Crypt Bash script that uses OpenSSL AES-256 CBC encryption to encrypt/decrypt a file salting it with password designated by user.

#!/usr/bin/env bash

#
# A wrapper for openssl that allows for quickly encrypting
# and decrypting files
#
# This is a modified version of Crypt by Alex Epstein. Changes include...
#
# - Removed `update` operation and option parsing
# - Encrypted files automatically have the ".crypt" file extension appended.
# - Removed option for output filename.
# - Double quote vars to prevent unexpected globing
#
# Original <https://github.com/alexanderepstein/Bash-Snippets/blob/master/crypt/crypt>
#
# Usage:
#
#   To encrypt a file:
#   $ crypt -e <original_file>
#
#   To decrypt a file:
#   $ crypt -d <encrypted_file>
#
# Author: Alexander Epstein <https://github.com/alexanderepstein>
# Modified by: Jon LaBelle <https://github.com/jonlabelle>
# Date: August 9, 2017
#

currentVersion="1.18.1"
state=""
configuredClient=""

checkOpenSSL()
{
  if  ! command -v openssl &>/dev/null; then
    echo "Error: to use this tool openssl must be installed" >&2
    return 1
  else
    return 0
  fi
}

checkInternet()
{
  httpGet github.com > /dev/null 2>&1 || { echo "Error: no active internet connection" >&2; return 1; } # query github with a get request
}

## This function determines which http get tool the system has installed and returns an error if there isnt one
getConfiguredClient()
{
  if  command -v curl &>/dev/null; then
    configuredClient="curl"
  elif command -v wget &>/dev/null; then
    configuredClient="wget"
  elif command -v http &>/dev/null; then
    configuredClient="httpie"
  elif command -v fetch &>/dev/null; then
    configuredClient="fetch"
  else
    echo "Error: This tool reqires either curl, wget, httpie or fetch to be installed." >&2
    return 1
  fi
}

## Allows to call the users configured client without if statements everywhere
httpGet()
{
  case "$configuredClient" in
    curl)  curl -A curl -s "$@" ;;
    wget)  wget -qO- "$@" ;;
    httpie) http -b GET "$@" ;;
    fetch) fetch -q "$@" ;;
  esac
}

## uses openssl aes 256 cbc encryption to encrypt file salting it with password designated by user
encrypt()
{
  echo "Encrypting '$1' to '${1}.crypt'..."
  openssl enc -aes-256-cbc -salt -a -in "$1" -out "${1}.crypt" || { echo "File not found"; return 1; }
  echo "Successfully encrypted"
}

## uses openssl aes 256 cbc decryption to decrypt file
decrypt()
{
  decrypted_file=$(echo "$1" | sed 's/\.crypt$//g')
  echo "Decrypting '$1' to '${decrypted_file}'..."
  openssl enc -aes-256-cbc -d -a -in "$1" -out "$decrypted_file" || { echo "File not found"; return 1; }
  echo "Successfully decrypted"
}

usage()
{
  cat <<EOF
crypt -- Encrypt and decrypt files using OpenSSL.

Usage: crypt -<flag> <inputFile>
  -e  Encrypt the inputFile and store it in the outputFile
  -d  Decrypt the inputFile and store it in the outputFile
  -h  Show help
  -v  Show version

Examples:
  crypt -e file.txt       -- Encrypts the file to 'file.txt.crypt'.
  crypt -d file.txt.crypt -- Decrypts the file back to 'file.txt'.
EOF
}

checkOpenSSL || exit 1

while getopts "hve:d:" opt; do ## alows for using options in bash
  case $opt in
    e)  ## when trying to encrypt run this
        if [[ $state != "decrypt" ]]; then
          state="encrypt"
        else
          echo "Error: the -d and -e options are mutally exclusive" >&2
          exit 1
        fi
        if [[ $# -ne 2 ]]; then
          echo "Option -e needs and only accepts 1 argument [file to encrypt]" >&2
          exit 1
        fi
        ;;
    \?) echo "Invalid option: -$OPTARG" >&2
        exit 1
        ;;
    d)  ## when trying to decrypt run this
        if [[ $state != "encrypt" ]]; then
          state="decrypt"
        else
          echo "Error: the -e and -d options are mutally exclusive" >&2
          exit 1
        fi
        if [[ $# -ne 2 ]]; then
          echo "Option -d needs and only accepts one argument [file to decrypt]" >&2
          exit 1
        fi
        ;;
    h)  usage
        exit 0
        ;;
    v)  echo "Version $currentVersion"
        exit 0
        ;;
    :)  ## will run when no arguments are provided to to e or d options
        echo "Option -$OPTARG requires an argument." >&2
        exit 1
        ;;
  esac
done

if [[ $# == 0 ]]; then
  usage
  exit 0
elif [[ $1 == "help" ]]; then
  usage
  exit 0
elif [[ $state == "encrypt" ]]; then
  encrypt "$2" "$3" || exit 1
  exit 0
elif [[ $state == "decrypt" ]]; then
  decrypt "$2" "$3" || exit 1
  exit 0
fi