~siretart/cryptsetup/debian

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#!/bin/sh

decrypt_ssl () {
	local key tmpkey rc tries maxtries
	key="$1"
	tmpkey=$(tempfile)

	echo "Performing (deprecated) two-pass-ssl decryption" >&2
	if ! /usr/bin/openssl enc -aes256 -d -salt -in $key -out $tmpkey > /dev/null 2>&1; then
		echo "First pass decryption failed" >&2
		return 1
	fi

	if ! /usr/bin/openssl dsa -in $tmpkey 2> /dev/null; then
		echo "Second pass decryption failed" >&2
		rm -f "$tmpkey"
		return 1
	fi

	rm -f "$tmpkey"
	return 0
}

if [ -z "$1" ]; then
	exit 1
fi
decrypt_ssl "$1"
exit $?