pass now used for password management

README.md

@@ -31,6 +31,7 @@ Install these required programs:
 - `neomutt` - the email client.
 - `isync` - downloads and syncs the mail.
 - `msmtp` - sends the email.
+- `pass` - safely encrypts passwords
 
 You also need a GPG key pair to encrypt passwords.
 If you don't know what that is, just run `gpg --full-gen-key` (or `gpg2 --full-gen-key`) to get one.

bin/getmuttpass

@@ -1,5 +0,0 @@
-#!/bin/bash
-GPG="gpg"; command -v gpg >/dev/null || GPG="gpg2"
-pass=$(printf '%q' "$("$GPG" --decrypt --quiet "$HOME/.local/share/muttwizard/$1.gpg")")
-echo "set smtp_pass=\"$pass\""
-echo "set imap_pass=\"$pass\""

mw

@@ -2,15 +2,12 @@
 muttdir="$HOME/.config/mutt"		# Main mutt config location
 accdir="$muttdir/accounts"		# Directory for account settings
 maildir="$HOME/.local/share/mail"	# Location of mail storage
-creddir="$HOME/.local/share/muttwizard"	# Location of encrypted credentials
 bindir="$HOME/.config/mutt/bin"		# Location of scripts run by mutt or the wizard
 namere="^[a-z_][a-z0-9_-]*$"		# Regex to ensure viable username
 emailre=".\+@.\+\\..\+" 		# Regex to confirm valid email address
 mbsyncrc="$HOME/.mbsyncrc"
 [ ! -f "$muttdir/domains.csv" ] || [ ! -d "$bindir" ] && printf "Read the README. Be sure to put the repo in the right place before running.\\n" && exit 1
-gpgemail="$(grep "$emailre" "$creddir/gpgemail" 2>/dev/null)"	# Get previously set gpg email address
 tmpdir="$(mktemp -d)"
-GPG="gpg"; command -v gpg >/dev/null || GPG="gpg2"	# Ensure proper gpg command
 
 # Get certificate location depending on OS. Linux is elsewhere condition.
 case "$(uname)" in
@@ -34,13 +31,13 @@ host $smtp
 port $sport
 from $login
 user $login
-passwordeval \"$GPG -d --quiet --for-your-eyes-only --no-tty $creddir/$title.gpg | sed -e '\$a\\'\"
+passwordeval \"pass mutt-wizard-$title\"
 "
 mbsync_profile="IMAPAccount $title
 Host $imap
 User $login
 Port  $iport
-PassCmd \"gpg -q --for-your-eyes-only --no-tty -d ~/.local/share/muttwizard/$title.gpg\"
+PassCmd \"pass mutt-wizard-$title\"
 SSLType IMAPS
 CertificateFile /etc/ssl/certs/ca-certificates.crt
 
@@ -72,7 +69,8 @@ set folder = \"$maildir/$title\"
 set header_cache = $accdir/$title/cache/headers
 set message_cachedir = $accdir/$title/cache/bodies
 set certificate_file = $accdir/$title/certificates
-source \"$bindir/getmuttpass $title |\"
+set imap_pass = \`pass mutt-wizard-$title\`
+set smtp_pass = \`pass mutt-wizard-$title\`
 
 alias me $realname <$fulladdr>
 
@@ -177,39 +175,7 @@ EOF
 	[ "$accounttype" = "offline" ] || sed -i "/IMAPAccount $title$/,/# End profile/d" "$mbsyncrc"
 }
 
-getpass() { \
-	printf "Now enter your password for the \"%s\" account. Don't worry, this will be encrypted and only you with your GPG key can view it.\\n\tPassword: " "$title"
-	stty -echo
-	read -r password
-	stty echo
-	echo "$password" > "$tmpdir/$title"
-	printf "Encrypting your password with %s..." "$GPG"
-	"$GPG" -r "$gpgemail" --encrypt "$tmpdir/$title"
-	printf "DONE\\nShredding all memory of your password for safety's sake..."
-	unset password
-	shred -u "$tmpdir/$title"
-	mkdir -p "$creddir"
-	mv "$tmpdir/$title.gpg" "$creddir/"
-	printf "DONE.\\n"
-}
-
-askgpg() { \
-	printf "To safely encrypt passwords, mutt-wizard requires that you have a GPG public/private key pair.\\n\\nPlease input the email address of your GPG key pair below.\\nEmail: \033[36m\t"
-	read -r gpgemail
-	printf "\033[0m"
-	while ! echo "$gpgemail" | grep "$emailre" >/dev/null; do
-		printf "That is not a valid email address. Please try again.\\nEmail: \033[36m\t"
-		read -r gpgemail
-		printf "\033[0m"
-	done
-	if "$GPG" -K | grep "<$gpgemail>" >/dev/null; then
-		mkdir -p "$creddir"
-		echo "$gpgemail" > "$creddir/gpgemail"
-	else
-		printf "You do not appear to have a private key associated with \033[33m%s\033[0m.\\nPlease generate a GPG key pair by running \`\033[32m%s --full-gen-key\033[0m\` and rerun the wizard.\\n" "$gpgemail" "$GPG"
-		exit 1
-	fi
-}
+getpass() { pass rm -f "mutt-wizard-$title" 2>/dev/null ; pass insert "mutt-wizard-$title" ;}
 
 formatShortcut() { \
 	while read -r data; do { echo "macro index,pager g$1 \"<change-folder>$data<enter>\" \"Go to $2.\" # autogenerated"
@@ -277,7 +243,7 @@ pick() { numbered="$(ls $accdir/*muttrc | sed "s/.*\///;s/\..*//" | nl)"
 	return 0 ;}
 
 delete() { sed -i "/IMAPAccount $title$/,/# End profile/d" "$mbsyncrc"
-	rm -rf "${accdir:?}/${title:?}" "$creddir/$title.gpg" "$accdir/$title.muttrc"
+	rm -rf "${accdir:?}/${title:?}" "$accdir/$title.muttrc"
 	sed -i "/$title.muttrc/d" "$muttdir/personal.muttrc"
 	sed -i "/account $title/,/^\(\s*$\|account\)/d" "$HOME/.config/msmtp/config"
 	#confirm "delete the local mail repository as well?" && rm -rf "${maildir:?}/${title:?}"
@@ -326,8 +292,8 @@ addtype() { \
 
 main() { \
 	while : ; do
-	[ -z "$gpgemail" ] && askgpg
-	printf "Current GPG key email: %s\\n\033[34m" "$gpgemail"
+	[ ! -f "$HOME/.password-store/.gpg-id" ] && printf "\`pass\` must be installed and initialized to encrypt passwords.\\nBe sure it is installed and run \`pass init <yourgpgemail>\`.\\nIf you don't have a GPG public private key pair, run \`gpg --full-gen-key\` first.\\n" && exit
+	printf "Welcome to:\\n\033[34m"
 cat << "EOF"
  _ __ ___  _   _| |_| |_    __      _(_)______ _ _ __ __| |
 | '_ ` _ \| | | | __| __|___\ \ /\ / / |_  / _` | '__/ _` |
@@ -354,7 +320,7 @@ Input a number to continue or press ctrl-c.\\n"
 		2) pick "change the password of" && confirm "change the password of" && getpass ;;
 		3) pick delete && confirm "delete the \`$title\` profile" && delete ;;
 		4) askgpg ;;
-		5) confirm "delete all account data" && rm -ri "$mbsyncrc" "$accdir" "$creddir" "$muttdir/personal.muttrc" && echo "All configs and account settings have been purged." ;;
+		5) confirm "delete all account data" && rm -ri "$mbsyncrc" "$accdir" "$muttdir/personal.muttrc" && echo "All configs and account settings have been purged." ;;
 		6) choosecron ;;
 		0) break ;;
 		*) printf "Invalid input.\\n"