[Debian-live-changes] r1594 - configs/daniel-desktop/config/chroot_local-includes/usr/local/bin

Tue May 22 12:29:41 UTC 2007

Author: daniel
Date: 2007-05-22 12:29:40 +0000 (Tue, 22 May 2007)
New Revision: 1594

Added:
   configs/daniel-desktop/config/chroot_local-includes/usr/local/bin/gpg-filename
Log:


Added: configs/daniel-desktop/config/chroot_local-includes/usr/local/bin/gpg-filename
===================================================================

--- configs/daniel-desktop/config/chroot_local-includes/usr/local/bin/gpg-filename	                        (rev 0)
+++ configs/daniel-desktop/config/chroot_local-includes/usr/local/bin/gpg-filename	2007-05-22 12:29:40 UTC (rev 1594)
@@ -0,0 +1,198 @@
+#!/bin/bash
+
+# gpg-filename.sh - Encrypt files inclusive filenames.
+#
+# This script is written by Daniel Baumann <daniel at debian.org>
+# and hereby placed in the public domain (no rights reserved).
+
+set -e
+
+# FIXME:
+# . ${RANDOM} is a bashism
+#
+# . autodetect secret key
+# . configure gpg options
+# . review gpg command calls
+#
+# . save/restore owner and permissions
+# . hide processing and show progressbar
+# . recursive?
+# . scale up and use better random ciphers
+
+KEY="4B2B2B9E"
+COMPRESS_LEVEL="0"
+
+Key ()
+{
+	if [ -z "${KEY}" ]
+	then
+		echo -n "  * Enter key: "
+		read KEY
+
+		if [ -z "${KEY}" ]
+		then
+			Key
+		fi
+	fi
+}
+
+Passphrase ()
+{
+	echo -n "  * Enter passphrase: "
+	read -s -t 60 PASSPHRASE
+	echo
+	echo
+
+	if [ -z "${PASSPHRASE}" ]
+	then
+		Passphrase
+	fi
+
+	trap "if [ ! -z ${PASSPHRASE} ]; then export PASSPHRASE=; fi; exit 0" 0 2 15
+}
+
+Encrypt ()
+{
+	for OBJECT in `echo $1 | sed -e 's/"//g'`
+	do
+		if [ -d "${OBJECT}" ]
+		then
+			Encrypt_directory "${OBJECT}";
+		elif [ -f "${OBJECT}" ]
+		then
+			Encrypt_file "${OBJECT}";
+		elif [ -h "${OBJECT}" ]
+		then
+			Encrypt_link "${OBJECT}";
+		else
+			echo "E: unknow/unsupported input type."
+			exit 1
+		fi
+	done
+}
+
+Encrypt_directory ()
+{
+	for DIRECTORY in ${1}
+	do
+		NAME="${RANDOM}"
+
+		if [ -d "${NAME}" ]
+		then
+			while [ -d "${NAME}" ]
+			do
+				NAME="${RANDOM}"
+			done
+		fi
+
+		echo "mv ${NAME} ${DIRECTORY}" > "${NAME}"-control
+		echo "${PASSPHRASE}" | gpg --quiet --passphrase-fd 0 -z "${COMPRESS_LEVEL}" --sign --encrypt-to "${KEY}" "${NAME}"-control
+
+		mv "${DIRECTORY}" "${NAME}"
+		rm -f "${NAME}"-control
+	done
+}
+
+Encrypt_file ()
+{
+	for FILE in ${1}
+	do
+		NAME="${RANDOM}"
+
+		if [ -f "${NAME}-control.gpg" ]
+		then
+			while [ -f "${NAME}-control.gpg" ]
+			do
+				NAME="${RANDOM}"
+			done
+		fi
+
+		echo "mv ${NAME}-data ${FILE}" > "${NAME}"-control
+		echo "${PASSPHRASE}" | gpg --quiet --passphrase-fd 0 -z "${COMPRESS_LEVEL}" --sign --encrypt-to "${KEY}" "${NAME}"-control
+
+		mv "${FILE}" "${NAME}"-data
+		echo "${PASSPHRASE}" | gpg --quiet --passphrase-fd 0 -z "${COMPRESS_LEVEL}" --sign --encrypt-to "${KEY}" "${NAME}"-data
+
+		rm -f "${NAME}"-control "${NAME}"-data
+	done
+}
+
+Encrypt_link ()
+{
+	for LINK in ${1}
+	do
+		NAME="${RANDOM}"
+		SOURCE="`ls -al ${LINK} | awk {'print $10'}`"
+		TARGET="`ls -al ${LINK} | awk {'print $8'}`"
+
+		if [ -f "${NAME}-control.gpg" ]
+		then
+			while [ -f "${NAME}-control.gpg" ]
+			do
+				NAME="${RANDOM}"
+			done
+		fi
+
+		echo "ln -s ${SOURCE} ${TARGET}" > "${NAME}"-control
+		echo "${PASSPHRASE}" | gpg --quiet --passphrase-fd 0 -z "${COMPRESS_LEVEL}" --sign --encrypt-to "${KEY}" "${NAME}"-control
+
+		rm -f "${LINK}"
+		rm -f "${NAME}"-control
+	done
+}
+
+Decrypt ()
+{
+	for FILE in *.gpg
+	do
+		echo "${PASSPHRASE}" | gpg --quiet --passphrase-fd 0 --output "`basename ${FILE} .gpg`" --decrypt "${FILE}"
+
+		rm -f "${FILE}"
+	done
+
+	for FILE in *-control
+	do
+		sh "${FILE}"
+
+		rm -f "${FILE}"
+	done
+}
+
+Main ()
+{
+	case "${1}" in
+		-d|--decrypt)
+			Passphrase;
+			Decrypt "${2}";
+			;;
+
+		-e|--encrypt)
+			Key;
+			Passphrase
+			Encrypt "${2}";
+			;;
+
+		-h|--help)
+			echo "gpg-filename.sh - Encrypt files inclusive filenames."
+			echo
+			echo -e "Usage: `basename ${0}` [OPTION] \"[FILE] || [EXPRESSION]\""
+			echo
+			echo "Options:"
+			echo -e "  -e, --encrypt: encrypt data"
+			echo -e "  -d, --decrypt: decrypt data"
+			echo
+			echo "File/Expression:"
+			echo -e "  On encrypting data, you can enter either a specific file"
+			echo -e "  or a file pattern. Note that you have to enter it in quotes."
+			echo -e "  On decrypting data, no file or expression is needed. All"
+			echo -e "  encrypted data in the current directory will be decrypted."
+			exit 1
+			;;
+
+		*)
+			"${0}" --help
+			;;
+	esac
+}
+
+Main "$@"


Property changes on: configs/daniel-desktop/config/chroot_local-includes/usr/local/bin/gpg-filename
___________________________________________________________________
Name: svn:executable
   + *


