1#! @SHELL@ 2# 3# Copyright (c) 2007-2013 Zmanda Inc. All Rights Reserved. 4# 5# This program is free software; you can redistribute it and/or 6# modify it under the terms of the GNU General Public License 7# as published by the Free Software Foundation; either version 2 8# of the License, or (at your option) any later version. 9# 10# This program is distributed in the hope that it will be useful, but 11# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13# for more details. 14# 15# You should have received a copy of the GNU General Public License along 16# with this program; if not, write to the Free Software Foundation, Inc., 17# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18# 19# Contact information: Zmanda Inc, 465 S. Mathilda Ave., Suite 300 20# Sunnyvale, CA 94086, USA, or: http://www.zmanda.com 21# 22 23prefix="@prefix@" 24exec_prefix="@exec_prefix@" 25sbindir="@sbindir@" 26amlibexecdir="@amlibexecdir@" 27. "${amlibexecdir}/amanda-sh-lib.sh" 28 29# add sbin and ucb dirs 30PATH="$PATH:/usr/sbin:/sbin:/usr/ucb" 31export PATH 32 33# wrapper script to use aespipe 34# based on bz2aespipe distributed by aespipe from 35# http://loop-aes.sourceforge.net/ 36# FILE FORMAT 37# 10 bytes: constant string 'bz2aespipe' 38# 10 bytes: itercountk digits 39# 1 byte: '0' = AES128, '1' = AES192, '2' = AES256 40# 1 byte: '0' = SHA256, '1' = SHA384, '2' = SHA512, '3' = RMD160 41# 24 bytes: random seed string 42# remaining bytes are aespipe encrypted 43 44# These definitions are only used when encrypting. 45# Decryption will autodetect these definitions from archive. 46ENCRYPTION=AES256 47HASHFUNC=SHA256 48ITERCOUNTK=100 49WAITSECONDS=1 50AMANDA_HOME=~@CLIENT_LOGIN@ 51GPGKEY="$AMANDA_HOME/.gnupg/am_key.gpg" 52FDNUMBER=3 53 54if test x$1 = x-d ; then 55 # decrypt 56 n=`/bin/dd bs=10 count=1 2> /dev/null | tr -d -c 0-9a-zA-Z` 57 if test x${n} != xbz2aespipe ; then 58 echo "bz2aespipe: wrong magic - aborted" >/dev/tty 59 exit 1 60 fi 61 itercountk=`/bin/dd bs=10 count=1 2> /dev/null | tr -d -c 0-9` 62 if test x${itercountk} = x ; then itercountk=0; fi 63 n=`/bin/dd bs=1 count=1 2> /dev/null | tr -d -c 0-9` 64 encryption=AES128 65 if test x${n} = x1 ; then encryption=AES192; fi 66 if test x${n} = x2 ; then encryption=AES256; fi 67 n=`/bin/dd bs=1 count=1 2> /dev/null | tr -d -c 0-9` 68 hashfunc=SHA256 69 if test x${n} = x1 ; then hashfunc=SHA384; fi 70 if test x${n} = x2 ; then hashfunc=SHA512; fi 71 if test x${n} = x3 ; then hashfunc=RMD160; fi 72 seedstr=`/bin/dd bs=24 count=1 2> /dev/null | tr -d -c 0-9a-zA-Z+/` 73 aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${encryption} -H ${hashfunc} \ 74 -S ${seedstr} -C ${itercountk} -d 75else 76 # encrypt 77 echo -n bz2aespipe 78 echo ${ITERCOUNTK} | awk '{printf "%10u", $1;}' 79 n=`echo ${ENCRYPTION} | tr -d -c 0-9` 80 aesstr=0 81 if test x${n} = x192 ; then aesstr=1; fi 82 if test x${n} = x256 ; then aesstr=2; fi 83 n=`echo ${HASHFUNC} | tr -d -c 0-9` 84 hashstr=0 85 if test x${n} = x384 ; then hashstr=1; fi 86 if test x${n} = x512 ; then hashstr=2; fi 87 if test x${n} = x160 ; then hashstr=3; fi 88 seedstr=`head -c 18 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1` 89 echo -n ${aesstr}${hashstr}${seedstr} 90 aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${ENCRYPTION} -H ${HASHFUNC} \ 91 -S ${seedstr} -C ${ITERCOUNTK} -w ${WAITSECONDS} 92fi 93exit 0 94