From 1d835d97a82618f964574b1101b87320e1476416 Mon Sep 17 00:00:00 2001 From: June McEnroe Date: Sun, 30 Jan 2022 17:35:51 -0500 Subject: Add enc --- bin/.gitignore | 1 + bin/Makefile | 1 + bin/README.7 | 4 +++- bin/enc.sh | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ bin/man1/enc.1 | 55 +++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 130 insertions(+), 1 deletion(-) create mode 100644 bin/enc.sh create mode 100644 bin/man1/enc.1 diff --git a/bin/.gitignore b/bin/.gitignore index e695e844..59b60826 100644 --- a/bin/.gitignore +++ b/bin/.gitignore @@ -8,6 +8,7 @@ config.mk dehtml downgrade dtch +enc ever freecell git-comment diff --git a/bin/Makefile b/bin/Makefile index 8b7de4b9..5d23ab3c 100644 --- a/bin/Makefile +++ b/bin/Makefile @@ -13,6 +13,7 @@ BINS += bit BINS += c BINS += dehtml BINS += dtch +BINS += enc BINS += git-comment BINS += glitch BINS += hilex diff --git a/bin/README.7 b/bin/README.7 index 6d4e4e8a..c562e84c 100644 --- a/bin/README.7 +++ b/bin/README.7 @@ -1,4 +1,4 @@ -.Dd September 23, 2021 +.Dd January 30, 2022 .Dt BIN 7 .Os "Causal Agency" . @@ -28,6 +28,8 @@ extract text from HTML IRC features for all .It Xr dtch 1 detached sessions +.It Xr enc 1 +encrypt and decrypt files .It Xr ever 1 watch files .It Xr freecell 6 diff --git a/bin/enc.sh b/bin/enc.sh new file mode 100644 index 00000000..4233f0a3 --- /dev/null +++ b/bin/enc.sh @@ -0,0 +1,70 @@ +#!/bin/sh +set -eu + +readonly Command='openssl enc -ChaCha20 -pbkdf2' + +base64= +stdout=false +mode=encrypt +force=false + +while getopts 'acdef' opt; do + case $opt in + (a) base64=-a;; + (c) stdout=true;; + (d) mode=decrypt;; + (e) mode=encrypt;; + (f) force=true;; + (?) exit 1;; + esac +done +shift $((OPTIND - 1)) + +confirm() { + $force && return 0 + while :; do + printf '%s: overwrite %s? [y/N] ' "$0" "$1" >&2 + read -r confirm + case "$confirm" in + (Y*|y*) return 0;; + (N*|n*|'') return 1;; + esac + done +} + +encrypt() { + if test -z "${1:-}"; then + $Command -e $base64 + elif $stdout; then + $Command -e $base64 -in "$1" + else + input=$1 + output="${1}.enc" + if test -e "$output" && ! confirm "$output"; then + return + fi + $Command -e $base64 -in "$input" -out "$output" + fi +} + +decrypt() { + if test -z "${1:-}"; then + $Command -d $base64 + elif $stdout || [ "${1%.enc}" = "$1" ]; then + $Command -d $base64 -in "$1" + else + input=$1 + output=${1%.enc} + if test -e "$output" && ! confirm "$output"; then + return + fi + $Command -d $base64 -in "$input" -out "$output" + fi +} + +for input; do + $mode "$input" +done +if [ $# -eq 0 ]; then + $mode +fi diff --git a/bin/man1/enc.1 b/bin/man1/enc.1 new file mode 100644 index 00000000..32845847 --- /dev/null +++ b/bin/man1/enc.1 @@ -0,0 +1,55 @@ +.Dd January 30, 2022 +.Dt ENC 1 +.Os +. +.Sh NAME +.Nm enc +.Nd encrypt and decrypt files +. +.Sh SYNOPSIS +.Nm +.Op Fl acdef +.Op Ar +. +.Sh DESCRIPTION +.Nm +encrypts and decrypts files +using ChaCha20 via +.Xr openssl 1 . +When encrypting files, +the +.Pa .enc +extension is added. +When decrypting files, +the +.Pa .enc +extension is removed, +if possible. +Otherwise output is written +to standard output. +Input files are not removed. +If no files are provided, +standard input is encrypted or decrypted. +. +.Pp +The arguments are as follows: +.Bl -tag -width Ds +.It Fl a +Encrypted data is Base64-encoded. +.It Fl c +Always write to standard output. +.It Fl d +Decrypt. +.It Fl e +Encrypt. +This is the default. +.It Fl f +Do not ask to confirm overwriting files. +.El +. +.Sh EXAMPLES +.Bd -literal -offset indent +$ enc secret.txt +$ rm secret.txt +$ enc -d secret.txt.enc +.Ed -- cgit 1.4.1