gpg加解密批处理文件-创新互联

pgp 在做解密和加密的时候,命令行的方式总是需要手动输入密码和指定ID,比较繁琐,所以写了一个自动脚本。
比较有意思的地方是:
setlocal enabledelayedexpansion 变量延迟和!变量!的使用。同样的方式可以读入文本文件中不同行的内容来赋值变量

让客户满意是我们工作的目标,不断超越客户的期望值来自于我们对这个行业的热爱。我们立志把好的技术通过有效、简单的方式提供给客户,将通过不懈努力成为客户在信息化领域值得信任、有价值的长期合作伙伴,公司提供的服务项目有:空间域名、网站空间、营销软件、网站建设、察布查尔锡伯网站维护、网站推广。

@echo off

:: todo
setlocal enabledelayedexpansion
set /a j=0
for /f "delims=" %%i in (ps.txt) do (
set /a j+=1
rem set /a j+=1
rem echo !j!
rem echo %%i
if !j!==1 set ps=%%i
rem if !j!==2 set txt=%%i

)
rem echo %ps%
rem echo %txt%
set inputfile=%1%
echo -----------------------------------------------------------
echo Decrypt the pgp file from WideVine portal - %inputfile%
echo -----------------------------------------------------------
echo;
set outputfile=%inputfile:~0,-28%xml
rem echo Output file - %outputfile%

gpg --passphrase %ps% --decrypt %inputfile% > %outputfile%
echo -----------------------------------------------------------
echo Decrypt the pgp file successfully.
echo -----------------------------------------------------------
echo -----------------------------------------------------------
echo Encrypt the %outputfile% with customer key
echo -----------------------------------------------------------
echo;

gpg -r widevine_keys -e %outputfile%
rm %outputfile%

但是存在一个问题,在最后加密文件的时候,gpg总是出现下列提示并要求选择y/n
It is NOT certain that the key belongs to the person named
in the user ID. If you really know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y

查了下发现是因为key没有信任的原因,操作如下:
gpg --edit-key key-uid
然后gpg会列出key信息:
Secret key is available.

pub 2048R/B89A8C48 created: 2018-03-07 expires: never usage: SC
trust: ultimate validity: ultimate
sub 2048R/F13C4008 created: 2018-03-07 expires: never usage: E
[ultimate] (1). Jacky Wang

Invalid command (try "help")
gpg >

然后输入trust,回车会显示:
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu

Your decision?
输入5,然后回车,然后加密就不会总是会有提示问题了。

Google的WV portal不久前更改了流程,之前是需要上传一个device id的文件,然后生成的key会根据上传的device id(使用设备的mac address)依次生成。但是现在不需要了,只需要输入要生成多少个key,然后device id就默认从0开始递增。工厂生产的脚本就得修改,为了减少冲突只有写个预处理的脚本,将mac地址替换到递增的device id。
这样脚本复杂很多,用了多个for /f循环来获取同一行中的不同段内容,然后在使用重定向输出。

问题汇总:
for /f 循环中的内部变量有时候能给外部变量赋值,有时候不行,比如num一切正常,但是当想把不同段的内容也赋值到变量str1/2/3,然后在最后通过字符串操作str1/2/3却始终有问题,str不能获得赋值。不知道原因

文件内容如下:


2412
c5f4edc5ff57aff896abf7adf42c3481000000020000206

脚本
for /f skip^=2^ tokens^=1^,3^ delims^=^>^< %%m in (%xmlfile%) do (
rem echo %%m >> num.txt
set num=%%m
set num1=%%n
goto gg
)
:gg
rem echo Find %num% keys from XML file.
echo num=%num1%
echo num1=%num1%

试了试几个case,打印分别如下

for /f skip^=2^ tokens^=1^-3^ delims^=^>^< %%m in (%xmlfile%) do (
...
num=NumberOfKeyboxes
num1=2412

for /f skip^=2^ tokens^=1^,3^ delims^=^>^< %%m in (%xmlfile%) do (
...
num=NumberOfKeyboxes
num1=/NumberOfKeyboxes

for /f skip^=2^ tokens^=2^ delims^=^>^< %%m in (%xmlfile%) do (

num=2412
num1=%n
到此为止一切正常。

接着想把c5f4edc5ff57aff896abf7adf42c3481000000020000206
这部分内容按照双引分成三段,第一和第二保持不变,替换第二段为mac地址。

for /f skip^=3^ tokens^=1^,3^ delims^=^"^" %%m in (%xmlfile%) do (
rem echo %%m
set str1=%%m
set str3=%%n
set str5=%%o
goto cc
)
:cc
echo str1=%str1%
echo str3=%str3%
echo str5=%str5%
.... 报错
Find 2412 keys from XML file.
The system cannot find the file specified.
< was unexpected at this time.

试试其他办法
for /f skip^=3^ tokens^=1^-3^ delims^=^"^" %%m in (%xmlfile%) do (
... str3正确,str1不成功
The system cannot find the file specified.
str3=device_id_0
str5=%o

for /f skip^=3^ tokens^=1^ delims^=^"^" %%m in (%xmlfile%) do (
...str1拿不到
The system cannot find the file specified.
str3=%n

for /f skip^=3^ tokens^=2^ delims^=^"^" %%m in (%xmlfile%) do (
...str1正确
str1=device_id_0
str3=%n

for /f skip^=3^ tokens^=3^ delims^=^"^" %%m in (%xmlfile%) do (
... str1报错
< was unexpected at this time.

只有tokens为2的情况下,似乎获取没有问题,其余case都不行,原因不得而知。

接着我试图获取一整行,然后用字符串处理函数来实现功能,但是发现即便是获取整行仍然出现问题,

for /f "skip=3 delims=" %%m in (%xmlfile%) do (
rem echo %%m 此处打印能正常打印出内容
set str1=%%m
goto cc
)
:cc
echo str1=%str1%

... 整行内容得不到,但是在for循环内部能正常打印%%m的内容。
< was unexpected at this time.

最终能工作的脚本如下:

@echo off
:todo
rem get gpg key password from ps.txt
setlocal enabledelayedexpansion
set /a j=0
for /f "delims=" %%i in (ps.txt) do (
set /a j+=1
rem set /a j+=1
rem echo !j!
rem echo %%i
if !j!==1 set ps=%%i
rem if !j!==2 set txt=%%i

)
rem echo %ps%
rem echo %txt%
set para=%1%
if %para%==-r (
set inputfile=%2%
) else (
set inputfile=%1%
)
echo -----------------------------------------------------------
echo Decrypt the pgp file from WideVine portal - %inputfile%
echo -----------------------------------------------------------
echo;
rem xxxx.txt.1540199541676.output.pgp

set xmlfile=%inputfile:~0,-28%xml
set macfile=%inputfile:~0,-28%txt
set tmpfile=%inputfile:~0,-28%tmp

echo TXTfile - %txtfile% XMLfile - %xmlfile%

gpg --passphrase %ps% --decrypt %inputfile% > %xmlfile%

if %para%==-r (
goto hh
) else (
goto ii
)

goto eof
:hh
echo -----------------------------------------------------------
echo Preprocess - %xmlfile% to replace device ID with mac address from %macfile%
echo -----------------------------------------------------------
setlocal enabledelayedexpansion
set /a j=0
set /a k=3
set /a l=0

for /f "delims=" %%i in (%xmlfile%) do (
set /a j+=1
if !j!==4 goto aa
echo %%i >> %tmpfile%
)

:aa
for /f skip^=2^ tokens^=2^ delims^=^>^< %%m in (%xmlfile%) do (
rem echo %%m >> num.txt
set num=%%m
goto gg
)
:gg
echo Find %num% keys from XML file.
:bb

rem goto eof
rem echo first time %l%

for /f skip^=%k%^ tokens^=1^ delims^=^"^" %%m in (%xmlfile%) do (
rem echo %%m
if %%m == ^<^/Widevine^> (
rem >>%tmpfile% set /p=""echo %%m>>%tmpfile%
goto ff
)
rem echo %%m >> %tmpfile%
set /p=%%m>%tmpfile%
rem set str=%%m
rem >>%tmpfile% set /p=%%mrem echo %str1%
rem echo %str3%
goto cc
)

:cc

if !l!==0 (
for /f "delims=" %%a in (%macfile%) do (
rem echo %%a
rem echo "%%a" >> %tmpfile%
rem >>%tmpfile% set /p=%%aset /p=""%%a"">%tmpfile%
rem set str2=%%a
goto dd
)
) else (
for /f "skip=%l% delims=" %%a in (%macfile%) do (
rem echo %%a
rem echo "%%a" >> %tmpfile%
rem >>%tmpfile% set /p=%%aset /p=""%%a"">%tmpfile%
rem set str2=%%a
goto dd
)
)
:dd

for /f skip^=%k%^ tokens^=3^ delims^=^"^" %%n in (%xmlfile%) do (
rem echo %%n
rem echo %%n >> %tmpfile%
set /p=%%n>%tmpfile%
rem set str3=%%n
goto ee
)
rem echo %str2%
rem echo %%a
rem echo %%m"%%a"%%n >> %tmpfile%
:ee

set /a k+=1
set /a l+=1
echo.>>%tmpfile%
goto bb

:ff
rem echo %%i%%a%%j >> %tmpfile%
rem rm %xmlfile%
rem ren %tmpfile% %xmlfile%
rem echo "" >> %tmpfile%
if !l!==%num% (
echo Total !l! keys generated!
rm %xmlfile%
ren %tmpfile% %xmlfile%
) else (
echo Error: Key number not match, please check!
goto eof
)

:ii
echo -----------------------------------------------------------
echo Decrypt the pgp file successfully.
echo -----------------------------------------------------------
echo -----------------------------------------------------------
echo Encrypt the %xmlfile% with customer key
echo -----------------------------------------------------------
echo;

gpg -r widevine_keys -e %xmlfile%
rm %xmlfile%

:eof

在Mac OS上脚本需要略微修改key.sh如下:
#!/bin/bash

#file="./PS.txt"
file="/Users/jackywang/Documents/GPG/Harman/PS.txt"
if [[ -f "$file" ]];
then
#read it
while IFS= read line;
do
ps="$line"
done < "$file"
else
echo "password file not exist!!!"
exit
fi

inputfile=$1
echo $inputfile
#inputlen=$inputfile.length

echo -----------------------------------------------------------
echo Decrypt the pgp file from WideVine portal - $inputfile
echo -----------------------------------------------------------
echo;
extstr=${inputfile:0-28:28}

xmlfile=${inputfile/%$extstr/xml}
macfile=${inputfile/%$extstr/txt}
tmpfile=${inputfile/%$extstr/tmp}

echo TXTfile - $macfile XMLfile - $xmlfile

gpg --passphrase $ps --decrypt $inputfile > $xmlfile

echo -----------------------------------------------------------
echo Decrypt the pgp file successfully.
echo -----------------------------------------------------------
echo -----------------------------------------------------------
echo Encrypt the %xmlfile% with customer key
echo -----------------------------------------------------------
echo;

gpg -r widevine_keys -e $xmlfile
rm $xmlfile

另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。


本文标题:gpg加解密批处理文件-创新互联
URL标题:http://scyanting.com/article/cssjdg.html