From 83ba0a3ed56661c17b06b11fcb91c72b94f5974b Mon Sep 17 00:00:00 2001
From: Harsh Shandilya <msfjarvis@gmail.com>
Date: Wed, 1 Jul 2020 14:29:30 +0530
Subject: Improve how secrets and stored and used (#907)

---
 release/encrypt-secret.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100755 release/encrypt-secret.sh

(limited to 'release/encrypt-secret.sh')

diff --git a/release/encrypt-secret.sh b/release/encrypt-secret.sh
new file mode 100755
index 00000000..6d71c4bc
--- /dev/null
+++ b/release/encrypt-secret.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+# Simple script that uses OpenSSL to encrypt a provided file with a provided key, and writes the result
+# to the provided path. Yes it's very needy.
+
+INPUT_FILE=$1
+OUTPUT_FILE=$2
+ENCRYPT_KEY=$3
+
+if [[ -n "$ENCRYPT_KEY" && -n "$INPUT_FILE" && -n "$OUTPUT_FILE" ]]; then
+    openssl enc -aes-256-cbc -md sha256 -pbkdf2 -e -in "${INPUT_FILE}" -out "${OUTPUT_FILE}" -k "${ENCRYPT_KEY}"
+else
+    echo "Usage: ./encrypt-secret.sh <input file> <output file> <encryption key>"
+fi
-- 
cgit v1.2.3