#!/bin/bash
#
# This shell script is under public domain.
#
# Shell script to access KDE wallet. Written by Jochen Hoenicke.
# You can find the latest version of this program at 
#   http://www.jochen-hoenicke.de/kwallet/
#
# USAGE:  Every password is uniquely determined by a single key.
# The usage avoids putting the password on the command line where
# it can be sniffed by a local attacker.
#
# Ask for a password and write it to the wallet:
#   kwallet -ask key
# Get the password from kwallet (kwallet returns it in stdout).
#   PASSWORD=\`kwallet -get key\`
# Get the password from kwallet and ask for it if it does not yet exists.
#   PASSWORD=\`kwallet -askget key\`
# Write the password to the wallet.
#   echo password | kwallet -set key
# Remove the password from the wallet:
#   kwallet -remove key
#
# The password can contain any character except control characters, but
# including spaces and arbitrary unicode characters.  Every password is
# terminated by a newline character.
# 
# Known Problem:
#
#   The password is put in clear text on the dcop command line.  A
#   local attacker might sniff the password by doing a well-timed
#   process dump.  This happens only when setting a password though.
#
# History:
#   2008-12-28: Dan Sheadel
#     Redirect output of dcopfind to /dev/null.
#   2007-06-25: Christian Schürer-Waldheim
#     Run dcopfind -l to start kcookiejar if it is not running.
#   2007-06-09: Ignacio Aliende García
#     Use local wallet instead of hardcoded identifier kdewallet.

dcopfind -l kcookiejar >/dev/null
LOCALWALLET=`dcop kcookiejar kwalletd localWallet`
if [ "$1" = "-get" ]; then
  WALLETID=`dcop kcookiejar kwalletd open $LOCALWALLET 1`
  PASSWORD=`dcop kcookiejar kwalletd readPassword $WALLETID Passwords $2`
  dcop kcookiejar kwalletd close $LOCALWALLET 0 > /dev/null
  echo "$PASSWORD"
  exit 0;
fi

if [ "$1" = "-askget" ]; then
  WALLETID=`dcop kcookiejar kwalletd open $LOCALWALLET 1`
  PASSWORD=`dcop kcookiejar kwalletd readPassword $WALLETID Passwords $2`
  RESULT=0
  if [ -z "$PASSWORD" ]; then 
    IFS= PASSWORD=`kdialog --password "Enter Password for $2"`
    RESULT=$?
    if [ "$RESULT" = "0" ]; then
      RESULT=`dcop kcookiejar kwalletd writePassword $WALLETID Passwords $2 "$PASSWORD"`
    fi
  fi
  dcop kcookiejar kwalletd close $LOCALWALLET 0 > /dev/null
  echo "$PASSWORD"
  exit $RESULT;
fi

if [ "$1" = "-set" ]; then
  WALLETID=`dcop kcookiejar kwalletd open $LOCALWALLET 1`
  IFS= read -r PASSWORD
  RESULT=`dcop kcookiejar kwalletd writePassword $WALLETID Passwords $2 "$PASSWORD"`
  dcop kcookiejar kwalletd close $LOCALWALLET 0 > /dev/null
  exit $RESULT;
fi

if [ "$1" = "-remove" ]; then
  WALLETID=`dcop kcookiejar kwalletd open $LOCALWALLET 1`
  RESULT=`dcop kcookiejar kwalletd removeEntry $WALLETID Passwords $2`
  dcop kcookiejar kwalletd close $LOCALWALLET 0 > /dev/null
  exit $RESULT;
fi

if [ "$1" = "-ask" ]; then
  PASSWORD=`kdialog --password "Enter Password for $2"`
  RESULT=$?
  if [ "$RESULT" = 0 ]; then
    WALLETID=`dcop kcookiejar kwalletd open $LOCALWALLET 1`
    RESULT=`dcop kcookiejar kwalletd writePassword $WALLETID Passwords $2 $PASSWORD`
    dcop kcookiejar kwalletd close $LOCALWALLET 0 > /dev/null
  fi
  exit $RESULT;
fi

echo "USAGE: kwallet -ask key"
echo "       echo password | kwallet -set key "
echo "       PASSWORD=\`kwallet -get key\`"
echo "       PASSWORD=\`kwallet -askget key\`"
echo "       kwallet -remove key"