From 35d0b4753f4254c54972a3d511801d9cad0a39a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?b=CA=B0edoh=E2=82=82=20sw=C3=A9?= <bedohswe@firemail.cc>
Date: Sun, 12 Jan 2025 18:31:18 +0500
Subject: [PATCH] Add encryption support.

---
 README.md            |  4 ++++
 dobroho_vechora.bash | 44 +++++++++++++++++++++++++++++++++++++++++---
 2 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 4100a1d..1bf000f 100644
--- a/README.md
+++ b/README.md
@@ -29,5 +29,9 @@ Available commands:
 
 * q: Exit.
 
+* e: Toggle encryption
+
+* E: Set encryption password. (Can also be set via "DOBROHO_VECHORA_ENCRYPTION_PASSWORD" environment variable.)
+
 
 Client prints "?" on unknown commands.
diff --git a/dobroho_vechora.bash b/dobroho_vechora.bash
index 0ffd906..d1778a4 100755
--- a/dobroho_vechora.bash
+++ b/dobroho_vechora.bash
@@ -62,10 +62,34 @@ case "${mode}" in
 		exit
 esac
 
+encrypt() {
+	if [ "${enc}" -eq 1 ] | [ -z "${DOBROHO_VECHORA_ENCRYPTION_PASSWORD}" ]; then
+		cat
+		return 0
+	fi
+	echo "ENCRYPTED"'!'"<$(openssl enc -pbkdf2 -a -aes256 -pass env:DOBROHO_VECHORA_ENCRYPTION_PASSWORD)>"
+}
+
+decrypt() {
+	if [ "${enc}" -eq 1 ] | [ -z "${DOBROHO_VECHORA_ENCRYPTION_PASSWORD}" ]; then
+		cat
+		return 0
+	fi
+	while IFS="" read -r i || [ -n "${i}" ]
+	do
+		echo "${i}"
+		cipher="$(echo "${i}" | grep -Po 'ENCRYPTED!<\K([a-zA-Z0-9\=\+\/]*)(?=\>)')" || :
+		if [ -n "${cipher}" ]; then
+			echo -n "Decrypted: "
+			echo "${cipher}" | openssl enc -pbkdf2 -d -a -aes256 -pass env:DOBROHO_VECHORA_ENCRYPTION_PASSWORD || :
+		fi
+	done
+}
+
 print_messages() {
 	open_socket
 	echo -n 2 >&3
-	head -c "${1}" <&3 | sed -e 's/\x1B/ESC/g' 
+	head -c "${1}" <&3 | decrypt | sed -e 's/\x1B/ESC/g' 
 	close_socket
 }
 
@@ -89,18 +113,19 @@ wait_for_messages() {
 }
 
 length=0
+enc=0
 while :; do
 	read cmd
 	case "${cmd}" in
 		I)
 			tmp="$(mktemp)"
 			"${VISUAL:-"${EDITOR:-"$(which vi)"}"}" "${tmp}"
-			[ -s "${tmp}" ] && send_message 0"${nick}$(cat "${tmp}")"
+			[ -s "${tmp}" ] && send_message 0"${nick}$(cat "${tmp}" | encrypt)"
 			rm "${tmp}"
 			;;
 		i)
 			read a
-			send_message 0"${nick}${a}"
+			send_message 0"${nick}$(echo "${a}" | encrypt)"
 			;;
 		L)
 			length="$(get_message 1)"
@@ -125,6 +150,19 @@ while :; do
 		q)
 			exit
 			;;
+		E)
+			read -s DOBROHO_VECHORA_ENCRYPTION_PASSWORD
+			export DOBROHO_VECHORA_ENCRYPTION_PASSWORD
+			;;
+		e)
+			if [ "${enc}" -eq 0 ]; then
+				enc=1
+				echo 1
+			else
+				enc=0
+				echo 0
+			fi
+			;;
 		*)
 			echo '?'
 			;;