Improved command-line syntax for passing the passphrase + Updated README file.

This commit is contained in:
LoRd_MuldeR 2021-03-21 22:10:34 +01:00
parent 0b7777fc3e
commit ded1220a13
Signed by: mulder
GPG Key ID: 2B5913365F57E03F
7 changed files with 127 additions and 64 deletions

View File

@ -25,8 +25,8 @@ Synopsis
The SlunkCypt command-line program is invoked as follows: The SlunkCypt command-line program is invoked as follows:
slunkcrypt --encrypt [[@][:]<passphrase>] <input> <output> slunkcrypt --encrypt [pass:<pass>|file:<file>] <input.txt> <output.enc>
slunkcrypt --decrypt [[@][:]<passphrase>] <input> <output> slunkcrypt --decrypt [pass:<pass>|file:<file>] <input.enc> <output.txt>
slunkcrypt --make-pw [<length>] slunkcrypt --make-pw [<length>]
Commands Commands
@ -39,50 +39,55 @@ One of the following commands must be chosen:
- **`--decrypt` (`-d`):** - **`--decrypt` (`-d`):**
Run application in ***decrypt*** mode. Reads the given *ciphertext* and restores *plaintext*. Run application in ***decrypt*** mode. Reads the given *ciphertext* and restores *plaintext*.
- **`--make-pw` (`-p`):** - **`--make-pw` (`-p`):**
Generate and output a "strong" random passphrase suitable for use with SlunkCrypt. Generate a "strong" random passphrase, suitable for use with SlunkCrypt.
- **`--self-test` (`-t`):** - **`--self-test` (`-t`):**
Run application in ***self-test*** mode. Program will exit when test is completed. Run the application in ***self-test*** mode. Program will exit after all test are completed.
Options Options
------- -------
The following options are available: The following options are available:
- **`<passphrase>`**: - **`pass:<pass>`**:
* The passphrase used to "protect" the message. The same passphrase must be used for both, ***encrypt*** and ***decrypt*** mode. * Specifies the "secret" passphrase directly on the command-line. This is considered *insecure*.
* It will only be possible decrypt the ciphertext, if the "correct" passphrase is known. - **`file:<file>`**:
* Use **`--make-pw`** to generate a random passphrase. The passphrase must be kept confidential under all circumstances! * Specifies a file to read the passphrase from. Only the *first* line of the file will be read!
* **Syntax:** * *Note:* It is also possible to specify **`-`** in order to read the passphrase from the *stdin*.
- If the passphrase is prefixed with an **`@`** character, then it specifies the file to read the passphrase from.
- If the passphrase is set to **`@-`**, then the passphrase is read from the standard input stream.
- If the passphrase is prefixed with an **`:`** character, then the leading character is ignored; use if passphrase contains **`@`** character.
- If the parameter is *omitted*, then the passphrase is read from the `SLUNK_PASSPHRASE` environment variable.
* *Note:* In order to thwart brute force attacks, it is recommended to choose a "random" password that is at least 12 characters in length and that consists of upper-case characters, lower-case characters, digits as well as other "special" characters.
- **`<input>`**: - **`<input>`**:
* In ***encrypt*** mode, specifies the *plaintext* (unencrypted information) file that is to be encrypted. * In ***encrypt*** mode &ndash; specifies the *plaintext* file (unencrypted information) that is to be encrypted.
* In ***decrypt*** mode, specifies the *ciphertext* (result of encryption) file that is to be decrypted. * In ***decrypt*** mode &ndash; specifies the *ciphertext* file (result of encryption) that is to be decrypted.
- **`<output>`**: - **`<output>`**:
* In ***encrypt*** mode, specifies the file where the *ciphertext* (result of encryption) will be stored. * In ***encrypt*** mode &ndash; specifies the file where the *ciphertext* (result of encryption) will be stored.
* In ***decrypt*** mode, specifies the file where the *plaintext* (unencrypted information) will be stored. * In ***decrypt*** mode &ndash; specifies the file where the *plaintext* (unencrypted information) will be stored.
- **`<length>`**: - **`<length>`**:
* Speicifes the length of the passphrase to be generated, in characters. If *not* specified, defaults to 24. * Specifies the length of the passphrase to be generated. If *not* specified, defaults to 24.
### Remarks
- If the passphrase is **not** specified on the command-line, it will be read from the `SLUNK_PASSPHRASE` environment variable.
- The same passphrase must be used for both, ***encrypt*** and ***decrypt*** mode. The decryption of the ciphertext will only be possible, if the "correct" passphrase is known. It is recommended to choose a "random" password that is at least 12 characters in length and consists of a mix of upper-case characters, lower-case characters, digits as well as special characters.
- Passing the passphrase directly on the command-line is insecure, because the command-line may be visible to other users.
Examples Examples
-------- --------
Examples on how to use the SlunkCrypt command-line application: Here are some examples on how to use the SlunkCrypt command-line application:
1. Let's generate a new secure password first: ### Example #1
1. Let's generate a new random (secure) password first:
slunkcrypt --make-pw slunkcrypt --make-pw
Example output: *Example output:*
cdG2=fh<C=3[SSCzf[)iDjIV cdG2=fh<C=3[SSCzf[)iDjIV
2. Now, encrypt the plaintext message, using the generated password: 2. Now, encrypt the plaintext message, using the generated password:
slunkcrypt --encrypt "cdG2=fh<C=3[SSCzf[)iDjIV" plaintext.txt ciphertext.enc slunkcrypt --encrypt pass:"cdG2=fh<C=3[SSCzf[)iDjIV" plaintext.txt ciphertext.enc
Optionally, let's have a look at the ciphertext: Optionally, let's have a look at the ciphertext:
@ -90,11 +95,39 @@ Examples on how to use the SlunkCrypt command-line application:
3. Finally, decrypt the ciphertext, using the same password as before: 3. Finally, decrypt the ciphertext, using the same password as before:
slunkcrypt --decrypt "cdG2=fh<C=3[SSCzf[)iDjIV" ciphertext.enc plaintext.out slunkcrypt --decrypt pass:"cdG2=fh<C=3[SSCzf[)iDjIV" ciphertext.enc plaintext.out
Optionally, verify that files are actually the same: Optionally, verify that the decrypted file is identical to the original:
cmp --silent plaintext.txt plaintext.out && echo "files are the same" sha256sum -b plaintext.txt plaintext.out
### Example #2
1. Generate a new password and store it to a text file:
slunkcrypt --make-pw > passwd.txt
Optionally, output the generated password to the terminal:
cat passwd.txt
2. Encrypt file by reading the password from the text file:
slunkcrypt --encrypt file:passwd.txt plaintext.txt ciphertext.enc
### Example #3
1. Generate a new password directly to an environment variable:
MY_PASSWD="$(slunkcrypt --make-pw)"
Optionally, output the generated password to the terminal:
echo "${MY_PASSWD}"
2. Encrypt file by reading the password from the *stdin*:
slunkcrypt --encrypt - plaintext.txt ciphertext.enc <<< "${MY_PASSWD}"
Encryption algorithm Encryption algorithm

View File

@ -36,7 +36,11 @@
#define SLUNK_MODE_PASS 4 #define SLUNK_MODE_PASS 4
#define SLUNK_MODE_TEST 5 #define SLUNK_MODE_TEST 5
static const CHR* const ENVV_PASSWD_NAME = T("SLUNK_PASSPHRASE"); static const CHR* const PREFIX_PASS = T("pass:");
static const CHR* const PREFIX_FILE = T("file:");
static const CHR* const ENV_PASSWD_NAME = T("SLUNK_PASSPHRASE");
static const char PASSWD_SYMBOLS[] = static const char PASSWD_SYMBOLS[] =
{ {
'!', '#', '$', '%', '&', '(', ')', '*', '+', ',', '-', '.', '/', '0', '1', '!', '#', '$', '%', '&', '(', ')', '*', '+', ',', '-', '.', '/', '0', '1',
@ -44,7 +48,7 @@ static const char PASSWD_SYMBOLS[] =
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O',
'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[', ']', '^', '_', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[', ']', '^', '_',
'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o',
'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '}', '~' 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~'
}; };
static const uint64_t MAGIC_NUMBER = 0x243F6A8885A308D3ull; static const uint64_t MAGIC_NUMBER = 0x243F6A8885A308D3ull;
@ -93,34 +97,52 @@ static void print_manpage(const CHR *const program)
FPUTS(T("https://creativecommons.org/publicdomain/zero/1.0/legalcode\n"), stderr); FPUTS(T("https://creativecommons.org/publicdomain/zero/1.0/legalcode\n"), stderr);
FPUTS(T("====================================================================\n\n"), stderr); FPUTS(T("====================================================================\n\n"), stderr);
FPUTS(T("Usage:\n"), stderr); FPUTS(T("Usage:\n"), stderr);
FPRINTF(stderr, T(" %") T(PRISTR) T(" --encrypt [[@][:]<passphrase>] <input.txt> <output.enc>\n"), program); FPRINTF(stderr, T(" %") T(PRISTR) T(" --encrypt [pass:<pass>|file:<file>] <input.txt> <output.enc>\n"), program);
FPRINTF(stderr, T(" %") T(PRISTR) T(" --decrypt [[@][:]<passphrase>] <input.enc> <output.txt>\n"), program); FPRINTF(stderr, T(" %") T(PRISTR) T(" --decrypt [pass:<pass>|file:<file>] <input.enc> <output.txt>\n"), program);
FPRINTF(stderr, T(" %") T(PRISTR) T(" --make-pw [<length>]\n\n"), program); FPRINTF(stderr, T(" %") T(PRISTR) T(" --make-pw [<length>]\n\n"), program);
FPRINTF(stderr, T("Optionally, reads passphrase from the %") T(PRISTR) T(" environment variable.\n\n"), ENV_PASSWD_NAME);
}
static char *duplicate_string(const CHR *const passphrase)
{
char *const buffer = CHR_to_utf8(passphrase);
if (!buffer)
{
FPUTS(T("Error: Failed to allocate the string buffer!\n\n"), stderr);
}
return buffer;
} }
static char *read_passphrase(const CHR* const file_name) static char *read_passphrase(const CHR* const file_name)
{ {
const size_t max_len = SLUNKCRYPT_PWDLEN_MAX + 2U; if (file_name && (!file_name[0U]))
char *buffer = (char*) malloc(max_len * sizeof(char));
if (!buffer)
{ {
FPUTS(T("Error: The passphrase input file name must not be empty!\n\n"), stderr);
return NULL; return NULL;
} }
const int use_stdin = (STRICMP(file_name, T("-")) == 0); const size_t max_len = SLUNKCRYPT_PWDLEN_MAX + 2U;
FILE *const file = use_stdin ? stdin : FOPEN(file_name, T("rb")); char *const buffer = (char*) malloc(max_len * sizeof(char));
if (!file) if (!buffer)
{ {
FPUTS(T("Error: Failed to allocate the passphrase buffer!\n\n"), stderr);
return NULL;
}
const int use_stdin = (!file_name) || (!STRICMP(file_name, T("-")));
FILE *const file_in = use_stdin ? stdin : FOPEN(file_name, T("rb"));
if (!file_in)
{
FPRINTF(stderr, T("Error: Failed to open file \"%") T(PRISTR) T("\" for reading!\n\n"), file_name);
free(buffer); free(buffer);
return NULL; return NULL;
} }
do do
{ {
if (!fgets(buffer, (int)max_len, file)) if (!fgets(buffer, (int)max_len, file_in))
{ {
free(buffer); buffer[0U] = '\0';
buffer = NULL;
goto finish; goto finish;
} }
size_t length = strlen(buffer); size_t length = strlen(buffer);
@ -133,9 +155,9 @@ static char *read_passphrase(const CHR* const file_name)
finish: finish:
if ((!use_stdin) && file) if ((!use_stdin) && file_in)
{ {
fclose(file); fclose(file_in);
} }
return buffer; return buffer;
@ -168,7 +190,7 @@ static int generate_passphrase(const size_t length)
char *const buffer = (char*) malloc((passwd_len + 1U) * sizeof(char)); char *const buffer = (char*) malloc((passwd_len + 1U) * sizeof(char));
if (!buffer) if (!buffer)
{ {
FPUTS(T("\n\nError: Failed to allocate memory buffer!\n\n"), stderr); FPUTS(T("Error: Failed to allocate memory buffer!\n\n"), stderr);
return EXIT_FAILURE; return EXIT_FAILURE;
} }
@ -179,14 +201,14 @@ static int generate_passphrase(const size_t length)
uint64_t value; uint64_t value;
if (slunkcrypt_generate_nonce(&value) != SLUNKCRYPT_SUCCESS) if (slunkcrypt_generate_nonce(&value) != SLUNKCRYPT_SUCCESS)
{ {
FPUTS(T("\n\nError: Failed to generate next random number!\n\n"), stderr); FPUTS(T("Error: Failed to generate next random number!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
buffer[i] = PASSWD_SYMBOLS[value % ARRAY_SIZE(PASSWD_SYMBOLS)]; buffer[i] = PASSWD_SYMBOLS[value % ARRAY_SIZE(PASSWD_SYMBOLS)];
} }
buffer[passwd_len] = '\0'; buffer[passwd_len] = '\0';
} }
while (weak_passphrase(buffer)); while ((!isalpha(buffer[0U])) || (!isalnum(buffer[passwd_len - 1U])) || weak_passphrase(buffer));
FPRINTF(stdout, T("%") T(PRIstr) T("\n\n"), buffer); FPRINTF(stdout, T("%") T(PRIstr) T("\n\n"), buffer);
fflush(stdout); fflush(stdout);
@ -208,15 +230,15 @@ static int open_files(FILE **const file_in, FILE **const file_out, const CHR* co
*file_in = FOPEN(input_path, T("rb")); *file_in = FOPEN(input_path, T("rb"));
if (!(*file_in)) if (!(*file_in))
{ {
FPUTS(T("Error: Failed to open input file for reading!\n\n"), stderr); FPRINTF(stderr, T("Error: Failed to open file \"%") T(PRISTR) T("\" for reading!\n\n"), input_path);
return EXIT_FAILURE; return EXIT_FAILURE;
} }
*file_out = FOPEN(output_path, T("wb")); *file_out = FOPEN(output_path, T("wb"));
if (!(*file_out)) if (!(*file_out))
{ {
FPUTS(T("Error: Failed to open output file for writing!\n\n"), stderr); FPRINTF(stderr, T("Error: Failed to open file \"%") T(PRISTR) T("\" for writing!\n\n"), output_path);
fclose(*file_out); fclose(*file_in);
return EXIT_FAILURE; return EXIT_FAILURE;
} }
@ -763,12 +785,18 @@ int MAIN(const int argc, CHR *const argv[])
goto clean_up; goto clean_up;
} }
const CHR* const passphrase = (argc > 4) ? argv[2U] : GETENV(ENVV_PASSWD_NAME); const CHR *const passphrase = (argc > 4) ? argv[2U] : GETENV(ENV_PASSWD_NAME);
const CHR *const input_file = argv[(argc > 4) ? 3U : 2U], *const output_file = argv[(argc > 4) ? 4U : 3U]; const CHR *const input_file = argv[(argc > 4) ? 3U : 2U], *const output_file = argv[(argc > 4) ? 4U : 3U];
if ((!passphrase) || (!passphrase[0U]) || (((passphrase[0U] == T('@')) || (passphrase[0U] == T(':'))) && (!passphrase[1U]))) if ((!passphrase) || (!passphrase[0U]))
{ {
FPUTS(T("Error: The specified passphrase must not be empty!\n\n"), stderr); FPUTS(T("Error: The passphrase must be specified, directly or indirectly!\n\n"), stderr);
goto clean_up;
}
if (STRICMP(passphrase, T("-")) && (!STARTS_WITH(passphrase, PREFIX_PASS)) && (!STARTS_WITH(passphrase, PREFIX_FILE)))
{
FPRINTF(stderr, T("Error: The passphrase must start with a '%") T(PRISTR) T("' or '%") T(PRISTR) T("' prefix!\n\n"), PREFIX_PASS, PREFIX_FILE);
goto clean_up; goto clean_up;
} }
@ -782,10 +810,10 @@ int MAIN(const int argc, CHR *const argv[])
/* Initialize passphrase */ /* Initialize passphrase */
/* ----------------------------------------------------- */ /* ----------------------------------------------------- */
passphrase_buffer = (passphrase[0U] == T('@')) ? read_passphrase(passphrase + 1U) : CHR_to_utf8((passphrase[0U] == T(':')) ? (passphrase + 1U) : passphrase); passphrase_buffer = STARTS_WITH(passphrase, PREFIX_PASS) ? duplicate_string(passphrase + STRLEN(PREFIX_PASS)) :
(STARTS_WITH(passphrase, PREFIX_FILE) ? read_passphrase(passphrase + STRLEN(PREFIX_FILE)) : read_passphrase(NULL));
if (!passphrase_buffer) if (!passphrase_buffer)
{ {
FPUTS(T("Error: Failed to read the passphrase!\n\n"), stderr);
goto clean_up; goto clean_up;
} }

View File

@ -55,6 +55,7 @@
# define GETENV(X) _wgetenv((X)) # define GETENV(X) _wgetenv((X))
# define STRLEN(X) wcslen((X)) # define STRLEN(X) wcslen((X))
# define STRICMP(X,Y) _wcsicmp((X),(Y)) # define STRICMP(X,Y) _wcsicmp((X),(Y))
# define STRNICMP(X,Y,Z) _wcsnicmp((X),(Y),(Z))
# define STRRCHR(X,Y) wcsrchr((X),(Y)) # define STRRCHR(X,Y) wcsrchr((X),(Y))
# define STRTOUL(X) wcstoul((X), NULL, 0) # define STRTOUL(X) wcstoul((X), NULL, 0)
# define FPUTS(X,Y) fputws((X),(Y)) # define FPUTS(X,Y) fputws((X),(Y))
@ -76,6 +77,7 @@
# define GETENV(X) getenv((X)) # define GETENV(X) getenv((X))
# define STRLEN(X) strlen((X)) # define STRLEN(X) strlen((X))
# define STRICMP(X,Y) strcasecmp((X),(Y)) # define STRICMP(X,Y) strcasecmp((X),(Y))
# define STRNICMP(X,Y,Z) strncasecmp((X),(Y),(Z))
# define STRRCHR(X,Y) strrchr((X),(Y)) # define STRRCHR(X,Y) strrchr((X),(Y))
# define STRTOUL(X) strtoul((X), NULL, 0) # define STRTOUL(X) strtoul((X), NULL, 0)
# define FPUTS(X,Y) fputs((X),(Y)) # define FPUTS(X,Y) fputs((X),(Y))

View File

@ -111,10 +111,10 @@ void setup_signal_handler(const int signo, signal_handler_t* const handler)
char* CHR_to_utf8(const CHR *const input) char* CHR_to_utf8(const CHR *const input)
{ {
#ifdef _WIN32 #ifdef _WIN32
char* buffer; char *buffer = NULL;
DWORD buffer_size = 0U, result = 0U; DWORD buffer_size = 0U, result = 0U;
buffer_size = WideCharToMultiByte(CP_UTF8, 0, input, -1, NULL, 0, NULL, NULL); buffer_size = input ? WideCharToMultiByte(CP_UTF8, 0, input, -1, NULL, 0, NULL, NULL) : 0U;
if (buffer_size < 1U) if (buffer_size < 1U)
{ {
return NULL; return NULL;
@ -135,7 +135,7 @@ char* CHR_to_utf8(const CHR*const input)
free(buffer); free(buffer);
return NULL; return NULL;
#else #else
return strdup(input); return strdup(input); /*simple string copy*/
#endif #endif
} }

View File

@ -27,7 +27,7 @@ uint64_t round_down(const uint64_t value, const uint64_t base);
#define ARRAY_SIZE(X) (sizeof((X)) / sizeof(*(X))) #define ARRAY_SIZE(X) (sizeof((X)) / sizeof(*(X)))
#define BOUND(MIN,VAL,MAX) (((VAL) < (MIN)) ? (MIN) : (((VAL) > (MAX)) ? (MAX) : (VAL))) #define BOUND(MIN,VAL,MAX) (((VAL) < (MIN)) ? (MIN) : (((VAL) > (MAX)) ? (MAX) : (VAL)))
#define STARTS_WITH(X,Y) (!STRNICMP((X), (Y), STRLEN((Y))))
#define GET_LOWBITS(X) ((X) & 0x07) #define GET_LOWBITS(X) ((X) & 0x07)
#define SET_LOWBITS(X,Y) do { X = ((X) & 0xF8) | ((Y) & 0x07); } while(0) #define SET_LOWBITS(X,Y) do { X = ((X) & 0xF8) | ((Y) & 0x07); } while(0)
#endif #endif

View File

@ -32,9 +32,9 @@ for %%p in (x86,x64) do (
if not "%ERRORLEVEL%"=="0" goto:BuildFailed if not "%ERRORLEVEL%"=="0" goto:BuildFailed
"%~dp0.\bin\%%p\Release\slunkcrypt.exe" --self-test "%~dp0.\bin\%%p\Release\slunkcrypt.exe" --self-test
if not "!ERRORLEVEL!"=="0" goto:BuildFailed if not "!ERRORLEVEL!"=="0" goto:BuildFailed
"%~dp0.\bin\%%p\Release\slunkcrypt.exe" --encrypt "q4cmK7FEK7@v" "%TMP%\!TEMP_NAME!.dat" "%TMP%\!TEMP_NAME!.enc" "%~dp0.\bin\%%p\Release\slunkcrypt.exe" --encrypt pass:"KVeW9;z4$#]d9~}z>(WC?v&f" "%TMP%\!TEMP_NAME!.dat" "%TMP%\!TEMP_NAME!.enc"
if not "!ERRORLEVEL!"=="0" goto:BuildFailed if not "!ERRORLEVEL!"=="0" goto:BuildFailed
"%~dp0.\bin\%%p\Release\slunkcrypt.exe" --decrypt "q4cmK7FEK7@v" "%TMP%\!TEMP_NAME!.enc" "%TMP%\!TEMP_NAME!.out" "%~dp0.\bin\%%p\Release\slunkcrypt.exe" --decrypt pass:"KVeW9;z4$#]d9~}z>(WC?v&f" "%TMP%\!TEMP_NAME!.enc" "%TMP%\!TEMP_NAME!.out"
if not "!ERRORLEVEL!"=="0" goto:BuildFailed if not "!ERRORLEVEL!"=="0" goto:BuildFailed
del /F "%TMP%\!TEMP_NAME!.dat" "%TMP%\!TEMP_NAME!.enc" "%TMP%\!TEMP_NAME!.out" del /F "%TMP%\!TEMP_NAME!.dat" "%TMP%\!TEMP_NAME!.enc" "%TMP%\!TEMP_NAME!.out"
%ECHO% white "\n------------------------------------------------------------------------------" %ECHO% white "\n------------------------------------------------------------------------------"

View File

@ -37,8 +37,8 @@ printf "\n"
PASSWRD="$(./frontend/bin/slunkcrypt${SUFFIX} --make-pw)" PASSWRD="$(./frontend/bin/slunkcrypt${SUFFIX} --make-pw)"
./frontend/bin/slunkcrypt${SUFFIX} --self-test ./frontend/bin/slunkcrypt${SUFFIX} --self-test
./frontend/bin/slunkcrypt${SUFFIX} --encrypt ":${PASSWRD}" /tmp/${TMP_NAME}.dat /tmp/${TMP_NAME}.enc ./frontend/bin/slunkcrypt${SUFFIX} --encrypt pass:"${PASSWRD}" /tmp/${TMP_NAME}.dat /tmp/${TMP_NAME}.enc
./frontend/bin/slunkcrypt${SUFFIX} --decrypt ":${PASSWRD}" /tmp/${TMP_NAME}.enc /tmp/${TMP_NAME}.out ./frontend/bin/slunkcrypt${SUFFIX} --decrypt pass:"${PASSWRD}" /tmp/${TMP_NAME}.enc /tmp/${TMP_NAME}.out
printf "\033[1;36m\n------------------------------------------------------------------------------\033[0m\n" printf "\033[1;36m\n------------------------------------------------------------------------------\033[0m\n"
printf "\033[1;36mRe-compile\n" printf "\033[1;36mRe-compile\n"