git.scottworley.com Git - overonion/blob - overonion-make-key

   1 #!/bin/bash
   2
   3 key_size=99
   4
   5 ciphers=(
   6   bf-cbc bf-cfb bf-ecb bf-ofb
   7   cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
   8   des-cbc des-cfb des-ofb des-ecb
   9   des-ede-cbc des-ede des-ede-cfb des-ede-ofb
  10   des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb
  11   idea-cbc idea-cfb idea-ecb idea-ofb
  12   rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc
  13   rc4 rc4-40
  14   rc5-cbc rc5-cfb rc5-ecb rc5-ofb
  15   aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb
  16   aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
  17   aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb
  18 )
  19 hashes=(
  20   sha sha1 mdc2 ripemd160 sha224 sha256 sha384 sha512 md4 md5 dss1
  21 )
  22
  23 umask 077
  24
  25 random_source="/dev/random"
  26 if [[ "$1" == '--make_INSECURE_key' ]];then
  27   shift
  28   random_source="/dev/urandom"
  29 fi
  30
  31 if (( $# != 1));then
  32   echo "usage: overonion-make-key keyfile" >&2
  33   exit 1
  34 fi
  35 keyfile=$1
  36 if [[ -e "$keyfile" ]];then
  37   echo "That keyfile already exists.  I refuse to overwrite it." >&2
  38   exit 1
  39 fi
  40
  41 keys_needed=$((${#ciphers[*]} * 2))
  42 keys_generated=0
  43
  44 function generate_keys() {
  45   while read -r cipher;do
  46     echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed" >&2
  47     echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" | base64 --wrap=0 )"
  48   done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
  49 }
  50
  51 function generate_hashes() {
  52   while read -r hash;do
  53     echo "openssl-dgst $hash"
  54   done < <( IFS=$'\n'; shuf <<< "${hashes[*]}"; )
  55 }
  56
  57 {
  58   generate_hashes
  59   generate_keys
  60   echo "reverse"
  61   generate_keys
  62   generate_hashes
  63 } > "$keyfile"
  64
  65 echo 2>&1