search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove spy hooks.
[seven.git] / tools / mkpasswd.c
blob70745c9f5b07e46afe2759375797eef0468da1c1
1 /* simple password generator by Nelson Minar (minar@reed.edu)
2 ** copyright 1991, all rights reserved.
3 ** You can use this code as long as my name stays with it.
4 **
5 ** md5 patch by W. Campbell <wcampbel@botbay.net>
6 ** Modernization, getopt, etc for the Hybrid IRCD team
7 ** by W. Campbell
8 **
9 ** /dev/random for salt generation added by
10 ** Aaron Sethman <androsyn@ratbox.org>
11 **
12 ** $Id: mkpasswd.c 26 2006-09-20 18:02:06Z spb $
13 */
14 #include <stdio.h>
15 #include <string.h>
16 #include <stdlib.h>
17 #include <time.h>
18 #include <unistd.h>
19 #include <fcntl.h>
20
21 #define FLAG_MD5 0x00000001
22 #define FLAG_DES 0x00000002
23 #define FLAG_SALT 0x00000004
24 #define FLAG_PASS 0x00000008
25 #define FLAG_LENGTH 0x00000010
26 #define FLAG_BLOWFISH 0x00000020
27 #define FLAG_ROUNDS 0x00000040
28 #define FLAG_EXT 0x00000080
29
30 extern char *getpass();
31 extern char *crypt();
32
33 static char *make_des_salt(void);
34 static char *make_ext_salt(int);
35 static char *make_ext_salt_para(int, char *);
36 static char *make_md5_salt(int);
37 static char *make_md5_salt_para(char *);
38 static char *make_bf_salt(int, int);
39 static char *make_bf_salt_para(int, char *);
40 static char *int_to_base64(int);
41 static char *generate_random_salt(char *, int);
42 static char *generate_poor_salt(char *, int);
43
44 static void full_usage(void);
45 static void brief_usage(void);
46
47 static char saltChars[] =
48 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
49 /* 0 .. 63, ascii - 64 */
50
51 extern char *optarg;
52
53 int main(int argc, char *argv[])
54 {
55 char *plaintext = NULL;
56 int c;
57 char *saltpara = NULL;
58 char *salt;
59 int flag = 0;
60 int length = 0; /* Not Set */
61 int rounds = 0; /* Not set, since extended DES needs 25 and blowfish needs
62 ** 4 by default, a side effect of this being the encryption
63 ** type parameter must be specified before the rounds
64 ** parameter.
65 */
66
67 while( (c=getopt(argc, argv, "mdber:h?l:s:p:")) != -1)
68 {
69 switch(c)
70 {
71 case 'm':
72 flag |= FLAG_MD5;
73 break;
74 case 'd':
75 flag |= FLAG_DES;
76 break;
77 case 'b':
78 flag |= FLAG_BLOWFISH;
79 rounds = 4;
80 break;
81 case 'e':
82 flag |= FLAG_EXT;
83 rounds = 25;
84 break;
85 case 'l':
86 flag |= FLAG_LENGTH;
87 length = atoi(optarg);
88 break;
89 case 'r':
90 flag |= FLAG_ROUNDS;
91 rounds = atoi(optarg);
92 break;
93 case 's':
94 flag |= FLAG_SALT;
95 saltpara = optarg;
96 break;
97 case 'p':
98 flag |= FLAG_PASS;
99 plaintext = optarg;
100 break;
101 case 'h':
102 full_usage();
103 /* NOT REACHED */
104 break;
105 case '?':
106 brief_usage();
107 /* NOT REACHED */
108 break;
109 default:
110 printf("Invalid Option: -%c\n", c);
111 break;
112 }
113 }
114
115 if (flag & FLAG_MD5)
116 {
117 if (length == 0)
118 length = 8;
119 if (flag & FLAG_SALT)
120 salt = make_md5_salt_para(saltpara);
121 else
122 salt = make_md5_salt(length);
123 }
124 else if (flag & FLAG_BLOWFISH)
125 {
126 if (length == 0)
127 length = 22;
128 if (flag & FLAG_SALT)
129 salt = make_bf_salt_para(rounds, saltpara);
130 else
131 salt = make_bf_salt(rounds, length);
132 }
133 else if (flag & FLAG_EXT)
134 {
135 /* XXX - rounds needs to be done */
136 if (flag & FLAG_SALT)
137 {
138 if ((strlen(saltpara) == 4))
139 {
140 salt = make_ext_salt_para(rounds, saltpara);
141 }
142 else
143 {
144 printf("Invalid salt, please enter 4 alphanumeric characters\n");
145 exit(1);
146 }
147 }
148 else
149 {
150 salt = make_ext_salt(rounds);
151 }
152 }
153 else
154 {
155 if (flag & FLAG_SALT)
156 {
157 if ((strlen(saltpara) == 2))
158 {
159 salt = saltpara;
160 }
161 else
162 {
163 printf("Invalid salt, please enter 2 alphanumeric characters\n");
164 exit(1);
165 }
166 }
167 else
168 {
169 salt = make_des_salt();
170 }
171 }
172
173 if (flag & FLAG_PASS)
174 {
175 if (!plaintext)
176 printf("Please enter a valid password\n");
177 }
178 else
179 {
180 plaintext = getpass("plaintext: ");
181 }
182
183 printf("%s\n", crypt(plaintext, salt));
184 return 0;
185 }
186
187 static char *make_des_salt()
188 {
189 static char salt[3];
190 generate_random_salt(salt, 2);
191 salt[2] = '\0';
192 return salt;
193 }
194
195 char *int_to_base64(int value)
196 {
197 static char buf[5];
198 int i;
199
200 for (i = 0; i < 4; i++)
201 {
202 buf[i] = saltChars[value & 63];
203 value >>= 6; /* Right shifting 6 places is the same as dividing by 64 */
204 }
205
206 buf[i] = '\0'; /* not REALLY needed as it's static, and thus initialized
207 ** to \0.
208 */
209 return buf;
210 }
211
212 char *make_ext_salt(int rounds)
213 {
214 static char salt[10];
215
216 sprintf(salt, "_%s", int_to_base64(rounds));
217 generate_random_salt(&salt[5], 4);
218 salt[9] = '\0';
219 return salt;
220 }
221
222 char *make_ext_salt_para(int rounds, char *saltpara)
223 {
224 static char salt[10];
225
226 sprintf(salt, "_%s%s", int_to_base64(rounds), saltpara);
227 return salt;
228 }
229
230 char *make_md5_salt_para(char *saltpara)
231 {
232 static char salt[21];
233 if (saltpara && (strlen(saltpara) <= 16))
234 {
235 /* sprintf used because of portability requirements, the length
236 ** is checked above, so it should not be too much of a concern
237 */
238 sprintf(salt, "$1$%s$", saltpara);
239 return salt;
240 }
241 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
242 exit(1);
243
244 /* NOT REACHED */
245 return NULL;
246 }
247
248 char *make_md5_salt(int length)
249 {
250 static char salt[21];
251 if (length > 16)
252 {
253 printf("MD5 salt length too long\n");
254 exit(0);
255 }
256 salt[0] = '$';
257 salt[1] = '1';
258 salt[2] = '$';
259 generate_random_salt(&salt[3], length);
260 salt[length+3] = '$';
261 salt[length+4] = '\0';
262 return salt;
263 }
264
265 char *make_bf_salt_para(int rounds, char *saltpara)
266 {
267 static char salt[31];
268 char tbuf[3];
269 if (saltpara && (strlen(saltpara) <= 22))
270 {
271 /* sprintf used because of portability requirements, the length
272 ** is checked above, so it should not be too much of a concern
273 */
274 sprintf(tbuf, "%02d", rounds);
275 sprintf(salt, "$2a$%s$%s$", tbuf, saltpara);
276 return salt;
277 }
278 printf("Invalid Salt, please use up to 22 random alphanumeric characters\n");
279 exit(1);
280
281 /* NOT REACHED */
282 return NULL;
283 }
284
285 char *make_bf_salt(int rounds, int length)
286 {
287 static char salt[31];
288 char tbuf[3];
289 if (length > 22)
290 {
291 printf("BlowFish salt length too long\n");
292 exit(0);
293 }
294 sprintf(tbuf, "%02d", rounds);
295 sprintf(salt, "$2a$%s$", tbuf);
296 generate_random_salt(&salt[7], length);
297 salt[length+7] = '$';
298 salt[length+8] = '\0';
299 return salt;
300 }
301
302 char *generate_poor_salt(char *salt, int length)
303 {
304 int i;
305 srandom(time(NULL));
306 for(i = 0; i < length; i++)
307 {
308 salt[i] = saltChars[random() % 64];
309 }
310 return(salt);
311 }
312
313 char *generate_random_salt(char *salt, int length)
314 {
315 char *buf;
316 int fd, i;
317 if((fd = open("/dev/random", O_RDONLY)) < 0)
318 {
319 return(generate_poor_salt(salt, length));
320 }
321 buf = calloc(1, length);
322 if(read(fd, buf, length) != length)
323 {
324 free(buf);
325 return(generate_poor_salt(salt, length));
326 }
327
328 for(i = 0; i < length; i++)
329 {
330 salt[i] = saltChars[abs(buf[i]) % 64];
331 }
332 free(buf);
333 return(salt);
334 }
335
336 void full_usage()
337 {
338 printf("mkpasswd [-m|-d|-b|-e] [-l saltlength] [-r rounds] [-s salt] [-p plaintext]\n");
339 printf("-m Generate an MD5 password\n");
340 printf("-d Generate a DES password\n");
341 printf("-b Generate a BlowFish password\n");
342 printf("-e Generate an Extended DES password\n");
343 printf("-l Specify a length for a random MD5 or BlowFish salt\n");
344 printf("-r Specify a number of rounds for a BlowFish or Extended DES password\n");
345 printf(" BlowFish: default 4, no more than 6 recommended\n");
346 printf(" Extended DES: default 25\n");
347 printf("-s Specify a salt, 2 alphanumeric characters for DES, up to 16 for MD5,\n");
348 printf(" up to 22 for BlowFish, and 4 for Extended DES\n");
349 printf("-p Specify a plaintext password to use\n");
350 printf("Example: mkpasswd -m -s 3dr -p test\n");
351 exit(0);
352 }
353
354 void brief_usage()
355 {
356 printf("mkpasswd - password hash generator\n");
357 printf("Standard DES: mkpasswd [-d] [-s salt] [-p plaintext]\n");
358 printf("Extended DES: mkpasswd -e [-r rounds] [-s salt] [-p plaintext]\n");
359 printf(" MD5: mkpasswd -m [-l saltlength] [-s salt] [-p plaintext]\n");
360 printf(" BlowFish: mkpasswd -b [-r rounds] [-l saltlength] [-s salt]\n");
361 printf(" [-p plaintext]\n");
362 printf("Use -h for full usage\n");
363 exit(0);
364 }
An extensible IRCd