Best option to encrypt numerous files securely?

[gemeenteraadslid]

unimportant.

[Hacker]

gemeenteraadslid,
In AHK it would be:

Code: Select all

Loop, Files, C:\MyDataDir\*.*, FR
	RunWait, <your_full_7-Zip_command_line_here_use_%A_LoopFileName%_as_file_name_placeholder>, %A_LoopFileDir%

HTH
Roman

[gemeenteraadslid]

snip.

[gemeenteraadslid]

snip.

[gdpr deleted 6]

Version with random file names. Collisions are possible, but unlikely.

Why don't you just use a numeric counter for the file name instead of playing around with %RANDOM%?
If you don't care about the file names and their alphabetical order, a numerically increasing number sequence for the file names is as "meaningless" as any other random file naming scheme used to replace the "real" archive file names. By doing so, collisions are not just unlikely, they are impossible. (And as added bonus, your script would become a whole lot simpler, too...)

[nsp]

If you already have the list of file, you can use tcbl and a dedicated ini command to launch for each file 7z command with password using counter with timestamp as output 7z file.

to call :

Code: Select all

cmd=<path to>\tcbl.exe
params:-i %L 7zEncrypt %T

inside tcbl.ini file

Code: Select all

[7zEncrypt]
# Ask for password
ini=1 password ?	pass:	?
#initial counter set to timestamp step 1
ini=	$T	1
#call 7zip archive only with password
cmd=7z.exe a -mx=0 -p$_1 "$1$i.7z" "$f"

--edit you can add header encryption to hide filename inside 7z archive -mhe=on

[gemeenteraadslid]

snip.

[gemeenteraadslid]

Just my opinion not asked for, snip.

[NotNull]

And time consuming to find for average cmd scripters. So have fun ppl.

One can learn a lot from this simple script-

Well, that is rather condescending, isn't it?
Do you 'just' think lowly of the TC forum visitors or do you have a high opinion of yourself too?

I'm well aware of anYTHinG.

OK, that answers that question ..


But that aside, I respond because of this part:

One can learn a lot from this simple script- For loops are generally on a higher pain level, and in this script, e.g. for the working errorlevel, Delayed Expansion and its special variable syntax IS CRUCIAL.

If you want this to be something where "average cmd scripters" can learn from:

• Support for filemames containing spaces is lacking
• You are leaking the password - and other variables - to the calling environment
• There is no need to use enabledelayedexpansion. There are other, better (cleaner), ways. It certainly isn't CRUCIAL
• For almost every 'solution' you used, there is a better (simpler/ more reliable) way. A couple of examples:
  • Instead of SET /A "COUNTER = !COUNTER! + 1", you can use
    SET /A "COUNTER = COUNTER + 1" or even:
    SET /A COUNTER += 1
  • Use "" when defining varaibles to prevent trailing spaces to become part of the value:
    SET "VARIABLE=value"
  • To read a passord from file, you use FOR /F "tokens=*" %%i IN ('type %PWFILE%') DO set pw=%%i
    Alternative: set /p pw=<"%PWFILE%'"
  • ...

Original messsage I responded to:

Why don't you just use a numeric counter for the file name instead of playing around with %RANDOM%?
If you don't care about the file names and their alphabetical order, a numerically increasing number sequence for the file names is as "meaningless" as any other random file naming scheme used to replace the "real" archive file names. By doing so, collisions are not just unlikely, they are impossible. (And as added bonus, your script would become a whole lot simpler, too...)

No special reasons, just for the lulz and it looks more evil . Yes I should do it as you say.

Here's a working solution with a counter. Encrypt files inline - in a folder recursively and just delete (not wipe) source files, commented out hre. BTW before someone mentions"uh oh pw in a file!!!11!" - yes, demonstration purposes, $wife support etc... I'm well aware of anYTHinG.
One can learn a lot from this simple script- For loops are generally on a higher pain level, and in this script, e.g. for the working errorlevel, Delayed Expansion and its special variable syntax IS CRUCIAL. And time consuming to find for average cmd scripters. So have fun ppl.

Code: Select all

REM Argument: Absolute path to a FOLDER

echo off

SET PWFILE=u:\Crypto\7zMSC.txt
SET SEVENZIP=C:\Program Files\7-Zip\7z.exe

FOR /F "tokens=*" %%i IN ('type %PWFILE%') DO set pw=%%i

set COUNTER=0
setLocal EnableDelayedExpansion
FOR /R %1 %%i IN (*) DO (
    SET /A "COUNTER = !COUNTER! + 1"
    "%SEVENZIP%" a -mx=1 -mhe=on -p%pw% "%%~dpi!COUNTER!.7z" "%%i"
    REM IF "!ERRORLEVEL!"=="0" DEL /F /Q "%%~i"
)

[gemeenteraadslid]

"One can learn a lot from this simple script

Well, that is rather condescending, isn't it?
Do you 'just' think lowly of the TC forum visitors or do you have a high opinion of yourself too?"

Is something wrong? Lowly/High opinion, wtf? I was rather enthusiastic about having found a solution and wanted to share. I thought it may help some people. But yeah, over the years of usenet and www I should have learned, posting solutions to self answered questions is something that should not be done.

[Hacker]

NotNull,

Well, that is rather condescending, isn't it?

I certainly did not read it as such. No need to assume the worst.

Hacker (Moderator)

[gemeenteraadslid]

I cann only talk for myself. In deleting anything I overreacted, that was childish, I apologize.