[overonion] / overonion-make-key

#!/bin/bash

ciphers=(
  bf-cbc bf-cfb bf-ecb bf-ofb
  cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
  des-cbc des-cfb des-ofb des-ecb
  des-ede-cbc des-ede des-ede-cfb des-ede-ofb
  des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb
  idea-cbc idea-cfb idea-ecb idea-ofb
  rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc
  rc4 rc4-40
  rc5-cbc rc5-cfb rc5-ecb rc5-ofb
  aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb
  aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
  aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb
)

umask 077

random_source="/dev/random"
if [[ "$1" == '--make_INSECURE_key' ]];then
  shift
  random_source="/dev/urandom"
fi

if (( $# != 1));then
  echo "usage: overonion-make-key keyfile" >&2
  exit 1
fi
keyfile=$1
if [[ -e "$keyfile" ]];then
  echo "That keyfile already exists.  I refuse to overwrite it." >&2
  exit 1
fi

keys_needed=$((${#ciphers[*]} * 2))
keys_generated=0

function generate_keys() {
  while read -r cipher;do
    echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed" >&2
    echo "openssl-enc $cipher $(head -c 99 "$random_source" | base64 --wrap=0 )"
  done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
}

{
  generate_keys
  echo "reverse"
  generate_keys
} > "$keyfile"

echo 2>&1
Commit	Line	Data
c5ab018d SW	1	#!/bin/bash
	2
	3	ciphers=(
	4	bf-cbc bf-cfb bf-ecb bf-ofb
	5	cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
	6	des-cbc des-cfb des-ofb des-ecb
	7	des-ede-cbc des-ede des-ede-cfb des-ede-ofb
	8	des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb
	9	idea-cbc idea-cfb idea-ecb idea-ofb
	10	rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc
	11	rc4 rc4-40
	12	rc5-cbc rc5-cfb rc5-ecb rc5-ofb
	13	aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb
	14	aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
	15	aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb
	16	)
	17
	18	umask 077
	19
b88d75ad SW	20	random_source="/dev/random"
	21	if [[ "$1" == '--make_INSECURE_key' ]];then
	22	shift
	23	random_source="/dev/urandom"
	24	fi
	25
c5ab018d	26	if (( $# != 1));then
291948a5	27	echo "usage: overonion-make-key keyfile" >&2
c5ab018d SW	28	exit 1
	29	fi
	30	keyfile=$1
	31	if [[ -e "$keyfile" ]];then
291948a5	32	echo "That keyfile already exists. I refuse to overwrite it." >&2
c5ab018d SW	33	exit 1
	34	fi
	35
5ed90197 SW	36	keys_needed=$((${#ciphers[]} 2))
	37	keys_generated=0
	38
	39	function generate_keys() {
	40	while read -r cipher;do
	41	echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed" >&2
	42	echo "openssl-enc $cipher $(head -c 99 "$random_source" \| base64 --wrap=0 )"
	43	done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
	44	}
	45
	46	{
	47	generate_keys
	48	echo "reverse"
	49	generate_keys
	50	} > "$keyfile"
	51
	52	echo 2>&1