#!/bin/bash
# Author: F. Bischof (info@meer-web.nl)
# URL: https://github.com/Meer-Web/openssl_file_encryption
# Check for input file
if [ -n "$2" ]
then
INPUT=$2
if [ ! -e "$INPUT" ];
then
echo "Input file does not exist!"
exit 2
fi
else
echo "Usage: ./crypter.sh -[e/d] inputfile [--no-verify]";
exit 1
fi
# Check if algos are set
if [ ! -f ~/.crypter/.algos ]
then
mkdir -p ~/.crypter
echo "ALGOS=\"-des-ede3-cbc -pbkdf2\"" > ~/.crypter/.algos
fi
source ~/.crypter/.algos
# Check method
case "$1" in
"-e")
echo "Encrypting file ${INPUT}"
OUTPUT="${INPUT}.crypt"
HASH=$(sha256sum ${INPUT} > ${OUTPUT}.hash)
openssl enc ${ALGOS} -salt -in ${INPUT} -out ${OUTPUT}.temp > /dev/null 2>&1
base64 ${OUTPUT}.temp > ${OUTPUT}
rm -f ${OUTPUT}.temp
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
then
# OK - safe to delete the original input file
echo "OK - Deleting file ${INPUT}"
rm -f ${INPUT}
exit 0
else
# NOK - remove empty output file
echo "CRITICAL - Output file ${OUTPUT} is 0 bytes! Not removing the source file ${INPUT}"
rm -f ${OUTPUT} ${OUTPUT}.hash
exit 2
fi
;;
"-d")
echo "Decrypting file ${INPUT}";
OUTPUT=$(echo ${INPUT} | sed 's/\.crypt//')
base64 -d ${INPUT} > ${INPUT}.temp
openssl enc -d ${ALGOS} -in ${INPUT}.temp -out ${OUTPUT} > /dev/null 2>&1
rm -f ${INPUT}.temp
if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ]
then
if [ "$3" != '--no-verify' ]
then
# SHA256SUM CHECK
CUR_HASH=$(sha256sum --quiet --check ${OUTPUT}.crypt.hash)
if [ $? != 0 ]
then
# NOK - Hash mismatch
echo "CRITICAL - Hashes mismatching!"
rm -f ${OUTPUT}
exit 2
else
# OK - safe to delete the original input file
echo "OK - Hashes matching, deleting input file"
rm -f ${INPUT} ${INPUT}.hash
exit 0
fi
else
echo "Ignoring hash verify"
rm -f ${INPUT} ${INPUT}.hash
fi
else
# NOK - remove empty output file
echo "CRITICAL - Output file is 0 bytes! Not removing the input file"
rm -f ${OUTPUT}
exit 2
fi
exit 0
;;
*)
echo "Usage: ./crypter.sh -[e/d] [inputfile]";
exit 1
;;
esac
exit 3