Hdiutil - unable to create encrypted disk images

I noticed, mojave changed the way hdiutil works, I’m no longer able to create encrypted disk images

If I remove the command encrypt from my code things works just fine
The error is always the same whatever I change in my code

hdiutil create -encryption aes-256 -agentpass -srcfolder " & psxSource &" 
-fs HFS+ " & psxDest 

Hi, Joy. The actual code is obscured by your variables, and I don’t have Mojave to test for changes on my current machine. There may be a quoting issue. I previously resolved an ioctl problem in the following thread, which may be a starting part for further experimentation.

https://macscripter.net/viewtopic.php?id=44637

@Joy

try to use:

# define the HfsPath to the source
# define the HfsPath to the dest
# then execute :
set psxSource to quoted form of POSIX path of hfsSource
set psxDest to quoted form of POSIX path of hfsDest
do shell script "hdiutil create -encryption AES-256 -agentpass -srcfolder " & psxSource & " 
-fs HFS+ " & psxDest

You may also drop the specification of the encryption level which would apply the default AES-512 one.

Other “detail”, in the man, the encryption level is defined with uppercase : AES-128 or AES-256.

Yvan KOENIG running High Sierra 10.13.6 in French (VALLAURIS, France) vendredi 27 mars 2020 09:46:48

Thanks @Marc, that helped.
The funny thing now, I can’t add files to the mounting disk, is that the default design of a encrypted disk image?
I needed a writable and encrypted disk image. :rolleyes:
The disk image should be encrypted before and after mounting, else why shall I bother to use the commands I use…

@Yvan
I wrote my original post too quickly, but my original script worked, with the only exception for the encryption command. Sorry for my sloppiness

set myDmg to POSIX path of ((path to desktop folder as text) & "Test" as text)
do shell script "mkdir -p '" & myDmg & "'"
set the_source_file to POSIX path of (choose folder with prompt "Choose target folder to copy-encrypt as disk image") as text

do shell script "hdiutil create -srcfolder '" & the_source_file & "' -encryption AES-256 -stdinpass -fs HFS+ '" & myDmg & "'"
do shell script "hdiutil attach -readwrite '" & (myDmg & ".dmg" as text) & "'"

I omitted the password because it’s only a test.
Also adding the password isn’t so obvious : better printf than echo, as echo doesn’t write the right password

Hi. Yes, that’s the default. If you want to be able to add things, it probably needs to be a SPARSE image. You actually don’t even have to add anything to the image at the beginning, if you prefer.

set destination to (choose folder with prompt "define an end point") as text
set fileVar to "nom" --the dmg's filename

do shell script "printf 'whatever password' | hdiutil create -type SPARSEBUNDLE " & "-encryption -stdinpass -fs HFS+ " & (destination & fileVar)'s POSIX path's quoted form

@Marc
Thanks for your confirmation!
meanwhile i switched to the simpler variant that you are suggesting too, as copying and encrypting existing target (folders) does not produce writable disks.

It is interesting to notice,
If I miss to add stdinpass, hdiutil fails! , because Mojave suppresses the build-in password dialog window that *should * pop-up when you create a new encrypted disk. See picture below.

If I add stdinpass I’ve to feed my code with a plain text password, password which I’ve to figure out by myself, and I don’t like none of this points.

Hi. You can add target folders and still have an expandable disk, but apparently not with a SPARSE image, as the man page indicates it doesn’t like -scrfolder. This works:

do shell script "printf 'desired password' | hdiutil create -format UDRW -encryption -stdinpass -volname " & "desired expanded volume name"'s quoted form & " -srcfolder " & (choose folder with prompt "select a folder to store")'s POSIX path's quoted form & space & (((choose folder with prompt "choose save location") as text) & "dmg Name")'s POSIX path's quoted form