dev #2
@ -6,5 +6,7 @@ Script to encrypt and decrypt files easily using openssl
|
||||
-e for encrypt
|
||||
-d for decrypt
|
||||
## Additional info
|
||||
Uses des-ede3-cbc pbkdf2 with salt by default but can be configured in the ~/.crypter/.keys file.\
|
||||
Files are converted using base64 encoding.
|
||||
Uses des-ede3-cbc pbkdf2 with salt by default but can be configured in the ~/.crypter/.algos file.\
|
||||
Files are converted using base64 encoding.\
|
||||
|
||||
Files hash is checked uppon decrypting
|
||||
|
38
crypter.sh
38
crypter.sh
@ -16,20 +16,21 @@ else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if keys are set
|
||||
if [ ! -f ~/.crypter/.keys ]
|
||||
# Check if algos are set
|
||||
if [ ! -f ~/.crypter/.algos ]
|
||||
then
|
||||
mkdir -p ~/.crypter
|
||||
echo "KEYS=\"-des-ede3-cbc -pbkdf2\"" > ~/.crypter/.keys
|
||||
echo "ALGOS=\"-des-ede3-cbc -pbkdf2\"" > ~/.crypter/.algos
|
||||
fi
|
||||
source ~/.crypter/.keys
|
||||
source ~/.crypter/.algos
|
||||
|
||||
# Check method
|
||||
case "$1" in
|
||||
"-e")
|
||||
echo "Encrypting file ${INPUT}"
|
||||
OUTPUT="${INPUT}.crypto"
|
||||
openssl enc $KEYS -salt -in ${INPUT} -out ${OUTPUT}.temp
|
||||
HASH=$(sha256sum $INPUT | awk '{ print $1 }')
|
||||
OUTPUT="${INPUT}.${HASH}.crypto"
|
||||
openssl enc $ALGOS -salt -in ${INPUT} -out ${OUTPUT}.temp
|
||||
base64 ${OUTPUT}.temp > ${OUTPUT}
|
||||
rm -f ${OUTPUT}.temp
|
||||
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
|
||||
@ -47,18 +48,31 @@ case "$1" in
|
||||
;;
|
||||
"-d")
|
||||
echo "Decrypting file ${INPUT}";
|
||||
OUTPUT="`echo $INPUT | sed 's/\.crypto//'`" #Tim of the last extension in future update"
|
||||
OUTPUT=$(echo $INPUT | sed 's/\.crypto//')
|
||||
HASH=$(echo $OUTPUT | sed 's/^.*\.//')
|
||||
base64 -d ${INPUT} > ${INPUT}.temp
|
||||
openssl enc -d $KEYS -in ${INPUT}.temp -out ${OUTPUT}
|
||||
openssl enc -d $ALGOS -in ${INPUT}.temp -out ${OUTPUT}
|
||||
rm -f ${INPUT}.temp
|
||||
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
|
||||
then
|
||||
# OK - safe to delete the original input file
|
||||
echo "OK - Deleting file ${INPUT}"
|
||||
rm -f ${INPUT}
|
||||
# SHA256SUM CHECK
|
||||
CUR_HASH=$(sha256sum ${OUTPUT} | awk '{ print $1 }')
|
||||
if [ "${HASH}" != "${CUR_HASH}" ]
|
||||
then
|
||||
# NOK - Hash mismatch
|
||||
echo "CRITICAL - Hashes mismatching!"
|
||||
rm -f ${OUTPUT}
|
||||
exit 2
|
||||
else
|
||||
# OK - safe to delete the original input file
|
||||
echo "OK - Hashes matching, deleting input file"
|
||||
rm -f ${INPUT}
|
||||
mv ${OUTPUT} $(echo $OUTPUT | sed 's/\..*//')
|
||||
exit 0
|
||||
fi
|
||||
else
|
||||
# NOK - remove empty output file
|
||||
echo "CRITICAL - Output file ${OUTPUT} is 0 bytes! Not removing the source file ${INPUT}"
|
||||
echo "CRITICAL - Output file is 0 bytes! Not removing the input file"
|
||||
rm -f ${OUTPUT}
|
||||
exit 2
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user