Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
ap42:secrets user$ cat test
USERNAME=zerocool
PASSWORD=crash_override
ap42:secrets user$ ./secret.sh test
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
ap42:secrets user$ ls
secret.sh test.enc
ap42:secrets user$ cat test.enc
U2FsdGVkX181vM9+ukx21/sq9LnRy78bQ7dYu7q71mGukcDAqpJ3v+cUjeWUjqsC
gRpELQfQWTTj6GI5l9PIHA==
ap42:secrets user$ echo $USERNAME $PASSWORD
ap42:secrets user$ source ./secret.sh test.enc
enter aes-256-cbc decryption password:
USERNAME
PASSWORD
ap42:secrets user$ echo $USERNAME $PASSWORD
zerocool crash_override
ap42:secrets user$
#!/usr/bin/env bash
set -euo pipefail
# you need to run this with source ./secret.sh
file=$1
if [[ ${file} =~ \.enc$ ]]; then
#decrypting
throw_away=()
while IFS= read -r line; do
throw_away+=( "$line" )
done < <( openssl aes-256-cbc -d -a -in ${file} )
for each in "${throw_away[@]}"
do
export $each
echo $(echo $each | cut -f1 -d"=")
done
else
openssl aes-256-cbc -a -salt -in ${file} -out ${file}.enc
filestats=( $( ls -Lon "${file}" ) ) # to get size
dd if=/dev/urandom of=${file} bs=${filestats[3]} count=1 &>/dev/null
rm ${file}
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.