From d5024a536d512b12b98d1fcd8a904e70799d9da8 Mon Sep 17 00:00:00 2001
From: David Tomaschik <david@systemoverlord.com>
Date: Thu, 22 May 2025 16:56:03 -0700
Subject: [PATCH] Add secret generator

---
 dotfiles/zshrc.d/functions.zsh | 44 ++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/dotfiles/zshrc.d/functions.zsh b/dotfiles/zshrc.d/functions.zsh
index 8997b98..8254646 100644
--- a/dotfiles/zshrc.d/functions.zsh
+++ b/dotfiles/zshrc.d/functions.zsh
@@ -35,3 +35,47 @@ function rtmux {
   shift
   ssh -t ${HOST} -- tmux "$@"
 }
+
+function generate_secure_key {
+  local BITS=128
+  local FORMAT=b64
+  for arg in "$@" ; do
+    if [[ "${arg}" =~ '^[0-9]+$' ]] ; then
+      BITS="${arg}"
+    elif [[ "${arg:l}" == "b64" ]] ; then
+      FORMAT=b64
+    elif [[ "${arg:l}" == "hex" ]] ; then
+      FORMAT=hex
+    else
+      echo "Unknown argument $arg" >&2
+      return 1
+    fi
+  done
+  if [[ "${BITS}" -lt 64 ]] ; then
+    echo "Refusing to create a key less than 64 bits!" >&2
+    return 1
+  fi
+  local ENCODE
+  case "${FORMAT}" in
+    b64)
+      case "${OSTYPE}" in
+        darwin*)
+          ENCODE="base64 -b 0"
+          ;;
+        linux*)
+          ENCODE="base64 -w 0; echo"
+          ;;
+        *)
+          ;;
+      esac
+      ;;
+    hex)
+      ENCODE="xxd -ps -c 0"
+      ;;
+    *)
+      echo "Unknown encoding ${FORMAT}" >&2
+      return 1
+  esac
+  local BYTES=$((BITS/8))
+  head -c "${BYTES}" /dev/urandom | ${(s: :)ENCODE}
+}