#!/bin/bash # echo -e "tutu" | gpg --batch --passphrase-fd 0 -c gags.txt function help () { echo "Usage: $(basename $0) [-rhv] [-p password] entryfile1 [entryfile2...]" echo " -k use asymetric coding to self" echo " -p password give password on command line" echo " -e pwentry give name of pwsafe entry" echo " -r recurse into subdirs" echo " -l log password in system log - USE WITH EXTREME CARE" echo " -v verbose, more comments displayed" echo " -h this help" echo " Encodes files and directories given as arguments using gpg symetric encoding." # echo " a copy of encoded file is kept on a temp name for security" echo " Files to encode must not begin with _" echo " A '_' character is prepended to the encoded file's name." echo " Without args, encodes all non crypted files in current directory using \$PWENTRY_DEF as entry." } function encrypt () { # echo "Checkin in $name" # ci -d -l -t-$name -mlogout-$(date +%Y-%m-%d-%H-%M) $name echo "Encrypting $name" entryfile=$name entrydir0=$(dirname $entryfile) entrydir=${entrydir0%%/}/ entrybsfile=$(basename $entryfile) sortyfile=${entrydir}_${entrybsfile} # OFILE=$2 # pass=$3 vecho "in function encrypt" vecho "entryfile is $entryfile" vecho "OFILE is $OFILE" vecho "pass is $pass" if [ -f $OFILE ]; then chmod u+w $OFILE; rm -f $OFILE ; fi # to avoid questions if [ $asym = false ] then vecho "echo -e $pass | gpg --batch --passphrase-fd 0 -s -o $OFILE -c $entryfile" echo -e $pass | gpg --batch --passphrase-fd 0 -o $OFILE -c $entryfile else vecho "gpg -e --sign --default-recipient-self -o ${bu_dir}/$arc_file $entryfile" gpg -e --sign --default-recipient-self -o $OFILE $entryfile fi ls -l $OFILE if [ -f $sortyfile ]; then chmod u+w $sortyfile; rm -f $sortyfile ; fi # cat $entryfile | gpg -c > $OFILE if [ -s $OFILE ] # gpg succeeded then cat $OFILE > $sortyfile touch -r $entryfile $sortyfile chmod u+w $entryfile; rm -f $entryfile echo "Encoding of $entryfile SUCCEEDED" bufile=${entryfile}~ if [ -f $bufile ]; then chmod u+w $bufile; rm -f $bufile; fi; else echo "Encoding of $entryfile FAILED." fi echo } function fileenc () { vecho "Entering fileenc, name is $name" bsname=$(basename $name) if [ ${bsname##_} = ${bsname} ] # file does not begin with _ then vecho "OK, $name does not begin with _" if [ -s $name ] then if [ "z$pass" = "z" ] ; then vecho "no pass set" accept=1 until [ $accept -ne 1 ] # O is OK, 1 is bad password, 2 is user cancel do getpass OUI; accept=$?; vecho accept is $accept done if [ $accept -eq 0 ]; then encrypt ; if [ $log = true ] then vecho "Calling logpass, pass is $pass" logpass fi elif [ $accept -eq 2 ]; then exit 0 ; fi else encrypt fi else vecho "Skipping ${name}: cannot encrypt empty file" fi else vecho "${name}: files to encrypt must not begin with the underscore character" fi } function recuenc { vecho "Entering recuenc, name is $name, recurse is $recurse" # if [ -L "$name" ] # then # echo "$name : sorry, don't encode nor dereference symlinks." # return # fi if [ -L "$name" ] then name=$(readlink "$name") fi if [ -f "$name" -a -w "$name" ] then vecho "In recuenc, $name is a writable file" fileenc elif [ -d "$name" -a -w "$name" ] then vecho "In recuenc, $name is a writable directory" oldname="$name" # for name in ${oldname}/* # CO 2021-01-05-03:46 for name in ${oldname}/* ${oldname}/.* do vecho "Inside recuenc loop, name is $name" if [ $recurse = true ] then recuenc else if [ -f "$name" -a -w "$name" ]; then fileenc ; else echo "${name}: Not a writable file" fi fi done name=$oldname else echo "${name}: Not a writable file or directory" fi } # read functions y_or_n and vecho source ${MYSOURCERDIR}/interact source ${MYSOURCERDIR}/getpass # cryptdir=$HOME/perso # test help situations if [ z$1 = "z-?" ] || [ z$1 = "z-h" ] || [ z$1 = "z--help" ] then help; exit 1; fi PWENTRY_DEF=perso help=false asym=false log=false recurse=false verbose=false pass_spec=NON pass= pwentry_spec=NON pwentry=$PWENTRY_DEF while getopts ":v" Option do case $Option in v ) verbose=true; ;; esac done OPTIND=1 # while getopts ":bchrtvx:" Option while getopts ":e:hklp:rv" Option do case $Option in h ) help=true; vecho "Option h" ;; k ) asym=true; vecho "Option k, encrypt with private key" ;; l ) log=true; vecho "Option l" ;; p ) pass_spec=OUI; pass=$OPTARG; vecho "Option p, pass_spec is $pass_spec, pass is $OPTARG" ;; e ) pwentry_spec=OUI; pwentry="$OPTARG"; vecho "Option e, example option with arg" ;; r ) recurse=true; vecho "Option r, encode recursively" ;; v ) verbose=true; vecho "Option v, verbose mode" ;; * ) help=true; echo "Bad option $OPTARG" ;; esac done shift $(($OPTIND - 1)) # REtest help situations if [ $help = true ] then help ; exit 1; fi # pass_spec needs sym if [[ $asym = true && $pass_spec = OUI ]] then echo "Option -k (asymetric coding) will not take a password on command line." pass= exit 1; fi vecho pwentry_spec is $pwentry_spec vecho pass_spec is $pass_spec if [[ $pwentry_spec = OUI && $pass_spec = OUI ]] then echo "-p and -e options are mutually exclusive" help; exit 1; fi if [[ "z$pass" != "z" && $log = true ]] then vecho "Calling logpass, pass is $pass" logpass fi OFILE=`mktemp /tmp/gpg.XXXXXX` vecho "OFILE is $OFILE" declare -i accept=1 vecho "pass is $pass" if [ $# = 0 ] then args=. vecho "args is $args" else args=$@ vecho "args is $args" fi for name in $args do name=${name%%/} vecho "name is $name" recuenc done # for name in $args # do # name=${name%%/} # vecho "name is $name" # if [ -f $name ] # then # vecho "name is $name" # elif [ -f _${name} ] # then # name=_${name} # vecho "name is $name" # vecho "Skipping ${name}: files to encrypt must not begin with the underscore character" # continue # fi # recuenc # done pass= if [ -f $OFILE ]; then chmod u+w $OFILE; rm -f $OFILE; fi