Last active
August 29, 2015 14:28
-
-
Save brianddk/a22febdca28f79ad58b0 to your computer and use it in GitHub Desktop.
OpenSSL encryption
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# [rights] Copyright Dan B. (brianddk) 2015 https://github.com/brianddk | |
# [license] Licensed under Apache 2.0 https://www.apache.org/licenses/LICENSE-2.0 | |
# [repo] https://gist.github.com/brianddk/a22febdca28f79ad58b0 | |
# [tips] 18MDTTiqPM8ZEo29Cig1wfGdkLNtvyorW5 | |
#Globals | |
scriptName="decFile.sh" | |
repoURL="https://gist.github.com/brianddk/a22febdca28f79ad58b0" | |
scriptURL="${repoURL}/raw/${scriptName}" | |
algo="" | |
fileData="" | |
recipient= | |
bgnKey="-----BEGIN ENCRYPTED KEY-----" | |
bgnMsg="-----BEGIN MESSAGE-----" | |
endMsg="-----END MESSAGE-----" | |
function loadFile { | |
fileData=$(< $fileName) | |
} | |
function readMessage { | |
echo "$fileData" | sed -ne "/$bgnMsg/,/$endMsg/p" | |
} | |
function readKey { | |
echo "$fileData" | sed -ne "/$bgnKey/,/$bgnMsg/p" | |
} | |
function decKey { | |
privKey=$1 | |
openssl enc -a -d -in <(readKey) | openssl rsautl -decrypt -inkey $privKey | |
} | |
function decoderTo { | |
openssl enc -a -d | openssl enc -${algo} -d -pass file:<(decKey $recipient) | gzip -d | |
} | |
function decoderPw { | |
openssl enc -a -d | openssl enc -${algo} -d | gzip -d | |
} | |
function decrypt | |
{ | |
if [[ -n $recipient ]]; then | |
readMessage | decoderTo | |
else | |
readMessage | decoderPw | |
fi | |
} | |
function readAlgo | |
{ | |
if [[ -z $algo ]]; then | |
algo=$(grep "\-SymAlgo:" $fileName | sed -ne "s#.*'\(.*\)'.*#\1#p") | |
fi | |
} | |
function readRecipient | |
{ | |
if [[ -z $recipient ]]; then | |
recipient=$(grep "\-Recipient:" msg.txt.enc | sed -ne "s#.*'\(.*\)'.*#.\1#p" | sed -ne "s#\.pub\.#\.priv\.#p") | |
fi | |
} | |
while getopts ":f:r:h" opt; do | |
case $opt in | |
f) | |
fileName=$OPTARG | |
if [[ ! -f $fileName ]]; then | |
echo "File $fileName not found!" >&2 | |
exit 2 | |
fi | |
;; | |
r) | |
recipient=$OPTARG | |
if [[ ! -f $recipient ]]; then | |
echo "File $recipient not found!" >&2 | |
exit 3 | |
fi | |
;; | |
h) | |
echo "Usage: $0 [OPTION]" | |
echo "" | |
echo "Options:" | |
echo " -f FILE File to operate on" | |
echo " -r KEY Recipient's key to decrypt with" | |
echo " -h Display this help" | |
exit 0 | |
;; | |
\?) | |
echo "Invalid option: -$OPTARG" >&2 | |
echo "Try '$0 -h' for more information." >&2 | |
exit 1 | |
;; | |
esac | |
done | |
if [[ -n $fileName ]]; then | |
loadFile | |
readRecipient | |
if [[ -n $recipient ]] && [[ ! -f $recipient ]]; then | |
echo "File $recipient not found!" >&2 | |
exit 4 | |
fi | |
readAlgo | |
decrypt | |
else | |
echo "File to encrypt required" >&2 | |
echo "Try '$0 -h' for more information." >&2 | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# [rights] Copyright Dan B. (brianddk) 2015 https://github.com/brianddk | |
# [license] Licensed under Apache 2.0 https://www.apache.org/licenses/LICENSE-2.0 | |
# [repo] https://gist.github.com/brianddk/a22febdca28f79ad58b0 | |
# [tips] 18MDTTiqPM8ZEo29Cig1wfGdkLNtvyorW5 | |
#Globals | |
scriptName="encFile.sh" | |
repoURL="https://gist.github.com/brianddk/a22febdca28f79ad58b0" | |
scriptURL="${repoURL}/raw/${scriptName}" | |
algo="aes-256-cbc" | |
key="" | |
bgnKey="-----BEGIN ENCRYPTED KEY-----" | |
bgnMsg="-----BEGIN MESSAGE-----" | |
endMsg="-----END MESSAGE-----" | |
function mkFileHeader | |
{ | |
echo "-Script: Created from ${scriptName}" | |
echo "-Download: To download type 'curl -O ${scriptURL}'" | |
echo "-Source: View repository source @ ${repoURL}" | |
echo "-SymAlgo: Using symmetric algorithm '${algo}'" | |
if [[ -n $recipient ]]; then | |
echo "-Recipient: Encoded to recipient '${recipient}'" | |
fi | |
echo "" | |
} | |
function setKey { | |
if [[ -z $key ]]; then | |
key=$(openssl rand 32) | |
fi | |
} | |
function getKey { | |
echo -n "$key" | |
} | |
function encKey { | |
pubKey=$1 | |
openssl rsautl -encrypt -inkey $pubKey -pubin -in <(getKey) | openssl enc -a | |
} | |
function encodeTo { | |
gzip -f | openssl enc -${algo} -salt -pass file:<(getKey) | openssl enc -a | |
} | |
function encodePw { | |
gzip -f | openssl enc -${algo} -salt | openssl enc -a | |
} | |
function encryptTo { | |
pubKey=$1 | |
mkFileHeader | |
echo "$bgnKey" | |
encKey $pubKey | |
echo -e "\n$bgnMsg" | |
cat | encodeTo | |
echo "$endMsg" | |
} | |
function encryptPw { | |
mkFileHeader | |
echo "$bgnMsg" | |
cat | encodePw | |
echo "$endMsg" | |
} | |
while getopts ":f:r:h" opt; do | |
case $opt in | |
f) | |
fileName=$OPTARG | |
if [[ ! -f $fileName ]]; then | |
echo "File $fileName not found!" >&2 | |
exit 2 | |
fi | |
;; | |
r) | |
recipient=$OPTARG | |
if [[ ! -f $recipient ]]; then | |
echo "File $recipient not found!" >&2 | |
exit 3 | |
fi | |
;; | |
h) | |
echo "Usage: $0 [OPTION]" | |
echo "" | |
echo "Options:" | |
echo " -f FILE File to operate on" | |
echo " -r KEY Recipient's key to encrypt to" | |
echo " -h Display this help" | |
exit 0 | |
;; | |
\?) | |
echo "Invalid option: -$OPTARG" >&2 | |
echo "Try '$0 -h' for more information." >&2 | |
exit 1 | |
;; | |
esac | |
done | |
if [[ -z $fileName ]]; then | |
echo "File to encrypt required" >&2 | |
echo "Try '$0 -h' for more information." >&2 | |
fi | |
if [[ -n $recipient ]] && [[ -n $fileName ]]; then | |
setKey | |
cat $fileName | encryptTo $recipient > "$fileName.enc" | |
fi | |
if [[ -z $recipient ]] && [[ -n $fileName ]]; then | |
cat $fileName | encryptPw > "$fileName.enc" | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# [rights] Copyright Dan B. (brianddk) 2015 https://github.com/brianddk | |
# [license] Licensed under Apache 2.0 https://www.apache.org/licenses/LICENSE-2.0 | |
# [repo] https://gist.github.com/brianddk/a22febdca28f79ad58b0 | |
# [tips] 18MDTTiqPM8ZEo29Cig1wfGdkLNtvyorW5 | |
#Globals | |
scriptName="mkKeys.sh" | |
repoURL="https://gist.github.com/brianddk/a22febdca28f79ad58b0" | |
scriptURL="${repoURL}/raw/${scriptName}" | |
rsaBits=2048 | |
function mkFileHeader | |
{ | |
echo "-Script: Created from ${scriptName}" | |
echo "-Download: To download type 'curl -O ${scriptURL}'" | |
echo "-Source: View repository source @ ${repoURL}" | |
echo "-KeyType: ${rsaBits} bit RSA key" | |
echo "-KeyName: Key file for '${rootName}'" | |
echo "" | |
} | |
function mkKeyPair | |
{ | |
privKeyFile=$1 | |
pubKeyFile=$2 | |
mkFileHeader > $privKeyFile | |
openssl genrsa $rsaBits >> $privKeyFile | |
mkFileHeader > $pubKeyFile | |
openssl rsa -in $privKeyFile -pubout >> $pubKeyFile | |
} | |
while getopts ":n:h" opt; do | |
case $opt in | |
n) | |
rootPath=$(dirname $OPTARG) | |
rootName=$(basename $OPTARG) | |
mkKeyPair "${rootPath}/.${rootName}.priv.key" "${rootPath}/${rootName}.pub.key" | |
;; | |
h) | |
echo "Usage: $0 [OPTION]" | |
echo "" | |
echo "Options:" | |
echo " -n NAME Name to make the Key with" | |
echo " -h Display this help" | |
;; | |
\?) | |
echo "Invalid option: -$OPTARG" >&2 | |
echo "Try '$0 -h' for more information." >&2 | |
exit 1 | |
;; | |
esac | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment