I need a way of hashing a existing filename with a passphrase (ASCII string) but being able to revert it back afterwards using the same passphrase.
I know that ciphers can do this - they are encrypting the string... But their output lenght is based on the filename lenght, which is exactly what I do not want... mainly because it sometimes doubles the file lenght, but the outputted strings are not allways compatible with the FS. Ex. "\n" in a filename.
To be clear, I did a lot of research and even wrote some scripts, but all of the solutions are either slow, or don't work for my application at all.
The Goal of this is to get a constant length filenames that can be all 'decrypted' at once using a single passphrase. Without the need of creating additional 'metadata-like' files.
I've gotten all the way around with my initial question. There seems to be only one solution to the problem above, and that is (as James suggested) Format-preserving encryption. Altough, as far as I can tell, there are no existing commands that do this.
So I did exactly what was my very first option, and that is hashing the filename, putting the hash and the filename into a plain file (one file per directory) and encrypting that file with a passphrase.
I'll post my code here. Though it's probably not the prettiest nor the most portable code, but It does the job and is (IMO) really simple.
#!/usr/bin/env bash
man="Usage: namecrypt [ -h ] [ -e || -d ] [ -F ] [ -D ] [DIRECTORY] [PASSPHRASE]\n
-h, --help display this message
-e, --encrypt encrypt the specified directory
-d, --decrypt decrypt the specified directory
-F, --files include files
-D, --dir include directories
[DIRECTORY] relative or absolute path to a directory/symbolic link
[PASSPHRASE] optional - specify the user passphrase on command line";
options=();
for Arg in "$#"; do
if [ "$Arg" == "-h" ] || [ "$Arg" == "--help" ]; then
echo -e "$man"; exit;
elif [ "$Arg" == "-e" ] || [ "$Arg" == "--encrypt" ]; then
options[0]="E";
elif [ "$Arg" == "-d" ] || [ "$Arg" == "--decrypt" ]; then
options[0]="D";
elif [ "$Arg" == "-F" ] || [ "$Arg" == "--files" ]; then
options[1]="${options[1]}F";
elif [ "$Arg" == "-D" ] || [ "$Arg" == "--dir" ]; then
options[1]="${options[1]}D";
elif [ -d "$Arg" ]; then
options[2]="$(realpath "$Arg")";
else
options[3]="$Arg";
fi;
done;
if [ "${options[0]}" == "" ]; then echo "No Mode specified!"; exit 1; fi;
if [ "${options[1]}" == "" ]; then options[1]="F"; fi;
if [ "${options[2]}" == "" ]; then echo "No such directory!"; exit 2; fi;
if [ "${options[3]}" == "" ]; then echo "Enter a passphrase: "; read options[3]; fi;
shopt -s nullglob dotglob;
function hashTarget
{
BASE="$(basename "$1")";
DIR="$(dirname "$1")/";
if [ -a "$1" ]; then
oldName="$BASE";
newName=$(echo "$oldName" | md5sum);
echo "$oldName||$newName" >> "$DIR.names";
mv "$1" "$DIR$newName";
else echo "Skipping '$1' - No such file or directory!";
fi;
}
function dehashTarget
{
BASE="$(basename "$1")";
DIR="$(dirname "$1")/";
[ -f "$DIR.names.cpt" ] && ccdecrypt -K "${options[3]}" "$DIR.names.cpt";
if [ -f "$DIR.names" ]; then
oldName="$BASE";
newName=$(grep "$oldName" "$DIR.names" | awk -F '|' '{print $1}');
[[ ! -z "${newName// }" ]] && mv "$1" "$DIR$newName";
else
echo "Skipping '$1' - Hash table not found!";
fi;
}
function mapTarget
{
DIR="$(dirname "$1")/";
for Dir in "$1"/*/; do
mapTarget "$Dir";
done;
for Item in "$1"/*; do
if ([ -f "$Item" ] && [[ "${options[1]}" == *"F"* ]]) ||
([ -d "$Item" ] && [[ "${options[1]}" == *"D"* ]]); then
if [ "${options[0]}" == "E" ]; then
hashTarget "$Item";
else
dehashTarget "$Item";
fi;
fi;
done;
[ "${options[0]}" == "D" ] && [ -f "$DIR.names" ] && rm "$DIR.names";
[ "${options[0]}" == "E" ] && [ -f "$DIR.names" ] && ccencrypt -K "${options[3]}" "$DIR.names";
}
mapTarget "${options[2]}";
Probably the only reason why it is so long, is because I didn't bother with any OOP, and I also did a lot of checks and steps to make sure that most of the time no names get mangled and can't be restored - user error can still cause this.
This is the command used to encrypt the hash-table files: CCrypt
Related
A few months back, I installed a utility on my mac so that instead of typing something like this:
vim /type/path/to/the/file
I could just type:
v file
9 times out of 10 it would guess the right file based on the past history, similar to the way autojump works. And instead of typing in vim I can just type the letter v.
I can't remember how I set this up though. It still works on my mac but I don't see anything in my .bash_profile that shows how I did that.
I'm trying to get this to work on my linux box.
This can be found here
https://github.com/rupa/v/blob/master/v
it should work in Linux too. It is a bash script that uses the viminfo
history file to fill in partial strings.
It can be installed on macOS with brew install v
Ah! I found the command with which. Here is the magical script. I can't determine where I got it.
#!/usr/bin/env bash
[ "$vim" ] || vim=vim
[ $viminfo ] || viminfo=~/.viminfo
usage="$(basename $0) [-a] [-l] [-[0-9]] [--debug] [--help] [regexes]"
[ $1 ] || list=1
fnd=()
for x; do case $x in
-a) deleted=1;;
-l) list=1;;
-[1-9]) edit=${x:1}; shift;;
--help) echo $usage; exit;;
--debug) vim=echo;;
--) shift; fnd+=("$#"); break;;
*) fnd+=("$x");;
esac; shift; done
set -- "${fnd[#]}"
[ -f "$1" ] && {
$vim "$1"
exit
}
while IFS=" " read line; do
[ "${line:0:1}" = ">" ] || continue
fl=${line:2}
[ -f "${fl/\~/$HOME/}" -o "$deleted" ] || continue
match=1
for x; do
[[ "$fl" =~ $x ]] || match=
done
[ "$match" ] || continue
i=$((i+1))
files[$i]="$fl"
done < "$viminfo"
if [ "$edit" ]; then
resp=${files[$edit]}
elif [ "$i" = 1 -o "$list" = "" ]; then
resp=${files[1]}
elif [ "$i" ]; then
while [ $i -gt 0 ]; do
echo -e "$i\t${files[$i]}"
i=$((i-1))
done
read -p '> ' CHOICE
resp=${files[$CHOICE]}
fi
[ "$resp" ] || exit
$vim "${resp/\~/$HOME}"
Screenshot of the my code
I am trying to make a shell program that tells me when a file has been created, when it has been modified, and when it has been deleted. I think I can solve this but my only issue is that I cant compare the stat values. It tells me that I have "too many arguments". Any help would be much appreciated :)
#!/bin/bash
run=yes
if [ -f $1 ]
then
while [ run=yes ]
do
time1=$(stat -c %y $1)
time2=$(stat -c %y $1)
if [ ! $time2 ]
then
echo "The file "$1" has been deleted."
run=no
elif [ $time2 -gt $time1 ]
then
echo "The file "$1" has been modified."
run=no
fi
done
else
while [ run=yes ]
do
sleep 2
if [ -f $1 ]
then
echo "The file "$1" has been created."
run=no
fi
done
fi
The output of static -c %y ... includes spaces, which is what the shell uses to separate arguments. When you then run:
if [ ! $time2 ]; then
This translates into something like:
if [ ! 2017-09-02 08:57:19.449051182 -0400 ]; then
Which is an error. The ! operator only expects a single argument. You could solve it with quotes:
if [ ! "$time2" ]; then
Or by using the bash-specific [[...]]] conditional:
if [[ ! $time2 ]]; then
(See the bash(1) man page for details on that second solution).
Separately, you're not going to be able to compare the times with -gt as in:
elif [ $time2 -gt $time1 ]
This (a) has the same problem as the earlier if statement, and (b) -gt can only be used to compare integers, not time strings.
If you were to use %Y instead of %y, you would get the time as an integer number of seconds since the epoch, which would solve all of the above problems.
The code is now working and I thought I would share the final result if anyone wanted to know.
#!/bin/bash
run=true
if [ -f $1 ]
then
while [ "$run" = true ]
do
time1=$(stat -c %Y $1 2>/dev/null)
sleep $2
time2=$(stat -c %Y $1 2>/dev/null)
if [ ! "$time2" ]
then
echo "The file "$1" has been deleted."
run=false
elif [ $time2 -gt $time1 ]
then
echo "The file "$1" has been modified."
run=false
fi
else
while [ "$run" = true ]
do
sleep 2
if [ -f $1 ]
then
echo "The file "$1" has been created."
run=false
fi
done
fi
i just created an argument using IF loop, with the loop i have multiple variables in it. it just happen that only with filename starts with CN are deleted but under the filename under CA are not deleted.
here's my code, appreciate your help. THANKS ! :)
if [ "$retval" = true ]
then
for file_name in "$processdir"/*?.?*; do
filebasename=$(basename "$file_name")
if [ "$prefix" == "CA" ] || [ "$prefix" == "CN" ];
then
rm -f "$file_name"
retval_1="true"
fi
done
fi
You never affect $prefix. I think you don't need this variable
Try this :
if [ "$retval" = true ]
then
for file_name in "$processdir"/*
do
filebasename=$(basename "$file_name")
if [[ "$filebasename" == "CA*" ]] || [[ "$filebasename" == "CN*" ]]
then
rm -f "$file_name"
retval_1="true"
fi
done
fi
thanks for the feedback, but i just used the $prefix for looking up on the filenames that starts with "CA" or "CN" and also for the naming convention of my directory.
here is my edited code:
if [ "$retval" = true ]
then
for file_name in "$processdir$prefix"/*
do
filebasename=$(basename "$file_name")
prefix=${filebasename:0:2}
if [ "$prefix" == "CA" ]|| [ "$prefix" == "CN" ];
then
rm -iv "$file_name"
retval_1="true"
fi
done
fi
I am using if statement with multiple condition in bash.
How can I reduce the following line syntax. So that it looks good from design point of you.
if [ "$1" != "-l" ] && [ "$1" != "-a" ] && [ "$1" != "-h" ] && [ "$1" != "" ] && [ "$1" = "-d" ] || [ "$1" = "-mv" ] || [ "$1" = "-dv" ] || [ "$1" = "-mr" ] || [ "$1" = "-dr" ];
Thanks
Use pattern matching.
if [[ $1 && $1 != -[lah] && $1 == -#(d|mv|dv|mr|dr) ]]; then
#(...) is an example of an extended pattern, which should be recognized by default inside [[ ... ]] in recent versions of bash. If you version is not so recent, add shopt -s extglob to the beginning of your script.
In fact, you can drop the $1 && $1 != -[lah] because its truth would be implied by the truth of $1 == -#(...).
if [[ $1 == -#(d|mv|dv|mr|dr) ]]; then
You could also just use a POSIX-compliant case statement:
case $1 of
-d|-mv|-dv|-mr|-dr) echo good option ;;
*) echo bad option ;;
esac
You can create 2 arrays for matching and non matching values and check if element $1 matches any element in the array or not like below.
nonmatch_array=( "-l" "-a" "-h" "" )
match_array=( "-d" "-mv" "-dv" "-mr" "-dr" )
if [ `echo ${match_array[#]} | grep "$1"` ] || ! [ `echo ${nonmatch_array[#]} | grep "$1"` ] ; then
echo "is in array"
else
echo "is not in array"
fi
Hope it should work for you.
First try to limit the length of the code on 1 line.
if [ [ "$1" != "-l" ]
&& [ "$1" != "-a" ]
&& [ "$1" != "-h" ]
&& [ -n "$1" ]
&& ( [ "$1" = "-d" ]
|| [ "$1" = "-mv" ]
|| [ "$1" = "-dv" ]
|| [ "$1" = "-mr" ]
|| [ "$1" = "-dr" ] ) ];
I added braces, to make clear what you mean with the or's.
Now you can combine all matches with a regular expression:
if [[ ! ("$a" =~ ^-(l|a|h|d|)$)
&& "$a" =~ ^-(mv|dv|mr|dr)$ ]]; then
echo "Yes $a matches"
fi
but reconsider what you are testing. The test will only be true when it matches -mv/-dv/-mr/-dr, so you do not need to test for the options lah.
if [[ "$a" =~ ^-(d|mv|dv|mr|dr)$ ]]; then
echo "Yes $a matches"
fi
You can use a variable for extracting the options:
options="d|mv|dv|mr|dr"
if [[ "$a" =~ ^-(${options})$ ]]; then
echo "Yes $a matches"
fi
Everytime the code is becoming hard to read (and also for long code or repeating statements), you should consider using a function.
The next function is short, but hard to read:
options="d|mv|dv|mr|dr"
function checkoption1 {
[[ "$a" =~ ^-(${options})$ ]]
}
checkoption1 "$a" &&
echo "Yes $a matches"
I would choose for a slightly more verbose function. I will include your original tests for lah for showing the possibilities.
# checkoption return 0 for match,
# returns 1 for forbidden option
# returns 2 for undefined option
function checkoption2 {
case "$1" in
-d|-mv|-dv|-mr|-dr) return 0 ;;
-l|-a|-h|"") return 1;;
*) return 2;;
esac
}
checkoption2 "$a" &&
echo "Yes $a matches"
You should make some testruns before accepting your code.
I have made some tests with a small loop (now all answers together)
function checkoption1 {
[[ "$a" =~ ^-(${options})$ ]]
}
# checkoption return 0 for match,
# returns 1 for forbidden option
# returns 2 for undefined option
function checkoption2 {
case "$1" in
-d|-mv|-dv|-mr|-dr) return 0 ;;
-l|-a|-h|"") return 1;;
*) return 2;;
esac
}
for a in -mv mv -mvx -ms -mr -dr; do
if [[ ! ("$a" =~ ^-(l|a|h|)$)
&& "$a" =~ ^-(d|mv|dv|mr|dr)$ ]]; then
echo "Yes $a matches"
fi
if [[ "$a" =~ ^-(d|mv|dv|mr|dr)$ ]]; then
echo "Yes $a matches"
fi
options="d|mv|dv|mr|dr"
if [[ "$a" =~ ^-(${options})$ ]]; then
echo "Yes $a matches"
fi
checkoption1 "$a" &&
echo "Yes $a matches"
checkoption2 "$a" &&
echo "Yes $a matches 2"
done
I've searched and found a lot of examples of if elif functions, but none I have found seem to also include logical AND or OR operators.
I'm having trouble with the following if statement in a bash script:
#!/bin/bash
BASE="$(basename "${PWD}")"
REPO="$(cut -d/ -f4 <<<"${PWD}")"
if [ "$BASE" = "$REPO" ] -o [ "$BASE" = "" ]
then
echo "[$REPO]"
elif [ "$REPO" = "" ] -a [ "$BASE" != "" ]
then
echo "$BASE"
else
echo "[$REPO] $BASE"
fi
I'm getting the ol' bash: [: too many arguments error for both the IF and the ELIF, and I can't seem to get it to work. Do bash scripts not like their IF statements to get this complex? Doesn't seem overly optimistic to expect this level of comparison, is it?
You are mixing the syntax of [ aka test and Bash itself. Between [ and ], -a is a boolean AND, but it is only a feature of this particular command.
In the general case, command1 && command2 will execute command2 only if command1 returns success, and similarly, command1 || command2 will execute command2 only if command1 returns failure.
So you can say
if [ condition1 -a condition2 ]
or
if [ condition1 ] && [ condition2 ]
But anyway, your code looks like you actually want case instead. I'm having a bit of an issue following the logic of your script, but it can be simplified quite a lot, because there are actually no situations where basename $PWD can be the empty string (in the root directory, the basename is /). Also, in the elif branch, you already know that $BASE is not empty (ignoring for now the fact that it never will be empty), because if it were, the if branch would have been taken already.
Anyway, assuming you want to check whether we are in (a) the root directory or a directory exactly four levels down; or (b) in a non-root directory less than four levels down; or else (c) somewhere else (which means a directory five or more levels down), try this. Because case will take the first matching branch (keeping in mind that * will match even a string containing a slash in this context if necessary), I had to reorder these slightly.
case $PWD in
/*/*/*/*/* ) # more than 4 (c)
echo "[$REPO] $BASE" ;;
/ | /*/*/*/* ) # root or exactly 4 (a)
echo "[$REPO"] ;;
*) # else, less than 4, not root (b)
echo "$BASE" ;;
esac
You should use || and && :
#!/bin/bash
BASE="$(basename "${PWD}")"
REPO="$(cut -d/ -f4 <<<"${PWD}")"
if [ "$BASE" = "$REPO" ] || [ "$BASE" = "" ]
then
echo "[$REPO]"
elif [ "$REPO" = "" ] && [ "$BASE" != "" ]
then
echo "$BASE"
else
echo "[$REPO] $BASE"
fi
The problem reside in the comparison, you are using the option -a (File) that returns true if file exists, but the expression "$BASE" != "" is not a File.
You should use the logic "and" and "or" instead of (-a, -o) option.
This code works for me:
#!/bin/bash
BASE="$(basename "${PWD}")"
REPO="$(cut -d/ -f4 <<<"${PWD}")"
if [ "$BASE" = "$REPO" ] || [ "$BASE" = "" ]
then
echo "[$REPO]"
elif [ "$REPO" = "" ] && [ "$BASE" != "" ]
then
echo "$BASE"
else
echo "[$REPO] $BASE"
fi