" > /tmp/encpass_test_failure_count + echo "$TEST_SUCCESS_COUNT" >/tmp/encpass_test_success_count + echo "$TEST_FAILURE_COUNT" >/tmp/encpass_test_failure_count } diff --git a/tests/suite.sh b/tests/suite.sh index fa31195..c0b6abc 100755 --- a/tests/suite.sh +++ b/tests/suite.sh @@ -13,7 +13,6 @@ printf "\n\nRunning ZSH test...\n" printf "\n\nRunning KSH test...\n" ./ksh.sh - TEST_SUCCESS_COUNT=$(cat /tmp/encpass_test_success_count) TEST_FAILURE_COUNT=$(cat /tmp/encpass_test_failure_count) TEST_TOTAL_COUNT=$((TEST_SUCCESS_COUNT + TEST_FAILURE_COUNT)) @@ -23,12 +22,7 @@ printf "Total tests completed $TEST_TOTAL_COUNT\n" printf "Tests succeded: $TEST_SUCCESS_COUNT\n" printf "Tests failed: $TEST_FAILURE_COUNT\n" - - if [ "$TEST_FAILURE_COUNT" -gt 0 ]; then printf "Marking tests as FAILURE\n" exit 1 fi - - - From 8f11c85499dae8423720c03ffe7cfc357502e9f8 Mon Sep 17 00:00:00 2001 From: lguzzon Date: Thu, 9 Jan 2020 08:02:30 -0500 Subject: [PATCH 3/4] Test now is working again --- encpass.sh | 4 ++-- tests/Dockerfile | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/encpass.sh b/encpass.sh index e8a2b1b..9bfbfab 100755 --- a/encpass.sh +++ b/encpass.sh @@ -114,10 +114,10 @@ set_secret() { if [ "$SECRET" = "$CSECRET" ]; then printf "%s" "$(openssl rand -hex 16)" >"$SECRET_DIR/$SECRET_NAME.enc" + # shellcheck disable=SC2094 echo "$SECRET" | openssl enc -aes-256-cbc -e -a -iv \ "$(cat "$SECRET_DIR/$SECRET_NAME.enc")" -K \ - "$(cat "$ENCPASS_HOME_DIR/keys/$LABEL/private.key")" 1>>"$SECRET_DIR/$SECRET_NAME.enc_" && - mv "$SECRET_DIR/$SECRET_NAME.enc_" "$SECRET_DIR/$SECRET_NAME.enc" + "$(cat "$ENCPASS_HOME_DIR/keys/$LABEL/private.key")" 1>>"$SECRET_DIR/$SECRET_NAME.enc" else echo "Error: secrets do not match. Please try again." >&2 exit 1 diff --git a/tests/Dockerfile b/tests/Dockerfile index c501b9a..457a88a 100644 --- a/tests/Dockerfile +++ b/tests/Dockerfile @@ -1,7 +1,7 @@ FROM ubuntu:18.04 -RUN apt-get update && - apt-get install -qy zsh ksh expect openssl +RUN apt-get update \ + && apt-get install -qy zsh ksh expect openssl RUN mkdir /opt/encpass From f0314a37b01b72bacfebda7ffc1a4721d81ca035 Mon Sep 17 00:00:00 2001 From: Luca Guzzon Date: Tue, 14 Jan 2020 15:37:45 +0000 Subject: [PATCH 4/4] Little aesthetic changes required by the author --- encpass.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/encpass.sh b/encpass.sh index 9bfbfab..f6cdb13 100755 --- a/encpass.sh +++ b/encpass.sh @@ -114,10 +114,10 @@ set_secret() { if [ "$SECRET" = "$CSECRET" ]; then printf "%s" "$(openssl rand -hex 16)" >"$SECRET_DIR/$SECRET_NAME.enc" - # shellcheck disable=SC2094 echo "$SECRET" | openssl enc -aes-256-cbc -e -a -iv \ "$(cat "$SECRET_DIR/$SECRET_NAME.enc")" -K \ - "$(cat "$ENCPASS_HOME_DIR/keys/$LABEL/private.key")" 1>>"$SECRET_DIR/$SECRET_NAME.enc" + "$(cat "$ENCPASS_HOME_DIR/keys/$LABEL/private.key")" 1>>\ + "$SECRET_DIR/$SECRET_NAME.enc" else echo "Error: secrets do not match. Please try again." >&2 exit 1 @@ -130,7 +130,6 @@ get_abs_filename() { parentdir=$(dirname "${filename}") if [ -d "${filename}" ]; then - # shellcheck disable=SC2005 echo "$(cd "${filename}" && pwd)" elif [ -d "${parentdir}" ]; then echo "$(cd "${parentdir}" && pwd)/$(basename "${filename}")"