#!/bin/sh # Copyright (c) 2013 Stefan Huber # # Permission is hereby granted, free of charge, to any person # obtaining a copy of this software and associated documentation # files (the "Software"), to deal in the Software without # restriction, including without limitation the rights to use, # copy, modify, merge, publish, distribute, sublicense, and/or sell # copies of the Software, and to permit persons to whom the # Software is furnished to do so, subject to the following # conditions: # # The above copyright notice and this permission notice shall be # included in all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES # OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, # WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR # OTHER DEALINGS IN THE SOFTWARE. # Author: Stefan Huber # # This script does a decrypt-edit-encrypt cycle with gpg and OpenOffice resp. # LibreOffice files. SUMCMD="sha1sum" CRYPTID="" CMD="/usr/bin/libreoffice" [ -x ${CMD} ] || CMD="/usr/bin/ooffice" [ -f "$HOME/.office-gpg.cfg" ] && source "$HOME/.office-gpg.cfg" if [ -z "$CRYPTID" ]; then echo "No CRYPTID set in $HOME/.office-gpg.cfg" exit 1 fi #No valid invocation if [ $# -ne 1 ] then echo "Usage: $CMD-gpg " exit -1 fi #The corresponding gpg-file gpgfile=$1 if [ ! -f "$gpgfile" ] then echo "\`$gpgfile\` does not exist..." else echo "Opening \`$gpgfile\`..." fi #Search for filename to to encrypt file to... uncryptfilePost=${gpgfile%%.gpg} i=1 uncryptfile="$i.$uncryptfilePost" while [ -f "$uncryptfile" ] do let "i = $i + 1" uncryptfile="$i.$uncryptfilePost" done echo "Uncrypt \`$gpgfile\` to \`$uncryptfile\`..." #Decrypt file and get checksum... gpg --output "$uncryptfile" --decrypt "$gpgfile" hsumpre=`$SUMCMD "$uncryptfile" | awk '{ print $1 }'` echo "Checksum is '$hsumpre'." #Edit file and get checksum of altered file $CMD "$uncryptfile" #pid=`lsof | grep "$uncryptfile" | cut -d ' ' -f 2` #echo "wait for pid: $pid" #while [ -n "`ps | grep "$pid"`" ] ; do # sleep 1 #done hsumpost=`$SUMCMD "$uncryptfile" | awk '{ print $1 }'` echo "Checksum is '$hsumpost'." #Check if file has been altered if [ "$hsumpost" != "$hsumpre" ] then gpg --output "$gpgfile" -r "$CRYPTID" --encrypt "$uncryptfile" #Get checksum of crypted version hsumcrypt=`gpg --decrypt $gpgfile | $SUMCMD | awk '{ print $1 }'` echo "Checksum of crypted file is '$hsumcrypt'" if [ "$hsumpost" != "$hsumcrypt" ] then echo "" echo "*** WARNING ***" echo "*** WARNING *** Encrypted file \`$gpgfile\` leads to different checksum." echo "*** WARNING *** Not removing unencrypted file \`$uncryptfile\`." echo "*** WARNING ***" echo "" exit -1 fi else echo "No changes. Skip re-encrypting" fi #Remove old file... rm -i "$uncryptfile" #File not removed!? if [ -f "$uncryptfile" ] then echo "" echo "*** WARNING ***" echo "*** WARNING *** Unencrypted file \`$uncryptfile\` not removed!" echo "*** WARNING ***" echo "" fi