Skip to content

Instantly share code, notes, and snippets.

@targzeta targzeta/dencrypt.sh
Last active Oct 15, 2019

Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Encrypting/Decrypting a file with openssl and AES-CBC (256 bits) algorithm
Raw
dencrypt.sh
#!/bin/bash
# Copyright (C) 2013 Emanuele Tomasi <targzeta@gmail.com>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Encrypting/Descrypting a file with openssl and AES-CBC (256 bits) algorithm.
# -h help
SCRIPT_NAME=${0##*/}
SCRIPT_AUTHOR="Emanuele Tomasi <targzeta@gmail.com>"
#############
# FUNCTIONS #
#############
function _exit
{
echo -e "${SCRIPT_NAME}: ${1}"
exit $2
}
function _help
{
cat <<EOF
Use: ${SCRIPT_NAME} [-d | -c] filename
Encrpyts/decrypts a file with openssl and AES-CBC (256 bits) algorithm.
Options:
-e force ecrypting.
-d force decrypting.
-h display this help and exit.
by ${SCRIPT_AUTHOR}"
EOF
}
function _check_extern_programs
{
local error=0
local string_error
if ! which --version >&/dev/null
then
error=1
string_error="which : command not founds.\n";
else
for progr in $@
do
if ! which $progr >& /dev/null
then
error=1
string_error=${string_error}"${progr} : command not founds.\n"
fi
done
fi
if (( $error ))
then
_exit "You need to install these commands:\n$string_error" 1
fi
}
function _encrypt_file()
{
local _original_file="$1"
local _key=$2
local _new_file="${_original_file}.enc"
echo "Encrypting ${_original_file}..."
openssl aes-256-cbc -pbkdf2 -k ${_key} -in "${_original_file}" -out "${_new_file}"
# Removing original file.
[ $? -eq 0 ] && rm "$_original_file"
}
function _decrypt_file()
{
local _original_file="$1"
local _key=$2
local _new_file="${_original_file%.enc}"
echo "Decrypting ${_original_file}..."
openssl aes-256-cbc -d -pbkdf2 -k ${_key} -in "${_original_file}" -out "${_new_file}"
# Removing original file.
if [ $? -eq 0 ]
then
rm "$_original_file"
else
rm "$_new_file"
fi
}
# Ensuring bash variables and builtin functions
IFS=$'\n\t '
enable getopts echo exit
################
# COMMAND LINE #
################
_ENCRYPT=0
_DECRYPT=0
while getopts :hcd opzione
do
case $opzione in
c) _ENCRYPT=1
;;
d) _DECRYPT=1
;;
h) _help
exit
;;
?) _exit "-${OPTARG} : not valid argument." 1
;;
esac
done
shift $((OPTIND-1))
##########
# CHECKS #
##########
_FILE="$1"
_FILE_EXT="${_FILE##*.}"
_FILE_IS_ENCRYPTED=0
# Sanity check 1: the file argument
[ -z "${_FILE}" ] && _exit "missing argument. ${SCRIPT_NAME} -h for help." 1
[ ! -f "$_FILE" ] && _exit "${_FILE}: file not founds!" 1
[ $_FILE_EXT == 'enc' ] && _FILE_IS_ENCRYPTED=1
# Sanity check 2: options
[ $_ENCRYPT -eq 1 -a $_DECRYPT -eq 1 ] &&\
_exit "only one between -c or -d must be set." 1
# Sanity check 3: decrypting and file extension
[ $_DECRYPT -eq 1 -a $_FILE_IS_ENCRYPTED -eq 0 ] && \
_exit "\"${_FILE}\", the encrypted filename must end with \".enc\"." 1
# Sanity check 4: external programs
_check_extern_programs openssl
####################################
# AUTO DISCOVER WHAT WE HAVE TO DO #
####################################
# What have to do? Encrpyt or Decrypt?
if [ $_ENCRYPT -eq 0 -a $_DECRYPT -eq 0 ]
then
if [ $_FILE_IS_ENCRYPTED -eq 1 ]
then
_DECRYPT=1
else
_ENCRYPT=1
fi
fi
########
# MAIN #
########
read -sp 'Password: ' _KEY
echo
if [ $_ENCRYPT -eq 1 ]
then
_encrypt_file "$_FILE" $_KEY
else
_decrypt_file "$_FILE" $_KEY
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.