1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
#! /bin/sh
# FILE FORMAT
# 10 bytes: constant string 'bz2aespipe'
# 10 bytes: itercountk digits
# 1 byte: '0' = AES128, '1' = AES192, '2' = AES256
# 1 byte: '0' = SHA256, '1' = SHA384, '2' = SHA512, '3' = RMD160
# 24 bytes: random seed string
# remaining bytes are bzip2 compressed and aespipe encrypted
# These definitions are only used when encrypting.
# Decryption will autodetect these definitions from archive.
ENCRYPTION=AES256
HASHFUNC=SHA256
ITERCOUNTK=100
WAITSECONDS=10
if test x$1 = x-d ; then
# decrypt
n=`head -c 10 - | tr -d -c 0-9a-zA-Z`
if test x${n} != xbz2aespipe ; then
echo "bz2aespipe: wrong magic - aborted" >/dev/tty
exit 1
fi
itercountk=`head -c 10 - | tr -d -c 0-9`
if test x${itercountk} = x ; then itercountk=0; fi
n=`head -c 1 - | tr -d -c 0-9`
encryption=AES128
if test x${n} = x1 ; then encryption=AES192; fi
if test x${n} = x2 ; then encryption=AES256; fi
n=`head -c 1 - | tr -d -c 0-9`
hashfunc=SHA256
if test x${n} = x1 ; then hashfunc=SHA384; fi
if test x${n} = x2 ; then hashfunc=SHA512; fi
if test x${n} = x3 ; then hashfunc=RMD160; fi
seedstr=`head -c 24 - | tr -d -c 0-9a-zA-Z+/`
aespipe -e ${encryption} -H ${hashfunc} -S "${seedstr}" -C ${itercountk} -d | bzip2 -d -q
else
# encrypt
echo -n bz2aespipe
echo ${ITERCOUNTK} | awk '{printf "%10u", $1;}'
n=`echo ${ENCRYPTION} | tr -d -c 0-9`
aesstr=0
if test x${n} = x192 ; then aesstr=1; fi
if test x${n} = x256 ; then aesstr=2; fi
n=`echo ${HASHFUNC} | tr -d -c 0-9`
hashstr=0
if test x${n} = x384 ; then hashstr=1; fi
if test x${n} = x512 ; then hashstr=2; fi
if test x${n} = x160 ; then hashstr=3; fi
seedstr=`head -c 18 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1`
echo -n ${aesstr}${hashstr}${seedstr}
bzip2 | aespipe -e ${ENCRYPTION} -H ${HASHFUNC} -S ${seedstr} -C ${ITERCOUNTK} -T -w ${WAITSECONDS}
fi
exit 0
|