From 17d49005a89922e344cd6904f96b8fb1d6ebab78 Mon Sep 17 00:00:00 2001 From: Steven Baltakatei Sandoval Date: Mon, 29 Jun 2020 19:31:21 +0000 Subject: [PATCH] feat(bkgpslog):Add encryption option Add encryption option via `age`. See: https://github.com/FiloSottile/age . Add `-e, --encrypt` option for specifying output to be encrypted. Add `-r --recipient [ pubkey string ]` option for specifying recipients of encrypted output. Add code to validate recipient pubkey strings. Not added (yet): encryption of output files. --- exec/bkgpslog | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/exec/bkgpslog b/exec/bkgpslog index 8d1829a..b97f250 100755 --- a/exec/bkgpslog +++ b/exec/bkgpslog @@ -14,6 +14,7 @@ SCRIPT_DATE_SHORT="$(date +%Y%m%d)" # Save current date in ISO-8601 for declare -Ag appRollCall # Associative array for storing app status declare -Ag fileRollCall # Associative array for storing file status declare -Ag dirRollCall # Associative array for storing dir status +declare -a recPubKeys # for processArguments function #===BEGIN Declare local script functions=== checkapp() { @@ -140,8 +141,20 @@ showUsage() { echoerr " -v, --verbose" echoerr " Display debugging info." echoerr + echoerr " -e, --encrypt" + echoerr " Encrypt output." + echoerr + echoerr " -r, --recipient [ pubkey string ]" + echoerr " Specify recipient." + echoerr echoerr " -o, --output [ directory ]" echoerr " Specify output directory to save logs." + echoerr + echoerr "EXAMPLE: (bash script lines)" + echoerr "/bin/bash bkgpslog -e \\" + echoerr "-r age1mrmfnwhtlprn4jquex0ukmwcm7y2nxlphuzgsgv8ew2k9mewy3rs8u7su5 \\" + echoerr "-r age1ala848kqrvxc88rzaauc6vc5v0fqrvef9dxyk79m0vjea3hagclswu0lgq \\" + echoerr "-o ~/Sync/Location" } # Display information on how to use this script. showVersion() { echoerr "$SCRIPT_VERSION" @@ -177,6 +190,9 @@ processArguments() { --version) showVersion; exit 1;; # Show version -v | --verbose) OPTION_VERBOSE="true"; vbm "DEBUG:Verbose mode enabled.";; # Enable verbose mode. -o | --output) if [ -d "$2" ]; then DIROUT="$2"; vbm "DEBUG:DIROUT:$DIROUT"; shift; fi ;; # Define output directory. + -e | --encrypt) OPTION_ENCRYPT="true"; vbm "DEBUG:Encrypted output mode enabled.";; + -r | --recipient) # Add 'age' recipient via public key string + recPubKeys+=("$2"); shift;; *) echoerr "ERROR: Unrecognized argument."; exit 1;; # Handle unrecognized options. esac shift @@ -255,8 +271,20 @@ dateTimeShort(){ } # Get date&time without separators main() { processArguments "$@" # Process arguments. + if [[ "$OPTION_ENCRYPT" = "true" ]]; then # Check if encryption option active. + if checkapp age; then # Check that age is available. + for pubkey in "${recPubKeys[@]}"; do # Validate recipient pubkey strings by forming test message + vbm "DEBUG:Testing pubkey string:$pubkey" + if ! echo "butts" | age -a -r "$pubkey" 1>/dev/null; then + yell "ERROR:Exit code ""$?"". Invalid recipient pubkey string. Exiting."; exit 1; fi + done + else + yell "ERROR:Encryption enabled but \"age\" not found. Exiting."; exit 1; + fi + fi + if checkapp gpspipe && checkdir "$DIROUT"; then - + # # Set script lifespan to end at start of next day # if ! scriptTTL="$(timeUntilNextDay)"; then # if [[ "$scriptTTL" -eq 0 ]]; then -- 2.30.2