]>
jfr.im git - solanum.git/blob - tools/mkpasswd.c
1 /* simple password generator by Nelson Minar (minar@reed.edu)
2 ** copyright 1991, all rights reserved.
3 ** You can use this code as long as my name stays with it.
5 ** md5 patch by W. Campbell <wcampbel@botbay.net>
6 ** Modernization, getopt, etc for the Hybrid IRCD team
9 ** /dev/random for salt generation added by
10 ** Aaron Sethman <androsyn@ratbox.org>
24 #define FLAG_MD5 0x00000001
25 #define FLAG_DES 0x00000002
26 #define FLAG_SALT 0x00000004
27 #define FLAG_PASS 0x00000008
28 #define FLAG_LENGTH 0x00000010
29 #define FLAG_BLOWFISH 0x00000020
30 #define FLAG_ROUNDS 0x00000040
31 #define FLAG_EXT 0x00000080
32 #define FLAG_SHA256 0x00000100
33 #define FLAG_SHA512 0x00000200
36 static char *make_des_salt(void);
37 static char *make_ext_salt(int);
38 static char *make_ext_salt_para(int, char *);
39 static char *make_md5_salt(int);
40 static char *make_md5_salt_para(char *);
41 static char *make_sha256_salt(int);
42 static char *make_sha256_salt_para(char *);
43 static char *make_sha512_salt(int);
44 static char *make_sha512_salt_para(char *);
45 static char *make_bf_salt(int, int);
46 static char *make_bf_salt_para(int, char *);
47 static char *int_to_base64(int);
48 static char *generate_random_salt(char *, int);
49 static char *generate_poor_salt(char *, int);
51 static void full_usage(void);
52 static void brief_usage(void);
54 static char saltChars
[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
55 /* 0 .. 63, ascii - 64 */
63 static char getpassbuf
[PASS_MAX
+ 1];
66 getpass(const char *prompt
)
71 memset(getpassbuf
, 0, sizeof(getpassbuf
));
72 fputs(prompt
, stderr
);
86 fputs("\r\n", stderr
);
94 main(int argc
, char *argv
[])
96 char *plaintext
= NULL
;
98 char *saltpara
= NULL
;
102 int length
= 0; /* Not Set */
103 int rounds
= 0; /* Not set, since extended DES needs 25 and blowfish needs
104 ** 4 by default, a side effect of this being the encryption
105 ** type parameter must be specified before the rounds
109 while((c
= getopt(argc
, argv
, "xymdber:h?l:s:p:")) != -1)
120 flag
|= FLAG_BLOWFISH
;
129 length
= atoi(optarg
);
133 rounds
= atoi(optarg
);
158 printf("Invalid Option: -%c\n", c
);
168 salt
= make_md5_salt_para(saltpara
);
170 salt
= make_md5_salt(length
);
172 else if(flag
& FLAG_BLOWFISH
)
177 salt
= make_bf_salt_para(rounds
, saltpara
);
179 salt
= make_bf_salt(rounds
, length
);
181 else if(flag
& FLAG_SHA256
)
186 salt
= make_sha256_salt_para(saltpara
);
188 salt
= make_sha256_salt(length
);
190 else if(flag
& FLAG_EXT
)
192 /* XXX - rounds needs to be done */
195 if((strlen(saltpara
) == 4))
197 salt
= make_ext_salt_para(rounds
, saltpara
);
201 printf("Invalid salt, please enter 4 alphanumeric characters\n");
207 salt
= make_ext_salt(rounds
);
210 else if (flag
& FLAG_DES
)
214 if((strlen(saltpara
) == 2))
220 printf("Invalid salt, please enter 2 alphanumeric characters\n");
226 salt
= make_des_salt();
234 salt
= make_sha512_salt_para(saltpara
);
236 salt
= make_sha512_salt(length
);
243 fprintf(stderr
, "Please enter a valid password\n");
247 hashed
= rb_crypt(plaintext
, salt
);
251 hashed
= strdup(rb_crypt(getpass("plaintext: "), salt
));
252 plaintext
= getpass("again: ");
254 if (strcmp(rb_crypt(plaintext
, salt
), hashed
) != 0)
256 fprintf(stderr
, "Passwords do not match\n");
261 printf("%s\n", hashed
);
269 generate_random_salt(salt
, 2);
275 int_to_base64(int value
)
280 for(i
= 0; i
< 4; i
++)
282 buf
[i
] = saltChars
[value
& 63];
283 value
>>= 6; /* Right shifting 6 places is the same as dividing by 64 */
286 buf
[i
] = '\0'; /* not REALLY needed as it's static, and thus initialized
293 make_ext_salt(int rounds
)
295 static char salt
[10];
297 sprintf(salt
, "_%s", int_to_base64(rounds
));
298 generate_random_salt(&salt
[5], 4);
304 make_ext_salt_para(int rounds
, char *saltpara
)
306 static char salt
[10];
308 sprintf(salt
, "_%s%s", int_to_base64(rounds
), saltpara
);
313 make_md5_salt_para(char *saltpara
)
315 static char salt
[21];
316 if(saltpara
&& (strlen(saltpara
) <= 16))
318 /* sprintf used because of portability requirements, the length
319 ** is checked above, so it should not be too much of a concern
321 sprintf(salt
, "$1$%s$", saltpara
);
324 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
332 make_md5_salt(int length
)
334 static char salt
[21];
337 printf("MD5 salt length too long\n");
343 generate_random_salt(&salt
[3], length
);
344 salt
[length
+ 3] = '$';
345 salt
[length
+ 4] = '\0';
350 make_sha256_salt_para(char *saltpara
)
352 static char salt
[21];
353 if(saltpara
&& (strlen(saltpara
) <= 16))
355 /* sprintf used because of portability requirements, the length
356 ** is checked above, so it should not be too much of a concern
358 sprintf(salt
, "$5$%s$", saltpara
);
361 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
369 make_sha512_salt_para(char *saltpara
)
371 static char salt
[21];
372 if(saltpara
&& (strlen(saltpara
) <= 16))
374 /* sprintf used because of portability requirements, the length
375 ** is checked above, so it should not be too much of a concern
377 sprintf(salt
, "$6$%s$", saltpara
);
380 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
389 make_sha256_salt(int length
)
391 static char salt
[21];
394 printf("SHA256 salt length too long\n");
400 generate_random_salt(&salt
[3], length
);
401 salt
[length
+ 3] = '$';
402 salt
[length
+ 4] = '\0';
407 make_sha512_salt(int length
)
409 static char salt
[21];
412 printf("SHA512 salt length too long\n");
418 generate_random_salt(&salt
[3], length
);
419 salt
[length
+ 3] = '$';
420 salt
[length
+ 4] = '\0';
425 make_bf_salt_para(int rounds
, char *saltpara
)
427 static char salt
[31];
429 if(saltpara
&& (strlen(saltpara
) <= 22))
431 /* sprintf used because of portability requirements, the length
432 ** is checked above, so it should not be too much of a concern
434 sprintf(tbuf
, "%02d", rounds
);
435 sprintf(salt
, "$2a$%s$%s$", tbuf
, saltpara
);
438 printf("Invalid Salt, please use up to 22 random alphanumeric characters\n");
446 make_bf_salt(int rounds
, int length
)
448 static char salt
[31];
452 printf("Blowfish salt length too long\n");
455 sprintf(tbuf
, "%02d", rounds
);
456 sprintf(salt
, "$2a$%s$", tbuf
);
457 generate_random_salt(&salt
[7], length
);
458 salt
[length
+ 7] = '$';
459 salt
[length
+ 8] = '\0';
464 generate_poor_salt(char *salt
, int length
)
468 for(i
= 0; i
< length
; i
++)
470 salt
[i
] = saltChars
[rand() % 64];
476 generate_random_salt(char *salt
, int length
)
480 if((fd
= open("/dev/random", O_RDONLY
)) < 0)
482 return (generate_poor_salt(salt
, length
));
484 buf
= calloc(1, length
);
485 if(read(fd
, buf
, length
) != length
)
488 return (generate_poor_salt(salt
, length
));
491 for(i
= 0; i
< length
; i
++)
493 salt
[i
] = saltChars
[abs(buf
[i
]) % 64];
502 printf("mkpasswd [-m|-d|-b|-e] [-l saltlength] [-r rounds] [-s salt] [-p plaintext]\n");
503 printf("-x Generate a SHA256 password\n");
504 printf("-y Generate a SHA512 password\n");
505 printf("-m Generate an MD5 password\n");
506 printf("-d Generate a DES password\n");
507 printf("-b Generate a Blowfish password\n");
508 printf("-e Generate an Extended DES password\n");
509 printf("-l Specify a length for a random MD5 or Blowfish salt\n");
510 printf("-r Specify a number of rounds for a Blowfish or Extended DES password\n");
511 printf(" Blowfish: default 4, no more than 6 recommended\n");
512 printf(" Extended DES: default 25\n");
513 printf("-s Specify a salt, 2 alphanumeric characters for DES, up to 16 for MD5,\n");
514 printf(" up to 22 for Blowfish, and 4 for Extended DES\n");
515 printf("-p Specify a plaintext password to use\n");
516 printf("Example: mkpasswd -m -s 3dr -p test\n");
523 printf("mkpasswd - password hash generator\n");
524 printf("Standard DES: mkpasswd [-d] [-s salt] [-p plaintext]\n");
525 printf("Extended DES: mkpasswd -e [-r rounds] [-s salt] [-p plaintext]\n");
526 printf(" MD5: mkpasswd -m [-l saltlength] [-s salt] [-p plaintext]\n");
527 printf(" Blowfish: mkpasswd -b [-r rounds] [-l saltlength] [-s salt]\n");
528 printf(" [-p plaintext]\n");
529 printf("Use -h for full usage\n");