#!/bin/bash # Author: F. Bischof (info@meer-web.nl) # URL: https://github.com/Meer-Web/openssl_file_encryption # Check for input file if [ -n "$2" ] then INPUT=$2 if [ ! -e "$INPUT" ]; then echo "Input file does not exist!" exit 2 fi else echo "Usage: ./crypter.sh -[e/d] inputfile [--no-verify]"; exit 1 fi # Check if algos are set if [ ! -f ~/.crypter/.algos ] then mkdir -p ~/.crypter echo "ALGOS=\"-des-ede3-cbc -pbkdf2\"" > ~/.crypter/.algos fi source ~/.crypter/.algos # Check method case "$1" in "-e") echo "Encrypting file ${INPUT}" OUTPUT="${INPUT}.crypt" HASH=$(sha256sum ${INPUT} > ${OUTPUT}.hash) openssl enc ${ALGOS} -salt -in ${INPUT} -out ${OUTPUT}.temp > /dev/null 2>&1 base64 ${OUTPUT}.temp > ${OUTPUT} rm -f ${OUTPUT}.temp if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ] then # OK - safe to delete the original input file echo "OK - Deleting file ${INPUT}" rm -f ${INPUT} exit 0 else # NOK - remove empty output file echo "CRITICAL - Output file ${OUTPUT} is 0 bytes! Not removing the source file ${INPUT}" rm -f ${OUTPUT} ${OUTPUT}.hash exit 2 fi ;; "-d") echo "Decrypting file ${INPUT}"; OUTPUT=$(echo ${INPUT} | sed 's/\.crypt//') base64 -d ${INPUT} > ${INPUT}.temp openssl enc -d ${ALGOS} -in ${INPUT}.temp -out ${OUTPUT} > /dev/null 2>&1 rm -f ${INPUT}.temp if [ "`stat ${OUTPUT} | grep Size | awk '{ print $2}'`" != 0 ] then if [ "$3" != '--no-verify' ] then # SHA256SUM CHECK CUR_HASH=$(sha256sum --quiet --check ${OUTPUT}.crypt.hash) if [ $? != 0 ] then # NOK - Hash mismatch echo "CRITICAL - Hashes mismatching!" rm -f ${OUTPUT} exit 2 else # OK - safe to delete the original input file echo "OK - Hashes matching, deleting input file" rm -f ${INPUT} ${INPUT}.hash exit 0 fi else echo "Ignoring hash verify" rm -f ${INPUT} ${INPUT}.hash fi else # NOK - remove empty output file echo "CRITICAL - Output file is 0 bytes! Not removing the input file" rm -f ${OUTPUT} exit 2 fi exit 0 ;; *) echo "Usage: ./crypter.sh -[e/d] [inputfile]"; exit 1 ;; esac exit 3