Quick-and-dirty symmetric encryption
Posted 01-27-2011 at 10:53 PM by anomie
Nothing earth shattering here. Just a quick automation utility I put together using the venerable openssl.
The wrapper script does a couple sanity checks, and saves you from having to remember command options for enc(1). You can change _cipher to suit your tastes / baked-in support.
The wrapper script does a couple sanity checks, and saves you from having to remember command options for enc(1). You can change _cipher to suit your tastes / baked-in support.
Code:
#!/bin/sh # $Id: encrypt,v 1.3 2011/01/28 04:38:22 anomie $ # NOTE - # Save this script in your users' PATH as # "encrypt" # and create a symlink (or hard link) to it called # "decrypt" # # The script behaves according to the name it is invoked as. PATH=/bin:/usr/bin # -------------------------------------------------------------------- # # Variable assignments # -------------------------------------------------------------------- # _cipher=aes256 # -------------------------------------------------------------------- # # Functions # -------------------------------------------------------------------- # infile_check() { if [ -z "${_infile}" ] ; then echo "Usage: ${0} input-file" exit 1 fi if [ ! -f "${_infile}" ] || [ ! -r "${_infile}" ] ; then echo "To perform this operation, the input file:" echo " 1) must exist" echo " 2) must be a regular file;" echo " 3) and - you must have read access to it" exit 1 fi } encrypt_file() { infile_check _outfile="$(basename ${_infile}).enc" if [ -e "${_outfile}" ] ; then echo "Error: ${_outfile} already exists" exit 1 fi echo "Ready to encrypt ${_infile} using ${_cipher} cipher..." openssl enc -${_cipher} -salt -in "${_infile}" \ -out "${_outfile}" -e -a if [ ${?} -ne 0 ] ; then echo "Error: openssl reported a problem" exit 1 fi echo "Encrypted output file is ${_outfile}" } decrypt_file() { infile_check _outfile=$( basename "${_infile}" | sed 's/\.enc$//' ) if [ "${_infile}" = "${_outfile}" ] ; then echo "Error: I only decrypt files with .enc extension" exit 1 fi if [ -e "${_outfile}" ] ; then echo "Error: ${_outfile} already exists" exit 1 fi echo "Ready to decrypt ${_infile} using ${_cipher} cipher..." openssl enc -${_cipher} -in "${_infile}" \ -out "${_outfile}" -d -a if [ ${?} -ne 0 ] ; then echo "Error: openssl reported a problem" exit 1 fi echo "Decrypted output file is ${_outfile}" } # -------------------------------------------------------------------- # # Main logic # -------------------------------------------------------------------- # _infile="${1}" case "$(basename ${0})" in "encrypt" ) encrypt_file ;; "decrypt" ) decrypt_file ;; * ) echo "Hmm, you invoked me as ${0}" echo "I expect to be invoked as 'encrypt' or 'decrypt'" exit 1 ;; esac exit 0