X-Git-Url: http://git.scottworley.com/overonion/blobdiff_plain/c5ab018d697edad35cac84d1146d5b6f76203854..4a5d2fe40628c9348fe018e0ee69aba6787905cf:/overonion-make-key?ds=inline diff --git a/overonion-make-key b/overonion-make-key index 3b0289f..0ff9776 100755 --- a/overonion-make-key +++ b/overonion-make-key @@ -1,5 +1,8 @@ #!/bin/bash +key_size=99 +hash_salt_size=63 + ciphers=( bf-cbc bf-cfb bf-ecb bf-ofb cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb @@ -14,23 +17,51 @@ ciphers=( aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb ) +hashes=( + sha sha1 mdc2 ripemd160 sha224 sha256 sha384 sha512 md4 md5 dss1 +) umask 077 +random_source="/dev/random" +if [[ "$1" == '--make_INSECURE_key' ]];then + shift + random_source="/dev/urandom" +fi + if (( $# != 1));then - echo "usage: overonion-make-key keyfile" + echo "usage: overonion-make-key keyfile" >&2 exit 1 fi keyfile=$1 if [[ -e "$keyfile" ]];then - echo "That keyfile already exists. I refuse to overwrite it." + echo "That keyfile already exists. I refuse to overwrite it." >&2 exit 1 fi -i=0 -while read -r cipher;do - echo -n $'\r'"Generating key $((++i))/${#ciphers[*]}" - sleep 10 - cat >> "$keyfile" <<< "$cipher $(head -c 99 /dev/random | base64 --wrap=0 )" -done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; ) -echo +keys_needed=$((${#ciphers[*]} * 2 + ${#hashes[*]} * 4)) +keys_generated=0 + +function generate_keys() { + while read -r cipher;do + echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed " >&2 + echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" | base64 --wrap=0 )" + done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; ) +} + +function generate_hashes() { + while read -r hash;do + echo -n $'\r'"Generating salt $((keys_generated += 2))/$keys_needed" >&2 + echo "openssl-dgst $hash $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 ) $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 )" + done < <( IFS=$'\n'; shuf <<< "${hashes[*]}"; ) +} + +{ + generate_hashes + generate_keys + echo "reverse" + generate_keys + generate_hashes +} > "$keyfile" + +echo 2>&1