diff --git a/create-attributable-archive.sh b/create-attributable-archive.sh index c4b963d..41bf64a 100755 --- a/create-attributable-archive.sh +++ b/create-attributable-archive.sh @@ -1,7 +1,6 @@ #!/bin/bash -# packages: 7zip, shred, secure-delete +# packages: 7zip, shred, secure-delete, cracklib-runtime set -e - unix_seconds=$(date +%s) key_path="./private_ed25519_${unix_seconds}" signature_tag="file-integrity" @@ -98,9 +97,10 @@ reset() { done } + + printf "setting up environment..." reset -checkcode $? printf "ssh-keygen: makin new key: ${key_path}..." ssh-keygen -t ed25519 -f "$key_path" -C "anonymous" -N "" > /dev/null 2>&1 @@ -158,6 +158,13 @@ echo "Enter attribution passphrase again:" read -r -s attribution_passphrase_check echo +if printf "$attribution_passphrase" | cracklib-check | grep -q 'OK'; then + echo -e "attribution passphrase strength: \033[0;32mOK!\033[0m" +else + echo -e "\n\n\033[0;31mAttribution passphrase ia not secure enough! Exiting!\033[0m\n\n" > /dev/null 2>&1 + exit 1 +fi + if [[ "$attribution_passphrase" != "$attribution_passphrase_check" ]]; then echo -e "\n\n\033[0;31mAttribution passphrases do not match! Exiting!\033[0m\n\n" > /dev/null 2>&1 exit 1 @@ -213,6 +220,13 @@ echo "input keystore passphrase (again):" read -r -s keystore_passphrase_check echo +if printf "$keystore_passphrase" | cracklib-check | grep -q 'OK'; then + echo -e "keystore passphrase strength: \033[0;32mOK!\033[0m" +else + echo -e "\n\n\033[0;31mKeystore passphrase not strong enough! Exiting!\033[0m\n\n" > /dev/null 2>&1 + exit 1 +fi + if [[ "$keystore_passphrase" != "$keystore_passphrase_check" ]]; then echo -e "\n\n\033[0;31mKeystore passphrases do not match! Exiting!\033[0m\n\n" > /dev/null 2>&1 exit 1 @@ -232,12 +246,11 @@ printf "testing key archive..." 7z t "keystore/keystore_${unix_seconds}.7z" -p"$keystore_passphrase" > /dev/null 2>&1 checkcode $? -printf "unsetting keystore passphrase" +printf "unsetting keystore passphrase..." unset keystore_passphrase > /dev/null 2>&1 checkcode $? printf "resetting environment..." reset -checkcode $? echo -e "\033[0;32mdone :3\033[0m"