#!/usr/bin/env python3

import os, sys

# This script implements the following format command to perform
# encryption or decryption. Including "-d" performs decryption.
#
#   openssl enc -aes-256-cbc -a -salt -pbkdf2 -base64 [-d] \
#           -pass pass:<password> \
#           -in IN_FILE > OUT_FILE
#
# If named "encrypt", this script performs encryption.
# If named "decrypt", this script performs decryption.
# Otherwise, an error is printed.

scriptName = os.path.basename(__file__)
if not 4 == len(sys.argv):
  print("Usage: %s IN_FILE OUT_FILE PASSWORD" % ( os.path.basename(__file__) ))
  sys.exit(1)

infile   = sys.argv[1]
outfile  = sys.argv[2]
password = sys.argv[3]

# Decrypt or encrypt depending on the file name.
decrypt = True
if scriptName == "decrypt":
  decrypt = True
elif scriptName == "encrypt":
  decrypt = False
else:
  print('Error: This script must be named either "encrypt" or "decrypt"\n')
  sys.exit(1)

# Create base command.
cmd = "openssl enc -aes-256-cbc -a -salt -pbkdf2 -base64"
if decrypt:
  cmd += " -d"
cmd += " -pass pass:%s" % ( password )

cmd += " -in %s > %s" % ( infile, outfile )

os.system( cmd )