From 2c5220a2f1e9a350bc00c3117245df2111011b37 Mon Sep 17 00:00:00 2001
From: Gurkirat Singh <tbhaxor@gmail.com>
Date: Tue, 21 Jun 2022 14:19:04 +0530
Subject: [PATCH] feat (plugins): aes encrypt/decrypt with openssl

---
 plugins/available/cryptography.plugin.bash | 66 ++++++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100644 plugins/available/cryptography.plugin.bash

diff --git a/plugins/available/cryptography.plugin.bash b/plugins/available/cryptography.plugin.bash
new file mode 100644
index 00000000..e2cca20b
--- /dev/null
+++ b/plugins/available/cryptography.plugin.bash
@@ -0,0 +1,66 @@
+# shellcheck shell=bash
+
+function encrypt-payload() {
+	PAYLOAD=$1
+	KEY=$2
+	ALGO=${3:-aes-256-cbc}
+
+	# exit with message if payload is empty string
+	if [[ -z "$PAYLOAD" ]]; then
+		echo "[x] Payload is empty!"
+		return 1
+	fi
+
+	# create random key if not provided
+	if [[ -z "$KEY" ]]; then
+		KEY=$(echo "$RANDOM$RANDOM" | md5sum - | head -c 13)
+		echo "[!] Key not provided, therefore choosen a random string -> $KEY" 1>&2
+		echo "[!] To hide this message, provide the key as second argument or redirect stderr to /dev/null" 1>&2
+	fi
+
+	if [[ -f "$1" ]]; then
+		# if payload file then encrypt with -in
+		OUTFILE=$(mktemp)
+		if ! openssl enc "-$ALGO" -a -A -e -pbkdf2 -pass pass:"$KEY" -in "$PAYLOAD" -out "$OUTFILE"; then
+			echo "[x] Something went wrong!"
+			rm -rf "$OUTFILE"
+		else
+			echo "[!] Saved the encrypted file to '$OUTFILE'"
+		fi
+	else
+		# if payload file then encrypt with stdin
+		echo -ne "$1" | openssl enc "-$ALGO" -a -A -e -pbkdf2 -pass pass:"$KEY"
+	fi
+}
+
+function decrypt-payload() {
+	PAYLOAD=$1
+	KEY=$2
+	ALGO=${3:-aes-256-cbc}
+
+	# exit with message if payload is empty string
+	if [[ -z "$PAYLOAD" ]]; then
+		echo "[x] Payload is empty!"
+		return 1
+	fi
+
+	# create random key if not provided
+	if [[ -z "$KEY" ]]; then
+		echo "[x] Key is empty!"
+		return 1
+	fi
+
+	if [[ -f "$1" ]]; then
+		# if payload file then encrypt with -in
+		OUTFILE=$(mktemp)
+		if ! openssl enc "-$ALGO" -a -A -d -pbkdf2 -pass pass:"$KEY" -in "$PAYLOAD" -out "$OUTFILE"; then
+			echo "[x] Something went wrong!"
+			rm -rf "$OUTFILE"
+		else
+			echo "[!] Saved the encrypted file to '$OUTFILE'"
+		fi
+	else
+		# if payload file then encrypt with stdin
+		echo -ne "$1" | openssl enc "-$ALGO" -a -A -d -pbkdf2 -pass pass:"$KEY"
+	fi
+}