12 lines
589 B
Bash
Executable File
12 lines
589 B
Bash
Executable File
#!/usr/bin/env bash
|
|
# Decrypt a base64-encoded AES-256-CBC ciphertext produced by encrypt.sh.
|
|
# Usage: decrypt.sh <ciphertext> <passphrase>
|
|
|
|
# -d : decrypt mode (reverse of encryption)
|
|
# -a : base64-decode the input first; must mirror the -a used at encrypt time
|
|
# -pbkdf2 : derive the symmetric key via PBKDF2 rather than the deprecated EVP_BytesToKey;
|
|
# openssl will error if this flag doesn't match what was used to encrypt
|
|
# -pass pass : accept the passphrase directly from the CLI argument $2
|
|
echo $1 | openssl aes-256-cbc -d -a -pbkdf2 -pass pass:$2
|
|
|