30 lines
865 B
Bash
Executable File
30 lines
865 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -eo pipefail; [[ $TRACE ]] && set -x
|
|
|
|
plaintext=$(mktemp /tmp/cryptr.XXXXXXXX)
|
|
dd if=/dev/urandom bs=4096 count=256 2> /dev/null | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c262144 > "$plaintext"
|
|
plaintext_sha=($(openssl dgst -sha256 "$plaintext"))
|
|
|
|
export CRYPTR_PASSWORD
|
|
CRYPTR_PASSWORD=$(dd if=/dev/urandom bs=200 count=1 2> /dev/null | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c32)
|
|
|
|
cryptr encrypt "$plaintext"
|
|
rm -f "$plaintext"
|
|
|
|
if [[ ! -f "$plaintext".aes ]]; then
|
|
printf "Encrypted out file %s was not created" "$plaintext".aes 1>&2
|
|
exit 3
|
|
fi
|
|
|
|
cryptr decrypt "$plaintext".aes
|
|
|
|
decrypted_sha=($(openssl dgst -sha256 "$plaintext"))
|
|
|
|
rm -f "$plaintext".aes
|
|
rm -f "$plaintext"
|
|
|
|
if [ "${plaintext_sha[1]}" != "${decrypted_sha[1]}" ]; then
|
|
printf "Hash mismatch\n\t%s != %s" "${plaintext_sha[1]}" "${decrypted_sha[1]}" 1>&2
|
|
exit 4
|
|
fi
|