]> git.scottworley.com Git - overonion/commitdiff
Merge reverse + overonion shell implementation
authorScott Worley <scottworley@scottworley.com>
Fri, 20 Oct 2017 08:30:02 +0000 (01:30 -0700)
committerScott Worley <scottworley@scottworley.com>
Fri, 20 Oct 2017 08:30:02 +0000 (01:30 -0700)
double-overonion [new file with mode: 0755]
overonion [new file with mode: 0755]
overonion-make-key [new file with mode: 0755]

diff --git a/double-overonion b/double-overonion
new file mode 100755 (executable)
index 0000000..afd4ebb
--- /dev/null
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+if (( $# != 3));then
+  echo "usage: double-overonion e|d keyfile1 keyfile2"
+  exit 1
+fi
+mode=$1
+if [[ "$mode" != e && "$mode" != d ]];then
+  echo "Use 'e' for encrypt or 'd' for decrypt"
+  exit 1
+fi
+keyfile1=$2
+keyfile2=$3
+
+function oo() {
+  "$(dirname "$0")/overonion" "$mode" "$@"
+}
+
+if [[ "$mode" == e ]];then
+  oo "$keyfile2" | reverse | oo "$keyfile1"
+else
+  oo "$keyfile1" | reverse | oo "$keyfile2"
+fi
diff --git a/overonion b/overonion
new file mode 100755 (executable)
index 0000000..600dafb
--- /dev/null
+++ b/overonion
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+if (( $# != 2));then
+  echo "usage: overonion e|d keyfile"
+  exit 1
+fi
+mode=$1
+if [[ "$mode" != e && "$mode" != d ]];then
+  echo "Use 'e' for encrypt or 'd' for decrypt"
+  exit 1
+fi
+keyfile=$2
+if [[ ! -e "$keyfile" ]];then
+  echo "Keyfile not found"
+  exit 1
+fi
+if [[ ! -r "$keyfile" ]];then
+  echo "Cannot read keyfile"
+  exit 1
+fi
+
+num_layers=$(wc -l < "$keyfile")
+if (( num_layers < 20 ));then
+  echo "Keyfile doesn't have enough layers to be an onion"
+  exit 1
+fi
+
+if [[ "$mode" == e ]];then
+  first_layer=$num_layers
+  next_layer=-1
+  openssl_decrypt=""
+else
+  first_layer=1
+  next_layer=1
+  openssl_decrypt="-d"
+fi
+
+function go() {
+  layer=$1
+  if (( layer == 0 || layer > num_layers ));then
+    cat
+  else
+    openssl enc $openssl_decrypt "-$(sed -n "${layer}s/ .*//p" "$keyfile")" \
+            -pass fd:37 37< <(sed -n "${layer}s/^[^ ]* //p" "$keyfile") |
+    go $(( layer + next_layer ))
+  fi
+}
+
+go "$first_layer"
diff --git a/overonion-make-key b/overonion-make-key
new file mode 100755 (executable)
index 0000000..3b0289f
--- /dev/null
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+ciphers=(
+  bf-cbc bf-cfb bf-ecb bf-ofb
+  cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
+  des-cbc des-cfb des-ofb des-ecb
+  des-ede-cbc des-ede des-ede-cfb des-ede-ofb
+  des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb
+  idea-cbc idea-cfb idea-ecb idea-ofb
+  rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc
+  rc4 rc4-40
+  rc5-cbc rc5-cfb rc5-ecb rc5-ofb
+  aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb
+  aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
+  aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb
+)
+
+umask 077
+
+if (( $# != 1));then
+  echo "usage: overonion-make-key keyfile"
+  exit 1
+fi
+keyfile=$1
+if [[ -e "$keyfile" ]];then
+  echo "That keyfile already exists.  I refuse to overwrite it."
+  exit 1
+fi
+
+i=0
+while read -r cipher;do
+  echo -n $'\r'"Generating key $((++i))/${#ciphers[*]}"
+  sleep 10
+  cat >> "$keyfile" <<< "$cipher $(head -c 99 /dev/random | base64 --wrap=0 )"
+done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; )
+echo