pass is over 600 SLOC, yet I don't use its nested hierarchy, git integration, nor password generation.
To encrypt and decrypt, pass does nothing too fancy that is a major security issue by omission. This is the code for showing a password
if [[ -f $passfile ]]; then if [[ $clip -eq 0 && $qrcode -eq 0 ]]; then pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | $BASE64)" || exit $? echo "$pass" | $BASE64 -d
# This base64 business is because bash cannot store binary data in a shell # variable. Specifically, it cannot store nulls nor (non-trivally) store # trailing new lines.
and encrypting a password.
if [[ $multiline -eq 1 ]]; then echo "Enter contents of $path and press Ctrl+D when finished:" echo $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" || die "Password encryption aborted."
Combining these two GPG commands sets the foundation for a bare bones and hackable password manager. I currently use the one I wrote, inspired by dcat on GitHub. This one-liner allows for integration with dmenu: pw get "$(pw ls | dmenu -l 10)" | xdotool type --clearmodifiers --file -
.