#!/bin/sh # jsaccess - private web file sharing using client side crypto # store.sh: file encrytion script # Copyright (c) 2013 Laurent Ghigonis # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. cleanup() { rm -f $tmp umask $sumask exit 0 } if [ $# -ne 1 ]; then echo "usage: store.sh " exit 1 fi clear_path=$1 clear_name=`basename $clear_path` # Check for dependencies if [ X"`which base64`" == X"" \ -o X"`which openssl`" == X"" ]; then echo "You need to have openssl and base64 available in your path !" exit 1 fi # Initialize temporary stuff sumask=$(umask) umask 077 tmp=`mktemp ./jsaXXXXXXXX` trap cleanup INT TERM EXIT # Read passphrase echo -n "Enter encryption passphrase: " read pass # Generate file/directory names enc_dir_hash=`echo -n $pass |openssl rmd160 |cut -d' ' -f2` enc_path="jsa/files/$enc_dir_hash" enc_name=`echo -n ${enc_dir_hash}${clear_name} |openssl rmd160 |cut -d' ' -f2` echo $enc_path mkdir -p $enc_path touch $enc_path/index.html # Encrypt file base64 -w0 $clear_path > $tmp echo -n $pass |openssl enc -e -a -aes-256-cbc -in $tmp -out $enc_path/$enc_name -pass stdin ||exit $? echo "CREATED $enc_path/$enc_name" # Add to passphrase index if [ -f $enc_path/index.txt ]; then echo -n $pass |openssl enc -d -a -aes-256-cbc -in $enc_path/index.txt -out $tmp -pass stdin ||exit $? else echo > $tmp fi echo $clear_name >> $tmp rm -f $enc_path/index.txt echo -n $pass |openssl enc -e -a -aes-256-cbc -in $tmp -out $enc_path/index.txt -pass stdin ||exit $? echo "UPDATED $enc_path/index.txt"