[overonion] / overonion-make-key

#!/bin/bash

key_size=99

ciphers=(
  bf-cbc bf-cfb bf-ecb bf-ofb
  cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
  des-cbc des-cfb des-ofb des-ecb
  des-ede-cbc des-ede des-ede-cfb des-ede-ofb
  des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb
  idea-cbc idea-cfb idea-ecb idea-ofb
  rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc
  rc4 rc4-40
  rc5-cbc rc5-cfb rc5-ecb rc5-ofb
  aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb
  aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
  aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb
)

umask 077

random_source="/dev/random"
if [[ "$1" == '--make_INSECURE_key' ]];then
  shift
  random_source="/dev/urandom"
fi

if (( $# != 1));then
  echo "usage: overonion-make-key keyfile" >&2
  exit 1
fi
keyfile=$1
if [[ -e "$keyfile" ]];then
  echo "That keyfile already exists.  I refuse to overwrite it." >&2
  exit 1
fi

keys_needed=$((${#ciphers[*]} * 2))
keys_generated=0

function generate_keys() {
  while read -r cipher;do
    echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed" >&2
    echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" | base64 --wrap=0 )"
  done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
}

{
  generate_keys
  echo "reverse"
  generate_keys
} > "$keyfile"

echo 2>&1
Commit	Line	Data
c5ab018d SW	1	#!/bin/bash
c5ab018d SW	2
61aa2da8 SW	3	key_size=99
61aa2da8 SW	4
c5ab018d SW	5	ciphers=(
	6	bf-cbc bf-cfb bf-ecb bf-ofb
	7	cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
	8	des-cbc des-cfb des-ofb des-ecb
	9	des-ede-cbc des-ede des-ede-cfb des-ede-ofb
	10	des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb
	11	idea-cbc idea-cfb idea-ecb idea-ofb
	12	rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc
	13	rc4 rc4-40
	14	rc5-cbc rc5-cfb rc5-ecb rc5-ofb
	15	aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb
	16	aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
	17	aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb
	18	)
	19
	20	umask 077
	21
b88d75ad SW	22	random_source="/dev/random"
	23	if [[ "$1" == '--make_INSECURE_key' ]];then
	24	shift
	25	random_source="/dev/urandom"
	26	fi
	27
c5ab018d	28	if (( $# != 1));then
291948a5	29	echo "usage: overonion-make-key keyfile" >&2
c5ab018d SW	30	exit 1
	31	fi
	32	keyfile=$1
	33	if [[ -e "$keyfile" ]];then
291948a5	34	echo "That keyfile already exists. I refuse to overwrite it." >&2
c5ab018d SW	35	exit 1
	36	fi
	37
5ed90197 SW	38	keys_needed=$((${#ciphers[]} 2))
	39	keys_generated=0
	40
	41	function generate_keys() {
	42	while read -r cipher;do
	43	echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed" >&2
61aa2da8	44	echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" \| base64 --wrap=0 )"
5ed90197 SW	45	done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
	46	}
	47
	48	{
	49	generate_keys
	50	echo "reverse"
	51	generate_keys
	52	} > "$keyfile"
	53
	54	echo 2>&1