use std::{ env, error::Error, fs::{read_dir, read_to_string, File}, io::Read, }; use sha2::{Digest, Sha256}; /// Usage: keyfork-mnemonic-generate [bitsize: 128 or 256] /// CHECKS: /// * If the system is online /// * If a kernel is running post-BLAKE2 /// /// TODO: /// * --features kitchen-sink: load username; system time's most random, precise bits; hostname; /// kernel version; other env specific shit into a CSPRNG static WARNING_LINKS: [&str; 1] = ["https://lore.kernel.org/lkml/20211223141113.1240679-2-Jason@zx2c4.com/"]; fn check_kernel_version() { let kernel_version = read_to_string("/proc/version").expect("/proc/version"); let v = kernel_version .split(' ') .nth(2) .expect("Unable to parse kernel version") .split('.') .take(2) .map(str::parse) .map(|x| x.expect("Unable to parse kernel version number")) .collect::>(); let [major, minor, ..] = v.as_slice() else { panic!("Unable to determine major and minor: {kernel_version}"); }; assert!( [major, minor] > [&5, &4], "kernel can't generate clean entropy: {}", WARNING_LINKS[0] ); } fn check_online() { let paths = read_dir("/sys/class/net").expect("Unable to read network interfaces"); for entry in paths { let mut path = entry.expect("Unable to read directory entry").path(); if path .as_os_str() .to_str() .expect("Unable to decode UTF-8 filepath") .split('/') .last() .unwrap() == "lo" { continue; } path.push("operstate"); let isup = read_to_string(&path).expect("Unable to read operstate of network interfaces"); assert_ne!(isup.trim(), "up", "No network interfaces should be up"); } } fn build_wordlist() -> Vec { let wordlist_file = include_str!("wordlist.txt"); wordlist_file .lines() .skip(1) .map(|x| x.trim().to_string()) .collect() } fn main() -> Result<(), Box> { if !env::vars() .any(|(name, _)| name == "SHOOT_SELF_IN_FOOT" || name == "INSECURE_HARDWARE_ALLOWED") { check_kernel_version(); check_online(); } let wordlist = build_wordlist(); assert_eq!( wordlist.len(), 2usize.pow(11), "Wordlist did not include correct word count" ); let bit_size: usize = env::args() .nth(1) .unwrap_or(String::from("256")) .parse() .expect("Expected integer bit size"); assert!( bit_size == 128 || bit_size == 256, "Only 12 or 24 word mnemonics are supported" ); let mut random_handle = File::open("/dev/urandom")?; let entropy = &mut [0u8; 256 / 8]; random_handle.read_exact(&mut entropy[..])?; let mut hasher = Sha256::new(); hasher.update(&entropy); let hash = hasher.finalize(); let checksum = &hash[..bit_size / 32 / 8]; let seed = [&entropy[..bit_size / 8], checksum].concat(); let seed_bits = seed .iter() .flat_map(|byte| { [ byte & (1 << 0) != 0, byte & (1 << 1) != 0, byte & (1 << 2) != 0, byte & (1 << 3) != 0, byte & (1 << 4) != 0, byte & (1 << 5) != 0, byte & (1 << 6) != 0, byte & (1 << 7) != 0, ] }) .collect::>(); let words = seed_bits.chunks_exact(11).map(|chunk| { let index = usize::from(chunk[0]) + (usize::from(chunk[1]) << 1) + (usize::from(chunk[2]) << 2) + (usize::from(chunk[3]) << 3) + (usize::from(chunk[4]) << 4) + (usize::from(chunk[5]) << 5) + (usize::from(chunk[6]) << 6) + (usize::from(chunk[7]) << 7) + (usize::from(chunk[8]) << 8) + (usize::from(chunk[9]) << 9) + (usize::from(chunk[10]) << 10); wordlist[index].clone() }).collect::>(); println!("{}", words.join(" ")); Ok(()) }