Skip to content

Instantly share code, notes, and snippets.

@ctrlok

ctrlok/ghcrypt.sh

Last active November 2, 2016 19:54
Show Gist options
  • Save ctrlok/f7ddd19ab0efb1dffc8120c3af0bb48b to your computer and use it in GitHub Desktop.
Save ctrlok/f7ddd19ab0efb1dffc8120c3af0bb48b to your computer and use it in GitHub Desktop.
Download ZIP
# Simple script which decode and encode messages based on user github key
Raw
ghcrypt.sh
#!/bin/bash
# Simple script which decode and encode messages based on user github key.
# Usage:
# Encrypt:
# echo "My secret is" | ./ghcrypt.sh -u ctrlok
# Decrypt:
# echo "BASE64SCRET" | ./ghcrypt.sh -k ~/.ssh/id_rsa
while getopts "u:k:" opt
do
case $opt in
u) USERNAME=$OPTARG;;
k) SSH_KEY=$OPTARG;;
*) echo "No reasonable options found!";;
esac
done
if [ -n "${USERNAME}" ]; then
TMP_PUB_RSA=$(mktemp)
TMP_PUB_PEM=$(mktemp)
OUTFILE=$(mktemp)
KEYS=$(curl --silent https://api.github.com/users/${USERNAME}/keys | grep key | awk '{print $2" "$3}' | sed 's/^"\(.*\)"$/\1/')
KEY=${KEYS[0]}
echo $KEY > $TMP_PUB_RSA
ssh-keygen -f $TMP_PUB_RSA -e -m PKCS8 > $TMP_PUB_PEM
cat /dev/stdin | openssl rsautl -encrypt -pubin -inkey $TMP_PUB_PEM -ssl -out /dev/stdout | openssl enc -base64
echo "Decrypt command: cat /dev/stdin | openssl enc -d -base64 | openssl rsautl -decrypt -inkey <%SSH_PRIVATE_KEY_PATH%> -out /dev/stdout" 1>&2
fi
if [ -n "${SSH_KEY}" ]; then
echo "Running command: cat /dev/stdin | openssl enc -d -base64 | openssl rsautl -decrypt -inkey $SSH_KEY -out /dev/stdout" 1>&2
cat /dev/stdin | openssl enc -d -base64 | openssl rsautl -decrypt -inkey $SSH_KEY -out /dev/stdout
fi
@ybogdanov
Copy link

ybogdanov commented Aug 5, 2016 

echo "Encrypt command: cat /file| openssl rsautl -decrypt -inkey <%SSH_PRIVATE_KEY_PATH%> -out /dev/stdout" 1>&2

Decrypt

@ybogdanov
Copy link

ybogdanov commented Aug 7, 2016

Move echo "Decrypt command ..." inside the first if.

@ybogdanov
Copy link

ybogdanov commented Aug 7, 2016

Or you want it always to be displayed? It makes sense it case someone trying to edit it depending on the situation and add pbcopy for example.

@ybogdanov
Copy link

ybogdanov commented Aug 7, 2016

Then I would suggest something line the following:

#!/bin/bash
# Simple script which decode and encode messages based on user github key.
# Usage:
#   Encrypt:
#     echo "My secret is" | ./ghcrypt.sh -u ctrlok
#   Decrypt:
#     echo "BASE64SCRET"  | ./ghcrypt.sh -k ~/.ssh/id_rsa


while getopts "u:k:" opt
do
case $opt in
u) USERNAME=$OPTARG;;
k) SSH_KEY=$OPTARG;;
*) echo "No reasonable options found!";;
esac
done

if [ -n "${USERNAME}" ]; then
    TMP_PUB_RSA=$(mktemp)
    TMP_PUB_PEM=$(mktemp)
    OUTFILE=$(mktemp)
    KEYS=$(curl --silent https://api.github.com/users/${USERNAME}/keys | grep key | awk '{print $2" "$3}' | sed 's/^"\(.*\)"$/\1/')
    KEY=${KEYS[0]}
    echo $KEY > $TMP_PUB_RSA
    ssh-keygen -f $TMP_PUB_RSA -e -m PKCS8 > $TMP_PUB_PEM
    cat /dev/stdin | openssl rsautl -encrypt -pubin -inkey $TMP_PUB_PEM -ssl -out /dev/stdout | openssl enc -base64
    echo "Decrypt command: cat /dev/stdin | openssl enc -d -base64 | openssl rsautl -decrypt -inkey <%SSH_PRIVATE_KEY_PATH%> -out /dev/stdout" 1>&2
fi

if [ -n "${SSH_KEY}" ]; then
    echo "Running command: cat /dev/stdin | openssl enc -d -base64 | openssl rsautl -decrypt -inkey $SSH_KEY -out /dev/stdout" 1>&2
    cat /dev/stdin | openssl enc -d -base64 | openssl rsautl -decrypt -inkey $SSH_KEY -out /dev/stdout
fi

@ctrlok
Copy link
Author

ctrlok commented Aug 8, 2016

@ybogdanov Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment