-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathEncryptFilesHelper.ps1
82 lines (69 loc) · 3.2 KB
/
EncryptFilesHelper.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
param (
[string] $folder,
[boolean] $cleanupOriginals
)
Import-Module -Name $PSScriptRoot\CipherDocs.psm1 -Force -DisableNameChecking
Function EncryptFiles([Object[]] $files, [boolean] $cleanupOriginals) {
$i=0
foreach ($file in $files) {
$i++
$encFilePath = $file.FullName + ".gpg"
if (-not (Test-Path $encFilePath)) {
Trace-Log "[$i of $($files.Count)] Encrypting $file ..."
gpg --output $encFilePath --cipher-algo AES256 --encrypt --sign --recipient $global:recipient $file.FullName
if ($cleanupOriginals) {
Trace-Log "Deleting unencrypted leftover [$file]"
Remove-Item $file.FullName -Force
}
} else {
Trace-Log "WARNING: Skipping already encrypted file: $file" -BackgroundColor Black -ForegroundColor Red
}
}
}
Function Get-CleanupDecision() {
$userChoice = AlertUser $("Delete unencrypted original leftover files after encryption? " + `
"It is recommended you do remove for a cleaner workflow " + `
"but make sure you have a backup.") 4
$skipMessage = "Skipping deletion of unencrypted, original files"
if ($userChoice -like "yes") {
$userFinalWarning = AlertUser $("FINAL CONFIRMATION: Hit YES again to confirm cleanup of " + `
"leftover unencrypted original files after encryption.") 4
if ($userFinalWarning -like "yes") {
# Remove originals (!!!)
Trace-Log "Ok, will cleanup unencrypted, original files after encryption."
return $true
} else {
Trace-Log $skipMessage
}
} else {
Trace-Log $skipMessage
}
return $false
}
######################################################
# MAIN
$startTime = Get-Date
# true is recommended for cleanup, but it cleans via deletion. So ... conservative default of false
$cleanupOriginals = $false
$helpMessage = @"
Encrypt all files within a folder (including subfolders).
It is suggested that you
1. Create a backup of the folder you're about to encrypt. Keep it handy for a few
days and if everything looks ok, delete that backup.
2. Don't add any new files till the folder encryption completes - they can be skipped over
3. Select Yes to delete leftover original file after their encryption (you did backup, right?)
Now pick the folder to encrypt
"@
Trace-Log $helpMessage
# If not CLI mode, prompt via GUI ...
if ($folder -eq $null -or $folder -eq "") {
$folder = GetFolderFromUser "Select the folder to encrypt"
$cleanupOriginals = Get-CleanupDecision
}
# Prepare file list and do encryption + cleanup operation
# Exclude already encrypted files as well as Google Docs "pointer files" (there is no local content anyway, and deleting them deletes content in the cloud!)
$files = Get-ChildItem $folder -Recurse -File -Exclude "*.gpg", "*.gdoc", "*.gslides", "*.gsheet", "*.gdraw", "*.gtable", "*.gform"
EncryptFiles $files $cleanupOriginals
$endTime = Get-Date
Trace-Log "Finished encrypting all files within $folder." -BackgroundColor DarkGreen -ForegroundColor White
Trace-Log "Total time was $($endTime - $startTime) for $($files.Count) files"