Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## Slightly updated, by adding some comments.
- ## Last time I created this, I was truly just copying and pasting 'a quickie'. :-D
- crypto()
- {
- clear
- if [[ -x "$(which openssl)" ]] && [[ -x "$(which gpg)" ]]
- then
- if [ -z "$2" ]; then
- echo -e ${Yellow}"\tError: Providing a filename is MANDATORY!"${Nc}
- echo -e ${Blue}"\tPlease choose a valid option!\n${Yellow}\tUsage:"${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--encrypt"${Nc}","${Cyan}"-e"${Nc}"}\t${Blue} Your-file "${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--decrypt"${Nc}","${Cyan}"-d"${Nc}"}\t${Blue} Your-file.aes "${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--sign"${Nc}","${Cyan}"-s"${Nc}"}\t${Blue} Your-file "${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--verify"${Nc}","${Cyan}"-v"${Nc}"}\t${Blue} Your-file.asc "${Nc}
- elif [ -d "$2" ]; then
- echo -e ${Yellow}"\tError: File is a directory!"${Nc}
- else
- case "$1" in
- # head -c 48 /dev/urandom | openssl enc -base64 # <- For better entropy.
- ## All are alternatives to the one above.
- # echo "Password"| openssl dgst -whirlpool|awk -F '= ' '{print $2}'
- # echo "Password"| openssl dgst -whirlpool|awk -F '= ' '{print $2}'|base64 -w0
- # cat text.txt| openssl dgst -whirlpool|awk -F '= ' '{print $2}'
- ## Default cipher.
- # aes-256-cbc
- "--encrypt" | "-e")
- ## Create a good strong pass{phrase,word} and store it in a 'hidden' file.
- ## The goal would be to pass along your message over one channel. E.g.: email
- ## And your $passphrase over another. E.g.: text
- #
- ## Or use openpgp http://www.openpgp.org/
- ## Also take a look here: http://ubuntuforums.org/showthread.php?t=939545
- head -c 48 /dev/urandom | openssl enc -base64 > ."${2%.*}".txt
- ## Define it, so openssl knows where to look.
- passphrase="file://"$PWD"/."${2%.*}".txt"
- ## Now encrypt your file/any file with the aforementioned $passphrase.
- ## Its output will be a 'readable' text file.
- #
- ## Here I use the camellia cipher, but you are free to choose another of course!
- ## http://www.madboa.com/geek/openssl/
- openssl camellia-256-cbc -a -e -salt -in "$2" -out "$2".aes -pass "$passphrase"
- ## Also have a look at 'ccrypt' : http://ccrypt.sourceforge.net/
- ## Make it 'read only', sending it to someone over mail, should fix the perms.
- chmod 400 "$2".aes
- ## This file should only have +rw perms for the owner.
- ## PS: Do NOT rename this file!
- chmod 600 "${passphrase/file:\/\//}"
- ## Optional!
- ## Just remember, if you lose your $passphrase, then it's GONE 4ever!
- \rm "$2"
- ## There's no need to 'export' or to make it available to your env.
- unset passphrase
- ;;
- "--decrypt" | "-d")
- pfile=""$PWD"/."${2%.*.aes}".txt"
- if [[ -e "$pfile" ]];then
- passphrase="file://"$PWD"/."${2%.*.aes}".txt"
- openssl camellia-256-cbc -a -d -salt -in "$2" -out "${2%.aes}" -pass "$passphrase"
- chmod 600 "${2%.aes}"
- unset passphrase
- else
- echo -e ${Yellow}"\tYou sure you got the right key?"${Nc}
- fi
- ;;
- "--sign" | "-s")
- ## to sign (-s):
- echo -e ${Cyan}"\tgpg -a --detach-sign \""$2"\""${Nc}
- gpg -a --detach-sign "$2"
- ;;
- "--verify" | "-v")
- ## to verify (-v):
- echo -e ${Cyan}"\tgpg --verify \""$2"\" \"${2%.asc}\""${Nc}
- gpg --verify "$2" "${2%.asc}"
- ;;
- *)
- echo -e ${Blue}"\tPlease choose a valid option!\n${Yellow}\tUsage:"${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--encrypt"${Nc}","${Cyan}"-e"${Nc}"}\t${Blue} Your-file "${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--decrypt"${Nc}","${Cyan}"-d"${Nc}"}\t${Blue} Your-file.aes "${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--sign"${Nc}","${Cyan}"-s"${Nc}"}\t${Blue} Your-file "${Nc}
- echo -e ${Cyan}"\tcrypto"${Nc}" {"${Cyan}"--verify"${Nc}","${Cyan}"-v"${Nc}"}\t${Blue} Your-file.asc "${Nc}
- ;;
- esac
- fi
- fi
- }
Add Comment
Please, Sign In to add comment