The Code

Get It

Once you've got your IoT printer all set up, we're going to need to do a bad thing and hook it up to a network so we can download some code. Head on over to GitHub, and clone the repo onto your local box. To do that, ssh into the pi and run the following command from somewhere in your home directory:

git clone https://github.com/iworkinpixels/otp-gen.git

Read It

Here's a quick tour through the code:
  • otp.sh is a bash script that will generate random numbers, and dump the final one time pad to a text file. This text file will later be sent to the printer every time you press the button on the IoT printer. It runs on every startup, so you should have a new pad every time you start up the printer. Make sure that this is the case, because you can't use the same pad twice.
  • otp.py is the python script that gets run when you start up your IoT printer. It listens to the button and prints a copy of the otp text file every time you press the button, and shuts down the pi if you hold down the button.
  • otp.txt is an example of the text file that has the one time pad in it. Open it up if you want to take a look without wasting paper. The real otp.txt is written to a ramdisk so that it never goes to the SD card, and is therefore destroyed whenever you shut off the box.
And that's it! Everything else is just library files or README files.

Enable it

First, we need to enable the hardware random number generator. Make sure you are using the appropriate commands for the version of the Raspberry Pi you are using.

Raspberry Pi v1 & v2

Enable the random number generator module:

sudo modprobe bcm2708-rng

This will add the driver for the rng once, but if we want it to show up again after we reboot, we need to add it to /etc/modules-load.d using the following command:

echo bcm2708-rng | sudo tee /etc/modules-load.d/rng-tools.conf

Raspberry Pi v3

Enable the random number generator module:

sudo modprobe bcm2835_rng

This will add the driver for the rng once, but if we want it to show up again after we reboot, we need to add it to /etc/modules-load.d using the following command:

echo bcm2835_rng | sudo tee /etc/modules-load.d/rng-tools.conf

Install rng-tools

While we're at it, let's set up some tools to deal with random numbers:

sudo apt-get install rng-tools
These tools will let us test the numbers we get and make sure they're really random. We won't go into how to do that here, but check out this link to learn more.

Test It

Let's test it out and see if everything works! go to wherever you downloaded the otp-gen repo to, and run the following command:
./otp.sh
This should take a long time to run, but when it's finished, you should have a brand-new one time pad waiting for you in the same directory! Assuming there were no errors, your next step is to open up the file and see what's in there!
sudo nano otp.txt
You should be looking at something that looks a little bit like this:
EFXIAKBHAT                  1/10
AFWXH  VYLLW  CJHZA  WWHCF  
VAEAI  FWXXQ  ARLFU  GFCTG  
MAZSY  EHBGP  OUVHS  FQLBM  
DGIXN  TLHTZ  RMFLN  CCVDN  
IKQIZ  XKZCC  UZFZH  RVBGX  
PQLKC  XFHHK  MEKHQ  HDEJL  
RPKIK  TTZEX  JNAXJ  MJXCW  
AGVIS  DKUZJ  VYTQU  LUVID  
HXCTE  XWFXA  PAGKH  IYXQK  
LYBJN  JQJCV  YLOGP  VJJUP  
--------------------------------
EFXIAKBHAT                  2/10
JPMVQ  FSMCY  WLWVH  YBIVR  
HGQHH  FKUAZ  YIALB  EVIIW  
IPUEL  LESFN  TJQRJ  GYDXT  
JFYJI  UXQPM  HTQDU  TCGDY  
UZCGS  WFSRT  KMQPJ  MBEAJ  
KZQQC  LHLPS  XMERF  IHRMB  
RWSDM  LDVAY  TUOWM  TUIIP  
FZSZG  NCKBJ  PXCUR  XMZHZ  
OVEAP  EIJZK  YWIDY  FPTAA  
HXQZC  XAUQN  FYKEZ  FDNTG  
--------------------------------

[...]

EFXIAKBHAT                 10/10
PADNW  MQGYF  PAJMU  GCVHK  
YYEFY  YIAVW  SPIRE  IMIPQ  
ILWJU  BTKNH  CNFFF  QSXTG  
AFGBC  WIJCU  DOPJP  HMLLY  
HCZIR  RMSTQ  ZRUDR  NXMFS  
QMOGV  RJGKC  JTJXY  MINUZ  
QMEPB  EAYYC  GHDJF  EVAHM  
ZKRYI  VXNUA  GERDJ  FPRZX  
SIRKO  XPCAD  WHJHW  JNLXS  
OCMAR  BGHRU  NBXQB  SFCMP  
--------------------------------
(If your file looks *exactly* like that, then there's a problem, and otp.txt isn't being overwritten.)

Deploy It

Assuming everything worked, there's only one step left... we have to hook everything up so it runs when the machine starts!
sudo nano /etc/rc.local
Then replace the file with the following:
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# Print the IP address
_IP=$(hostname -I) || true
if [ "$_IP" ]; then
  printf "My IP address is %s\n" "$_IP"
fi

cd /home/pi/otp-gen
./otp.sh
python ./otp.py

exit 0
Be sure to change the directory from /home/pi/otp-gen to whatever the path to your actual otp-gen directory is.

And that's it! Let's reboot the pi!
sudo shutdown -r now
If all goes well, you should get kicked off of your ssh session, and a few minutes later (after waiting for the new pad to be generated) the printer should print out a warning that it's on a network, a welcome message, and then pause.

Every time you press the button after that point, one copy of the pad will be printed. If everything works, then congratulations! You now have a stand-alone one time pad generator. You'll have to find a secure way of getting one copy of the pad to each of your friends, but if you can, then you'll have lots of fun sending super secret messages using state of the art (in WWII) technology!

Next up, security!
Last updated on Aug 19, 2016 Published on Aug 15, 2013