-
Notifications
You must be signed in to change notification settings - Fork 35
/
cryptr.bash
executable file
·117 lines (99 loc) · 2.78 KB
/
cryptr.bash
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/usr/bin/env bash
###############################################################################
# Copyright 2024 Justin Keller
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
###############################################################################
set -eo pipefail; [[ $TRACE ]] && set -x
readonly VERSION="2.3.0"
readonly OPENSSL_CIPHER_TYPE="aes-256-cbc"
cryptr_version() {
echo "cryptr $VERSION"
}
cryptr_help() {
echo "Usage: cryptr command <command-specific-options>"
echo
cat<<EOF | column -c2 -t -s,
encrypt <file>, Encrypt file
decrypt <file.aes>, Decrypt encrypted file
help, Displays help
version, Displays the current version
EOF
echo
}
cryptr_encrypt() {
local _file="$1"
if [[ ! -f "$_file" ]]; then
echo "File not found" 1>&2
exit 4
fi
if [[ ! -z "${CRYPTR_PASSWORD}" ]]; then
echo "[notice] using environment variable CRYPTR_PASSWORD for the password"
openssl $OPENSSL_CIPHER_TYPE -salt -pbkdf2 -in "$_file" -out "${_file}.aes" -pass env:CRYPTR_PASSWORD
else
openssl $OPENSSL_CIPHER_TYPE -salt -pbkdf2 -in "$_file" -out "${_file}.aes"
fi
if [[ $? -eq 0 ]]; then
read -rp "do you want to delete the original file? (y/N): " confirm
if [[ "$confirm" =~ ^[Yy]$ ]]; then
echo "[notice] deleting the original file"
rm -f "$_file"
fi
else
echo "[error] encryption failed, original file not deleted" 1>&2
exit 6
fi
}
cryptr_decrypt() {
local _file="$1"
if [[ ! -f "$_file" ]]; then
echo "File not found" 1>&2
exit 5
fi
if [[ ! -z "${CRYPTR_PASSWORD}" ]]; then
echo "[notice] using environment variable CRYPTR_PASSWORD for the password"
openssl $OPENSSL_CIPHER_TYPE -d -salt -pbkdf2 -in "$_file" -out "${_file%\.aes}" -pass env:CRYPTR_PASSWORD
else
openssl $OPENSSL_CIPHER_TYPE -d -salt -pbkdf2 -in "$_file" -out "${_file%\.aes}"
fi
}
cryptr_main() {
local _command="$1"
if [[ -z $_command ]]; then
cryptr_version
echo
cryptr_help
exit 0
fi
shift 1
case "$_command" in
"encrypt")
cryptr_encrypt "$@"
;;
"decrypt")
cryptr_decrypt "$@"
;;
"version")
cryptr_version
;;
"help")
cryptr_help
;;
*)
cryptr_help 1>&2
exit 3
esac
}
if [[ "$0" == "$BASH_SOURCE" ]]; then
cryptr_main "$@"
fi