#3 - Seperated hash from filename
This commit is contained in:
parent
fb85e5f855
commit
9ba397e477
14
README.md
14
README.md
@ -1,12 +1,14 @@
|
|||||||
# Crypter
|
# Crypter
|
||||||
Script to encrypt and decrypt files easily using openssl
|
Script to encrypt and decrypt files easily using openssl.
|
||||||
## Howto
|
## Howto
|
||||||
./crypter.sh -[e/d] [inputfile]
|
./crypter.sh -[e/d] [inputfile] --no-verify
|
||||||
### Options
|
### Options
|
||||||
-e for encrypt
|
-e for encrypt - Encrypts the filename and adds a hash file.
|
||||||
-d for decrypt
|
-d for decrypt - Decrypts the file and removes crypt files after hash check.
|
||||||
|
--no-verify - Decrypts the file without comparing the hash.
|
||||||
## Additional info
|
## Additional info
|
||||||
Uses des-ede3-cbc pbkdf2 with salt by default but can be configured in the ~/.crypter/.algos file.\
|
Uses des-ede3-cbc pbkdf2 with salt by default but can be configured in the ~/.crypter/.algos file.\
|
||||||
Files are converted using base64 encoding.\
|
Files are converted using base64 encoding.
|
||||||
|
|
||||||
Files hash is checked uppon decrypting
|
Files hash is checked uppon decrypting\
|
||||||
|
This can be ignored using the --no-verify flag.
|
||||||
|
|||||||
20
crypter.sh
20
crypter.sh
@ -28,9 +28,9 @@ source ~/.crypter/.algos
|
|||||||
case "$1" in
|
case "$1" in
|
||||||
"-e")
|
"-e")
|
||||||
echo "Encrypting file ${INPUT}"
|
echo "Encrypting file ${INPUT}"
|
||||||
HASH=$(sha256sum $INPUT | awk '{ print $1 }')
|
OUTPUT="${INPUT}.crypt"
|
||||||
OUTPUT="${INPUT}.${HASH}.crypto"
|
HASH=$(sha256sum ${INPUT} > ${OUTPUT}.hash)
|
||||||
openssl enc $ALGOS -salt -in ${INPUT} -out ${OUTPUT}.temp
|
openssl enc ${ALGOS} -salt -in ${INPUT} -out ${OUTPUT}.temp > /dev/null 2>&1
|
||||||
base64 ${OUTPUT}.temp > ${OUTPUT}
|
base64 ${OUTPUT}.temp > ${OUTPUT}
|
||||||
rm -f ${OUTPUT}.temp
|
rm -f ${OUTPUT}.temp
|
||||||
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
|
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
|
||||||
@ -42,22 +42,21 @@ case "$1" in
|
|||||||
else
|
else
|
||||||
# NOK - remove empty output file
|
# NOK - remove empty output file
|
||||||
echo "CRITICAL - Output file ${OUTPUT} is 0 bytes! Not removing the source file ${INPUT}"
|
echo "CRITICAL - Output file ${OUTPUT} is 0 bytes! Not removing the source file ${INPUT}"
|
||||||
rm -f ${OUTPUT}
|
rm -f ${OUTPUT} ${INPUT}.hash
|
||||||
exit 2
|
exit 2
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
"-d")
|
"-d")
|
||||||
echo "Decrypting file ${INPUT}";
|
echo "Decrypting file ${INPUT}";
|
||||||
OUTPUT=$(echo $INPUT | sed 's/\.crypto//')
|
OUTPUT=$(echo ${INPUT} | sed 's/\.crypt//')
|
||||||
HASH=$(echo $OUTPUT | sed 's/^.*\.//')
|
|
||||||
base64 -d ${INPUT} > ${INPUT}.temp
|
base64 -d ${INPUT} > ${INPUT}.temp
|
||||||
openssl enc -d $ALGOS -in ${INPUT}.temp -out ${OUTPUT}
|
openssl enc -d ${ALGOS} -in ${INPUT}.temp -out ${OUTPUT} > /dev/null 2>&1
|
||||||
rm -f ${INPUT}.temp
|
rm -f ${INPUT}.temp
|
||||||
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
|
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
|
||||||
then
|
then
|
||||||
# SHA256SUM CHECK
|
# SHA256SUM CHECK
|
||||||
CUR_HASH=$(sha256sum ${OUTPUT} | awk '{ print $1 }')
|
CUR_HASH=$(sha256sum --quiet --check ${OUTPUT}.crypt.hash)
|
||||||
if [ "${HASH}" != "${CUR_HASH}" ]
|
if [ $? != 0 ]
|
||||||
then
|
then
|
||||||
# NOK - Hash mismatch
|
# NOK - Hash mismatch
|
||||||
echo "CRITICAL - Hashes mismatching!"
|
echo "CRITICAL - Hashes mismatching!"
|
||||||
@ -66,8 +65,7 @@ case "$1" in
|
|||||||
else
|
else
|
||||||
# OK - safe to delete the original input file
|
# OK - safe to delete the original input file
|
||||||
echo "OK - Hashes matching, deleting input file"
|
echo "OK - Hashes matching, deleting input file"
|
||||||
rm -f ${INPUT}
|
rm -f ${INPUT} ${INPUT}.hash
|
||||||
mv ${OUTPUT} $(echo $OUTPUT | sed 's/\..*//')
|
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user