Last active
January 31, 2017 06:59
-
-
Save pachanka/0dd7a390aaab2d66f1ba to your computer and use it in GitHub Desktop.
Encrypts a text file and optionally a symetric copy.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # encrypt-with-gpg | |
| # | |
| usage="$0 recipient path/to/plaintext/file.txt" | |
| if [ ! $# -eq 0 ] ; then | |
| if [ -z "$1" ] ; then | |
| echo "ERROR: The recipient must be provided, something like \"abc@lmn.xyz\"." | |
| echo "Try \"gpg --list-keys\" to check what public keys you have." | |
| echo "Usage:" | |
| echo "$usage" | |
| exit 1 | |
| fi | |
| if [ -z "$2" ] ; then | |
| echo "ERROR: The path to the text file must be provided." | |
| echo "Usage:" | |
| echo "$usage" | |
| exit 1 | |
| fi | |
| if ! type gpg > /dev/null ; then | |
| # gpg is not present in PATH | |
| error=0 | |
| echo "ERROR: gpg is not installed. Please install gpg first." | |
| exit 1 | |
| fi | |
| recipient=$1 | |
| file=$2 | |
| filename=$(basename "$file") | |
| error=1 | |
| gpg --list-secret-keys | |
| read -r -p "Enter the key ID to use: " GPGID | |
| if [ $error -eq 1 ] ; then | |
| read -rsp "Enter passphrase: " PASSPHRASE | |
| # Encrypted Copy | |
| # --force-mdc is for forcing the intecrity check, aes256 does this anyway, but meh. | |
| echo "" | |
| read -r -p "Save an ecrypted copy as $filename.sym.asc? (y/n) : " choice | |
| # TODO save Secret key to use with the file encription next | |
| case "$choice" in | |
| y|Y ) echo "$PASSPHRASE" | gpg -u "$GPGID" --passphrase-fd 0 --output "$file".sym.asc --armor --cipher-algo AES256 --sign --force-mdc --symmetric "$file";; | |
| * ) echo "Ok, no copy then." ;; | |
| esac | |
| echo "" | |
| echo "Saving as:" | |
| echo "$filename.asc" | |
| # Always use --armor (the --PGP MESSAGE-- bit) and sign the message so people know its you. | |
| echo "$PASSPHRASE" | gpg -u "$GPGID" --passphrase-fd 0 --output "$file".asc --armor --cipher-algo AES256 --sign --encrypt --recipient "$recipient" "$file" | |
| echo "" | |
| REMOVE=false | |
| read -r -p "Delete $filename? (y/n) : " choice | |
| case "$choice" in | |
| y|Y ) REMOVE=true;; | |
| * ) echo "$filename not deleted.";; | |
| esac | |
| if [[ "$REMOVE" = true ]]; then | |
| if ! type shred > /dev/null ; then | |
| rm "$file" | |
| else | |
| # shred is present in PATH | |
| shred "$file" && rm "$file" | |
| fi | |
| fi | |
| echo "" | |
| echo "Done." | |
| exit 1 | |
| fi | |
| else | |
| echo "Usage:" | |
| echo "$usage" | |
| exit 1 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment