#!/bin/sh # echo -e "tutu" | gpg --passphrase-fd 0 -c gags.txt function help () { echo "Usage: $(basename $0) [-rhv] [-p password] [entryfile1] [entryfile2...]" echo " -k use asymetric coding to self" echo " -p password give password on command line" echo " -r recurse into subdirs" echo " -l log password in system log - use with extreme care" echo " -v verbose, more comments displayed" echo " -h this help" echo " Encodes files and directories given as arguments using gpg symetric encoding." # echo " a copy of encoded file is kept on a temp name for security" echo " Files to encode must not begin with _" echo " A '_' character is prepended to the encoded file's name." echo " Without args, encodes all non crypted files in current directory." } function getpassverif () { REPLY= echo "Enter passphrase, or type \"skip\" to exit." read -t30 -s if [ $? -eq 1 ]; then return 1; fi; # read timeout if [[ z$REPLY = zskip || z$REPLY = zSKIP ]] then echo "Encoding canceled" return 2 fi pass=$REPLY echo "Reenter passphrase" read -t30 -s if [ $? -eq 1 ]; then pass=; return 1; fi; # read timeout if [ z$REPLY = z ] || [ z$pass = z ] then echo "Bad passphrase" return 1 fi if [ $REPLY != $pass ] then echo "Passphrases not the same" return 1 fi } function encrypt () { echo "Checkin in $name" ci -d -l -t-$name -mlogout-$(date +%Y-%m-%d-%H-%M) $name echo "Encrypting $name" entryfile=$name entrydir=$(dirname $entryfile) entrydir=${entrydir%%/}/ entrybsfile=$(basename $entryfile) sortyfile=${entrydir}_${entrybsfile} # OFILE=$2 # pass=$3 debug_echo "in function encrypt" debug_echo "entryfile is $entryfile" debug_echo "OFILE is $OFILE" debug_echo "pass is $pass" if [ -f $OFILE ]; then chmod u+w $OFILE; rm -f $OFILE ; fi # to avoid questions if [ $asym = false ] then debug_echo "echo -e $pass | gpg --passphrase-fd 0 -s -o $OFILE -c $entryfile" echo -e $pass | gpg --passphrase-fd 0 -o $OFILE -c $entryfile else debug_echo "gpg -e --sign --default-recipient-self -o ${bu_dir}/$arc_file $entryfile" gpg -e --sign --default-recipient-self -o $OFILE $entryfile fi ls -l $OFILE if [ -f $sortyfile ]; then chmod u+w $sortyfile; rm -f $sortyfile ; fi # cat $entryfile | gpg -c > $OFILE if [ -s $OFILE ] # gpg succeeded then cat $OFILE > $sortyfile touch -r $entryfile $sortyfile chmod u+w $entryfile; rm -f $entryfile echo "Encoding of $entryfile SUCCEEDED" bufile=${entryfile}~ if [ -f $bufile ]; then chmod u+w $bufile; rm -f $bufile; fi; else echo "Encoding of $entryfile FAILED." fi echo } function fileenc () { vecho "Entering fileenc, name is $name" bsname=$(basename $name) if [ ${bsname##_} = ${bsname} ] # file does not begin with _ then vecho "OK, $name does not begin with _" if [ -s $name ] then if [ "z$pass" = "z" ] ; then vecho "no pass set" accept=1 until [ $accept -ne 1 ] # O is OK, 1 is bad password, 2 is user cancel do getpassverif; accept=$?; debug_echo accept is $accept done if [ $accept -eq 0 ]; then encrypt ; if [ $log = true ] then debug_echo "Calling logpass, pass is $pass" logpass fi elif [ $accept -eq 2 ]; then exit 0 ; fi else encrypt fi else vecho "Skipping ${name}: cannot encrypt empty file" fi else vecho "${name}: files to encrypt must not begin with the underscore character" fi } function recuenc { debug_echo "Entering recuenc, name is $name, recurse is $recurse" if [ -L "$name" ] then echo "$name : sorry, don\'t encode nor dereference symlinks." return fi if [ -f $name -a -w $name ] then debug_echo "In recuenc, $name is a writable file" fileenc elif [ -d $name -a -w $name ] then debug_echo "In recuenc, $name is a writable directory" oldname=$name for name in ${oldname}/* do debug_echo "Inside recuenc loop, name is $name" if [ $recurse = true ] then recuenc else if [ -f $name -a -w $name ]; then fileenc ; else echo "${name}: Not a writable file" fi fi done name=$oldname else echo "${name}: Not a writable file or directory" fi } # read functions y_or_n and debug_echo source ${MYSOURCERDIR}/interact # cryptdir=$HOME/perso # test help situations if [ z$1 = "z-?" ] || [ z$1 = "z-h" ] || [ z$1 = "z--help" ] then help; exit 1; fi help=false asym=false log=false recurse=false verbose=false psswd=false pass= while getopts ":v" Option do case $Option in v ) verbose=true; ;; esac done OPTIND=1 # while getopts ":bchrtvx:" Option while getopts ":hklp:rv" Option do case $Option in h ) help=true; vecho "Option h" ;; k ) asym=true; vecho "Option k, encrypt with private key" ;; l ) log=true; vecho "Option l" ;; p ) psswd=true; pass=$OPTARG; vecho "Option p, psswd is $psswd, pass is $OPTARG" ;; r ) recurse=true; vecho "Option r, encode recursively" ;; v ) verbose=true; vecho "Option v, verbose mode" ;; * ) help=true; echo "Bad option $OPTARG" ;; esac done shift $(($OPTIND - 1)) # REtest help situations if [ $help = true ] then help ; exit 1; fi # psswd needs sym if [[ $asym = true && $psswd = true ]] then echo "Option -k (asymetric coding) does not take a password on command line." pass= exit 1; fi if [[ "z$pass" != "z" && $log = true ]] then debug_echo "Calling logpass, pass is $pass" logpass fi OFILE=`mktemp /tmp/gpg.XXXXXX` debug_echo "OFILE is $OFILE" declare -i accept=1 debug_echo "pass is $pass" if [ $# = 0 ] then args=. debug_echo "args is $args" else args=$@ debug_echo "args is $args" fi for name in $args do name=${name%%/} recuenc done pass= if [ -f $OFILE ]; then chmod u+w $OFILE; rm -f $OFILE; fi