#!/bin/bash
usage() {
	echo "Usage: $0 [-h] [-e | -d] [-b] -k key -i iv"
	echo "Reads from stdin and encrypts or decripts to stdout."
	echo "key and iv must be provided as arguments."
	echo "    -h        print this summary"
	echo "    -e        encode mode (default)"
	echo "    -d        decode mode"
	echo "    -k key    specify 32 bytes encryption key"
	echo "    -k iv     specify 16 bytes initialization vector"
	exit 1
}


#defaults
OPENSSL_ENC=-e

optstring=":edbk:i:h"
while getopts ${optstring} arg; do
	case ${arg} in
		e)
			#encode
			OPENSSL_ENC=-e
			;;
		d)
			#decode
			OPENSSL_ENC=-d
			;;
		b)
			#base64
			OPENSSL_BASE64=-a
			;;
		k)
			#encryption key
			if [[ "${#OPTARG}" != 32 ]]; then
				echo Please insert a 32 bytes key
				exit 1
			fi
			OPENSSL_KEY=$(echo -n ${OPTARG} | xxd -u -c 32 -ps)
			;;
		i)
			#initialization vector
			if [[ "${#OPTARG}" != 16 ]]; then
				echo Please insert a 16 bytes initialization vector
				exit 1
			fi
			OPENSSL_IV=$(echo -n ${OPTARG} | xxd -u -c 32 -ps)
			;;
		h)
			usage
			;;
		*)
			echo Invalid option: -${OPTARG}.
			usage
			;;
	esac
done

[[ -z $OPENSSL_KEY ]] && echo Please insert a 32 bytes key && exit 1
[[ -z $OPENSSL_IV  ]] && echo Please insert a 16 bytes initialization vector && exit 1

while read line; do
	echo -n $line | openssl enc -aes-256-cbc $OPENSSL_ENC $OPENSSL_BASE64 -K $OPENSSL_KEY -iv $OPENSSL_IV
done