]>
Commit | Line | Data |
---|---|---|
c5ab018d SW |
1 | #!/bin/bash |
2 | ||
61aa2da8 | 3 | key_size=99 |
a4f74913 | 4 | hash_salt_size=63 |
61aa2da8 | 5 | |
c5ab018d SW |
6 | ciphers=( |
7 | bf-cbc bf-cfb bf-ecb bf-ofb | |
8 | cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb | |
9 | des-cbc des-cfb des-ofb des-ecb | |
10 | des-ede-cbc des-ede des-ede-cfb des-ede-ofb | |
11 | des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb | |
12 | idea-cbc idea-cfb idea-ecb idea-ofb | |
13 | rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc | |
14 | rc4 rc4-40 | |
15 | rc5-cbc rc5-cfb rc5-ecb rc5-ofb | |
16 | aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb | |
17 | aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb | |
18 | aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb | |
19 | ) | |
f5a8e270 SW |
20 | hashes=( |
21 | sha sha1 mdc2 ripemd160 sha224 sha256 sha384 sha512 md4 md5 dss1 | |
22 | ) | |
c5ab018d SW |
23 | |
24 | umask 077 | |
25 | ||
b88d75ad SW |
26 | random_source="/dev/random" |
27 | if [[ "$1" == '--make_INSECURE_key' ]];then | |
28 | shift | |
29 | random_source="/dev/urandom" | |
30 | fi | |
31 | ||
c5ab018d | 32 | if (( $# != 1));then |
291948a5 | 33 | echo "usage: overonion-make-key keyfile" >&2 |
c5ab018d SW |
34 | exit 1 |
35 | fi | |
36 | keyfile=$1 | |
37 | if [[ -e "$keyfile" ]];then | |
291948a5 | 38 | echo "That keyfile already exists. I refuse to overwrite it." >&2 |
c5ab018d SW |
39 | exit 1 |
40 | fi | |
41 | ||
a4f74913 | 42 | keys_needed=$((${#ciphers[*]} * 2 + ${#hashes[*]} * 4)) |
5ed90197 SW |
43 | keys_generated=0 |
44 | ||
45 | function generate_keys() { | |
46 | while read -r cipher;do | |
a4f74913 | 47 | echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed " >&2 |
61aa2da8 | 48 | echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" | base64 --wrap=0 )" |
5ed90197 SW |
49 | done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; ) |
50 | } | |
51 | ||
f5a8e270 SW |
52 | function generate_hashes() { |
53 | while read -r hash;do | |
a4f74913 SW |
54 | echo -n $'\r'"Generating salt $((keys_generated += 2))/$keys_needed" >&2 |
55 | echo "openssl-dgst $hash $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 ) $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 )" | |
f5a8e270 SW |
56 | done < <( IFS=$'\n'; shuf <<< "${hashes[*]}"; ) |
57 | } | |
58 | ||
5ed90197 | 59 | { |
f5a8e270 | 60 | generate_hashes |
5ed90197 SW |
61 | generate_keys |
62 | echo "reverse" | |
63 | generate_keys | |
f5a8e270 | 64 | generate_hashes |
5ed90197 SW |
65 | } > "$keyfile" |
66 | ||
67 | echo 2>&1 |