Created
December 10, 2018 00:12
-
-
Save timoha/06698549f59cb96ae9b4e8c46b9099d5 to your computer and use it in GitHub Desktop.
Script that uses public/private keys to exchange files on ipfs securely
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
keystore="~/.ipfs/crypt" | |
privkey="${keystore}/id_rsa" | |
pubkey="${privkey}.pub" | |
mkdir -p "${keystore}" | |
sub_genkey() { | |
test -f "${privkey}" || openssl genrsa -out "${privkey}" 4096 | |
openssl rsa -in "${privkey}" -out "${pubkey}" -pubout | |
ipfs add "${pubkey}" | |
} | |
sub_add() { | |
pass=$(openssl rand -base64 32) | |
file_hash=$(openssl aes-256-cbc -salt -in $2 -pass pass:"${pass}" | ipfs add -q) | |
echo "${pass} ${file_hash}" | openssl rsautl -encrypt -pubin -inkey <(ipfs cat $1) | ipfs add | |
} | |
sub_get() { | |
read pass file_hash <<< $(ipfs cat $1 | openssl rsautl -decrypt -inkey "${privkey}") | |
ipfs get -o "${file_hash}.enc" $file_hash | |
openssl aes-256-cbc -d -in "${file_hash}.enc" -out $1 -pass pass:"${pass}" | |
rm "${file_hash}.enc" | |
echo "Saved file as ${1}" | |
} | |
sub_help(){ | |
echo "Usage: crypt-ipfs <subcommand> [options]\n" | |
echo "Subcommands:" | |
echo " genkey Generate private/public key pair and publish public key" | |
echo " add <public key hash> <path/to/file> Add file to ipfs encrypted with pubic key in ipfs" | |
echo " get <hash> Get file and decrypt with private key" | |
echo "" | |
} | |
subcommand=$1 | |
case $subcommand in | |
"" | "-h" | "--help") | |
sub_help | |
;; | |
*) | |
shift | |
sub_${subcommand} $@ | |
if [ $? = 127 ]; then | |
echo "Error: '$subcommand' is not a known subcommand." >&2 | |
echo " Run 'crypt-ipfs --help' for a list of known subcommands." >&2 | |
exit 1 | |
fi | |
;; | |
esac |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment