Scripts/test.py at master · kawaxi/Scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
import argparse
import getpass
import os
import subprocess
import sys
from pathlib import Path


SKIP_NAMES = {
    "encrypt.py",
    "decrypt.py",

}

SKIP_SUFFIXES = {
    ".enc",
    ".py",
    ".pyc",

}


def should_skip(path: Path) -> bool:
    if not path.is_file():
        return True
    if path.name in SKIP_NAMES:
        return True
    return path.suffix in SKIP_SUFFIXES


def run_openssl(args: list[str], password: str) -> subprocess.CompletedProcess[str]:
    env = os.environ.copy()
    env["OPENSSL_PASS"] = password
    return subprocess.run(
        ["openssl", *args, "-pass", "env:OPENSSL_PASS"],
        capture_output=True,
        text=True,
        env=env,
    )


def encrypt_file(path: Path, password: str) -> bool:
    output_path = path.with_name(path.name + ".enc")
    result = run_openssl(
        [
            "enc",
            "-aes-256-cbc",
            "-pbkdf2",
            "-salt",
            "-in",
            str(path),
            "-out",
            str(output_path),
        ],
        password,
    )
    if result.returncode != 0:
        print(f"Failed to encrypt {path.name}: {result.stderr.strip()}", file=sys.stderr)
        return False
    path.unlink()
    print(f"Encrypted: {path.name}")
    return True


def decrypt_file(path: Path, password: str) -> bool:
    output_path = path.with_suffix("")
    result = run_openssl(
        [
            "enc",
            "-d",
            "-aes-256-cbc",
            "-pbkdf2",
            "-in",
            str(path),
            "-out",
            str(output_path),
        ],
        password,
    )
    if result.returncode != 0:
        if output_path.exists():
            output_path.unlink()
        print(f"Failed to decrypt {path.name}: {result.stderr.strip()}", file=sys.stderr)
        return False
    path.unlink()
    print(f"Decrypted: {output_path.name}")
    return True


def main() -> int:
    parser = argparse.ArgumentParser(description="Encrypt or decrypt top-level files in a folder")
    parser.add_argument("action", choices=["encrypt", "decrypt"], help="Action to perform")
    parser.add_argument(
        "--directory",
        default=".",
        help="Directory containing files to process. Defaults to the current directory.",
    )
    args = parser.parse_args()

    password = getpass.getpass("Enter password: ")
    target_dir = Path(args.directory).resolve()
    if not target_dir.is_dir():
        print(f"Not a directory: {target_dir}", file=sys.stderr)
        return 1

    processed = 0
    for path in sorted(target_dir.iterdir()):
        if args.action == "encrypt":
            if should_skip(path):
                continue
            if encrypt_file(path, password):
                processed += 1
        else:
            if path.is_file() and path.suffix == ".enc":
                if decrypt_file(path, password):
                    processed += 1

    print(f"Completed {args.action}: {processed} file(s)")
    return 0


if __name__ == "__main__":
    raise SystemExit(main())