elif [[ "$operation" == reverse ]];then
reverse
elif [[ "$operation" == openssl-dgst ]];then
- tee >(echo "$(sed -n "${layer}p" "$keyfile") $(openssl dgst -binary "-$(sed -rn "${layer}s/^[^ ]+ ([^ ]+).*/\\1/p" "$keyfile")" | base64 --wrap=0)" > "$hash_dir/$layer")
+ tee >(echo "$(sed -n "${layer}p" "$keyfile") $(
+ {
+ awk -vlayer="$layer" 'NR == layer { print $3 }' "$keyfile" | base64 -d
+ cat
+ awk -vlayer="$layer" 'NR == layer { print $4 }' "$keyfile" | base64 -d
+ } |
+ openssl dgst -binary "-$(sed -rn "${layer}s/^[^ ]+ ([^ ]+).*/\\1/p" "$keyfile")" |
+ base64 --wrap=0)" > "$hash_dir/$layer")
else
die "Unknown operation"
fi |
rmdir "$key_aside_dir"
else
# Verify the hashes
- if [[ "$(awk '{ print $3 == $4 ? "hash ok" : "mismatch" }' "$hash_result")" != "hash ok" ]];then
+ if [[ "$(awk '{ print $5 == $6 ? "hash ok" : "mismatch" }' "$hash_result")" != "hash ok" ]];then
die "Hash check $layer failed"
fi
fi
#!/bin/bash
key_size=99
+hash_salt_size=63
ciphers=(
bf-cbc bf-cfb bf-ecb bf-ofb
exit 1
fi
-keys_needed=$((${#ciphers[*]} * 2))
+keys_needed=$((${#ciphers[*]} * 2 + ${#hashes[*]} * 4))
keys_generated=0
function generate_keys() {
while read -r cipher;do
- echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed" >&2
+ echo -n $'\r'"Generating key $((++keys_generated))/$keys_needed " >&2
echo "openssl-enc $cipher $(head -c "$key_size" "$random_source" | base64 --wrap=0 )"
done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
}
function generate_hashes() {
while read -r hash;do
- echo "openssl-dgst $hash"
+ echo -n $'\r'"Generating salt $((keys_generated += 2))/$keys_needed" >&2
+ echo "openssl-dgst $hash $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 ) $(head -c "$hash_salt_size" "$random_source" | base64 --wrap=0 )"
done < <( IFS=$'\n'; shuf <<< "${hashes[*]}"; )
}
projects / overonion / commitdiff