diff --git a/keys.sh b/keys.sh new file mode 100755 index 0000000..bb63080 --- /dev/null +++ b/keys.sh @@ -0,0 +1,25 @@ +#!/bin/bash +# +# keys.sh generates keys used for the encryption of certain user data. Because +# user data becomes unrecoverable without these keys, the script and won't +# overwrite any existing keys unless you explicitly delete them. +# + +# Generate cookie encryption and authentication keys +if [[ ! -e "$(pwd)/keys/cookies_enc.aes256" ]]; then + dd of=$(pwd)/keys/cookies_enc.aes256 if=/dev/urandom bs=32 count=1 +else + echo "cookies key already exists! rm keys/cookies_enc.aes256 if you understand the consquences." +fi +if [[ ! -e "$(pwd)/keys/cookies_auth.aes256" ]]; then + dd of=$(pwd)/keys/cookies_auth.aes256 if=/dev/urandom bs=32 count=1 +else + echo "cookies authentication key already exists! rm keys/cookies_auth.aes256 if you understand the consquences." +fi + +# Generate email encryption key +if [[ ! -e "$(pwd)/keys/email_enc.aes256" ]]; then + dd of=$(pwd)/keys/email_enc.aes256 if=/dev/urandom bs=32 count=1 +else + echo "email key already exists! rm keys/email_enc.aes256 if you understand the consquences." +fi diff --git a/keys/.gitignore b/keys/.gitignore new file mode 100644 index 0000000..1da0f60 --- /dev/null +++ b/keys/.gitignore @@ -0,0 +1 @@ +*.aes256 diff --git a/keys/README.md b/keys/README.md new file mode 100644 index 0000000..966b9a9 --- /dev/null +++ b/keys/README.md @@ -0,0 +1,4 @@ +Keys +==== + +Contains keys for encrypting database and session data. Generate necessary keys by running (from the root of the project) `./keys.sh`.