keyline() and keyfield() operations

[overonion] / overonion-make-key

#!/bin/bash

key_size=99
hash_salt_size=63

ciphers=(
  bf-cbc bf-cfb bf-ecb bf-ofb
  cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
  des-cbc des-cfb des-ofb des-ecb
  des-ede-cbc des-ede des-ede-cfb des-ede-ofb
  des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb
  idea-cbc idea-cfb idea-ecb idea-ofb
  rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc
  rc4 rc4-40
  rc5-cbc rc5-cfb rc5-ecb rc5-ofb
  aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb
  aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
  aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb
)
hashes=(
  sha sha1 mdc2 ripemd160 sha224 sha256 sha384 sha512 md4 md5 dss1
)

umask 077

random_source="/dev/random"
if [[ "$1" == '--make_INSECURE_key' ]];then
  shift
  random_source="/dev/urandom"
fi

if (( $# != 1));then
  echo "usage: overonion-make-key keyfile" >&2
  exit 1
fi
keyfile=$1
if [[ -e "$keyfile" ]];then
  echo "That keyfile already exists.  I refuse to overwrite it." >&2
  exit 1
fi

keys_needed=$((${#ciphers[*]} * 2 + ${#hashes[*]} * 4))
keys_generated=0

function generate_keys() {
  while read -r cipher;do
    echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed " >&2
    echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" | base64 --wrap=0 )"
  done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
}

function generate_hashes() {
  while read -r hash;do
    echo -n $'\r'"Generating salt $((keys_generated += 2))/$keys_needed" >&2
    echo "openssl-dgst $hash $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 ) $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 )"
  done < <( IFS=$'\n'; shuf <<< "${hashes[*]}"; )
}

{
  generate_hashes
  generate_keys
  echo "reverse"
  generate_keys
  generate_hashes
} > "$keyfile"

echo 2>&1