#!/bin/bash
+key_size=99
+
ciphers=(
bf-cbc bf-cfb bf-ecb bf-ofb
cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
umask 077
+random_source="/dev/random"
+if [[ "$1" == '--make_INSECURE_key' ]];then
+ shift
+ random_source="/dev/urandom"
+fi
+
if (( $# != 1));then
- echo "usage: overonion-make-key keyfile"
+ echo "usage: overonion-make-key keyfile" >&2
exit 1
fi
keyfile=$1
if [[ -e "$keyfile" ]];then
- echo "That keyfile already exists. I refuse to overwrite it."
+ echo "That keyfile already exists. I refuse to overwrite it." >&2
exit 1
fi
-i=0
-while read -r cipher;do
- echo -n $'\r'"Generating key $((++i))/${#ciphers[*]}"
- cat >> "$keyfile" <<< "$cipher $(head -c 99 /dev/random | base64 --wrap=0 )"
-done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
-echo
+keys_needed=$((${#ciphers[*]} * 2))
+keys_generated=0
+
+function generate_keys() {
+ while read -r cipher;do
+ echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed" >&2
+ echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" | base64 --wrap=0 )"
+ done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
+}
+
+{
+ generate_keys
+ echo "reverse"
+ generate_keys
+} > "$keyfile"
+
+echo 2>&1