summaryrefslogtreecommitdiff
path: root/lib/keyringer/actions/pwgen
blob: 5f254473091b44c1fb8c36720c6f710e91b42aa6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#!/usr/bin/env bash
#
# Generates passphrases.
#

# Load functions
LIB="`dirname $0`/../functions"
source "$LIB" write $* || exit 1

# Parameters
SIZE="$3"
FILE="$2"

# Generates a random passphrase
function keyringer_pwgen {
  ENTROPY_BYTES=${1:-40} # in bytes
  ENTROPY_SOURCE="${ENTROPY_SOURCE:-/dev/urandom}"

  # Strip possible newlines if output is wrapped.
  # Also strip trailing = signs as they add nothing to the password's entropy.
  head -c $ENTROPY_BYTES $ENTROPY_SOURCE | base64 | tr -d '\n='
  echo
}

# Check
if [ -z "$FILE" ]; then
  echo "Usage: keyringer <keyring> $BASENAME <secret> [size]"
  exit 1
elif [ ! -z "$SIZE" ] && ! echo $SIZE | egrep -q '^[0-9]+$'; then
  echo "$SIZE is not a number"
  exit 1
fi

# Encrypt and store a randomly-generated secret
keyringer_pwgen $SIZE | keyringer_exec encrypt-batch "$BASEDIR" "$FILE" && echo "Secret generated and stored."