From: Scott Worley Date: Fri, 20 Oct 2017 04:50:46 +0000 (-0700) Subject: Overonion version 0.1 X-Git-Url: http://git.scottworley.com/overonion/commitdiff_plain/c5ab018d697edad35cac84d1146d5b6f76203854?ds=sidebyside Overonion version 0.1 --- c5ab018d697edad35cac84d1146d5b6f76203854 diff --git a/overonion b/overonion new file mode 100755 index 0000000..600dafb --- /dev/null +++ b/overonion @@ -0,0 +1,49 @@ +#!/bin/bash + +if (( $# != 2));then + echo "usage: overonion e|d keyfile" + exit 1 +fi +mode=$1 +if [[ "$mode" != e && "$mode" != d ]];then + echo "Use 'e' for encrypt or 'd' for decrypt" + exit 1 +fi +keyfile=$2 +if [[ ! -e "$keyfile" ]];then + echo "Keyfile not found" + exit 1 +fi +if [[ ! -r "$keyfile" ]];then + echo "Cannot read keyfile" + exit 1 +fi + +num_layers=$(wc -l < "$keyfile") +if (( num_layers < 20 ));then + echo "Keyfile doesn't have enough layers to be an onion" + exit 1 +fi + +if [[ "$mode" == e ]];then + first_layer=$num_layers + next_layer=-1 + openssl_decrypt="" +else + first_layer=1 + next_layer=1 + openssl_decrypt="-d" +fi + +function go() { + layer=$1 + if (( layer == 0 || layer > num_layers ));then + cat + else + openssl enc $openssl_decrypt "-$(sed -n "${layer}s/ .*//p" "$keyfile")" \ + -pass fd:37 37< <(sed -n "${layer}s/^[^ ]* //p" "$keyfile") | + go $(( layer + next_layer )) + fi +} + +go "$first_layer" diff --git a/overonion-make-key b/overonion-make-key new file mode 100755 index 0000000..3b0289f --- /dev/null +++ b/overonion-make-key @@ -0,0 +1,36 @@ +#!/bin/bash + +ciphers=( + bf-cbc bf-cfb bf-ecb bf-ofb + cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb + des-cbc des-cfb des-ofb des-ecb + des-ede-cbc des-ede des-ede-cfb des-ede-ofb + des-ede3-cbc des-ede3 des-ede3-cfb des-ede3-ofb + idea-cbc idea-cfb idea-ecb idea-ofb + rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc2-64-cbc rc2-40-cbc + rc4 rc4-40 + rc5-cbc rc5-cfb rc5-ecb rc5-ofb + aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 aes-128-ecb aes-128-ofb + aes-192-cbc aes-192-cfb aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb + aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 aes-256-ecb aes-256-ofb +) + +umask 077 + +if (( $# != 1));then + echo "usage: overonion-make-key keyfile" + exit 1 +fi +keyfile=$1 +if [[ -e "$keyfile" ]];then + echo "That keyfile already exists. I refuse to overwrite it." + exit 1 +fi + +i=0 +while read -r cipher;do + echo -n $'\r'"Generating key $((++i))/${#ciphers[*]}" + sleep 10 + cat >> "$keyfile" <<< "$cipher $(head -c 99 /dev/random | base64 --wrap=0 )" +done < <( IFS=$'\n'; shuf <<< "${ciphers[*]}"; ) +echo