gnugp - automated script - unsign & decrypt in one step whilst keeping security tight

Discussion in 'Programming/Scripts' started by paul sanz, Oct 5, 2007.

  1. paul sanz

    paul sanz New Member

    Hi im a novice in linux scripting so please have patience :eek:

    I´ve had to write the following script for my boss and others.

    Decrypt & unsign an encrypted &&|| signed file in the least amount of user commands possible and keeping it all tightly secure by not automating passphrases like many i have seen try to do. (something i think is a security flaw)

    Problem :(

    Related to : strip, basename, cut etc

    As the user will be someone with no experience in encryption then it is necessary that they only have to know 1 parramter $1 the file name in question.

    As you can see in secion 3 of the script (## returns false then unsign and then decrypt) will create the final results: "the decrypted file as specified in --output".

    Question : :confused:

    Imagine $1 = x.txt.asc.asc

    How can I remove the (.asc.asc) extensions automatically leaving the final filename as "a.txt" after unsigning and decrypting ($1).

    I know how to strip a basename that sends the results to stdout but how to add it to the script and change it on a perm basis?? im so stuck!!


    #print new filename after chopping the .ext.ext off.

    echo ${name%.*.*} &>striped_filename

    Thanking you in advance for any possible solucions

    paul :)

    The Srcipt :

    # #
    # This script decrypts the file specified in "$1" #
    # Signed or Not makes no difference it will decrypt #
    # keeping it simple and straight forward. #
    # #
    # The user will only need to insert 1 $parameter #
    # which will be the file in question. #
    # #

    # $1=filename to unsign && || decrypt

    ## verify $1 and save stdout in `a`
    gpg2 --verify $1 &>a

    ## set file path

    ## check if $file is signed by searching for the word "error"
    ## if returns true then decrypt only

    if grep -q "error" $file

    gpg2 --output $1_a --decrypt $1

    echo $1 was decrypted successfully.

    ## returns false then unsign and decrypt

    gpg2 --output $1_signed --decrypt $1 ##unsign 1st
    gpg2 --output $1_decrypted --decrypt $1_signed ##decrypt 2nd
    echo $1 was signed, $1 was decrypted successfully

    ## remove unneeded temp files created by this script automatically
    rm -r -f $file
    rm -r -f $1_signed
    #rm -r -f $1_decrypted
  2. catdude

    catdude ISPConfig Developer

    Greetings, Paul. Not to worry, we were all in that position once :)

    As for the first question you posted, you can use "basename" to strip off the trailing part of the file name, and just store the result into a script variable. For example, using the short script you posted:

    #print new filename after chopping the .ext.ext off.

    newname=`basename $name .asc.asc`
    echo The new name is $newname
    # We can now, for example, "mv ./a $newname"

    echo ${name%.*.*} &>striped_filename

    Is that what you were looking for?
  3. paul sanz

    paul sanz New Member


    What if the ext are not allways .asc.asc, ive tried .*.* but this is not allowed by basename. :confused:

    # for pount 2. in the script
    newname=`basename $1 .*.*` #should be able de strip any 2 exts that comes in
    mv $1_a $newname

    #for point 3. in the script
    newname=`basename $1 .*.*` #should be able de strip any 2 exts that comes in
    mv $1_decrypted $newname

    can you advise

  4. catdude

    catdude ISPConfig Developer

    No, basename doesn't allow wildcards in the suffix field.

    What do you know for sure about the file names? Is it certain that you will want to strip off the last two ".*.*" fields? Let me see if I can come up with a simple shell script to do that.
  5. paul sanz

    paul sanz New Member

    Hi catdude

    I still cant strip the extensiones of file inputted by user $1 and save the same file without the last 2 ext.

    any ideas

  6. catdude

    catdude ISPConfig Developer

    I didn't get a chance to work on it yesterday - job stuff kept me way tied up.

    What can you tell me about the requirements? Is the goal always to strip off the last two .somethings? For example, is the goal to pass in a.b.c.d.e.f and return a.b.c.d? Will there ever be more or less than 2 fields to chop off?

    For example, would a script that functioned sort of like basename but required you to pass a count of how many dot-fields to strip off do the job?
  7. paul sanz

    paul sanz New Member

    fixed but limited!

    Hi ive been able to strip .ext i needed but i see it has problems.

    See file attached to see what i mean.

    The script is limited to just 3 ext paul.1.2.3
    1= .txt, .rar, etc
    2+3= *

    what will change it being 2 or 3 ext is the file is signed or not by the sender.

    But the script handles that fine but what it doesnt like is it being more than 3 ext.

    what if somone decides to use "." in the filename i will make me have to keep on changing the code.

    paul.john.txt.asc.asc not 2 nor 3 ext but 4 the script is not written for more than 3 exts.

    it will result as paul.john.txt.*

    see my prob



    Attached Files:

Share This Page