LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Blogs > anomie
User Name
Password

Notices



Rate this Entry

Quick-and-dirty symmetric encryption

Posted 01-27-2011 at 11:53 PM by anomie

Nothing earth shattering here. Just a quick automation utility I put together using the venerable openssl.

The wrapper script does a couple sanity checks, and saves you from having to remember command options for enc(1). You can change _cipher to suit your tastes / baked-in support.

Code:
#!/bin/sh

# $Id: encrypt,v 1.3 2011/01/28 04:38:22 anomie $

# NOTE -
# Save this script in your users' PATH as
#       "encrypt"
# and create a symlink (or hard link) to it called
#       "decrypt"
#
# The script behaves according to the name it is invoked as. 


PATH=/bin:/usr/bin

# -------------------------------------------------------------------- #
# Variable assignments
# -------------------------------------------------------------------- #

_cipher=aes256


# -------------------------------------------------------------------- #
# Functions
# -------------------------------------------------------------------- #

infile_check() {

  if [ -z "${_infile}" ] ; then

    echo "Usage: ${0} input-file"
    exit 1

  fi

  if [ ! -f "${_infile}" ] || [ ! -r "${_infile}" ] ; then

    echo "To perform this operation, the input file:"
    echo "  1) must exist"
    echo "  2) must be a regular file;"
    echo "  3) and - you must have read access to it"
    exit 1

  fi

}

encrypt_file() {

  infile_check

  _outfile="$(basename ${_infile}).enc"

  if [ -e "${_outfile}" ] ; then

    echo "Error: ${_outfile} already exists"
    exit 1

  fi

  echo "Ready to encrypt ${_infile} using ${_cipher} cipher..." 

  openssl enc -${_cipher} -salt -in "${_infile}" \
      -out "${_outfile}" -e -a

  if [ ${?} -ne 0 ] ; then

    echo "Error: openssl reported a problem"
    exit 1

  fi

  echo "Encrypted output file is ${_outfile}"

}

decrypt_file() {

  infile_check 

  _outfile=$( basename "${_infile}" | sed 's/\.enc$//' )

  if [ "${_infile}" = "${_outfile}" ] ; then

    echo "Error: I only decrypt files with .enc extension"
    exit 1

  fi

  if [ -e "${_outfile}" ] ; then

    echo "Error: ${_outfile} already exists"
    exit 1

  fi

  echo "Ready to decrypt ${_infile} using ${_cipher} cipher..." 

  openssl enc -${_cipher} -in "${_infile}" \
      -out "${_outfile}" -d -a

  if [ ${?} -ne 0 ] ; then

    echo "Error: openssl reported a problem"
    exit 1

  fi

  echo "Decrypted output file is ${_outfile}"

}


# -------------------------------------------------------------------- #
# Main logic
# -------------------------------------------------------------------- #

_infile="${1}"

case "$(basename ${0})" in

  "encrypt" ) encrypt_file 
              ;;
  "decrypt" ) decrypt_file 
              ;;
  *         ) echo "Hmm, you invoked me as ${0}"
              echo "I expect to be invoked as 'encrypt' or 'decrypt'"
              exit 1
              ;; 
esac

exit 0
Posted in Uncategorized
Views 743 Comments 0
« Prev     Main     Next »

  



All times are GMT -5. The time now is 04:03 PM.

Main Menu
Advertisement

Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration