-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathEncryptedStrings_Bash.sh
executable file
·31 lines (28 loc) · 1.31 KB
/
EncryptedStrings_Bash.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/bin/bash
# Use 'openssl' to create an encrypted Base64 string for script parameters
# Additional layer of security when passing account credentials from the JSS to a client
# Use GenerateEncryptedString() locally - DO NOT include in the script!
# The 'Encrypted String' will become a parameter for the script in the JSS
# The unique 'Salt' and 'Passphrase' values will be present in your script
function GenerateEncryptedString() {
# Usage ~$ GenerateEncryptedString "String"
local STRING="${1}"
local SALT=$(openssl rand -hex 8)
local K=$(openssl rand -hex 12)
local ENCRYPTED=$(echo "${STRING}" | openssl enc -aes256 -md md5 -a -A -S "${SALT}" -k "${K}")
echo "Encrypted String: ${ENCRYPTED}"
echo "Salt: ${SALT} | Passphrase: ${K}"
}
# Include DecryptString() with your script to decrypt the password sent by the JSS
# The 'Salt' and 'Passphrase' values would be present in the script
function DecryptString() {
# Usage: ~$ DecryptString "Encrypted String" "Salt" "Passphrase"
echo "${1}" | /usr/bin/openssl enc -aes256 -md md5 -d -a -A -S "${2}" -k "${3}"
}
# Alternative format for DecryptString function
function DecryptString() {
# Usage: ~$ DecryptString "Encrypted String"
local SALT=""
local K=""
echo "${1}" | /usr/bin/openssl enc -aes256 -md md5 -d -a -A -S "$SALT" -k "$K"
}