]>
jfr.im git - solanum.git/blob - tools/mkpasswd.c
1 /* simple password generator by Nelson Minar (minar@reed.edu)
2 * copyright 1991, all rights reserved.
3 * You can use this code as long as my name stays with it.
5 * md5 patch by W. Campbell <wcampbel@botbay.net>
6 * Modernization, getopt, etc for the Hybrid IRCD team
9 * /dev/random for salt generation added by
10 * Aaron Sethman <androsyn@ratbox.org>
23 #define FLAG_MD5 0x00000001
24 #define FLAG_SALT 0x00000002
25 #define FLAG_PASS 0x00000004
26 #define FLAG_LENGTH 0x00000008
27 #define FLAG_BLOWFISH 0x00000010
28 #define FLAG_ROUNDS 0x00000020
29 #define FLAG_SHA256 0x00000040
30 #define FLAG_SHA512 0x00000080
33 static char *make_md5_salt(int);
34 static char *make_md5_salt_para(char *);
35 static char *make_sha256_salt(int);
36 static char *make_sha256_salt_para(char *);
37 static char *make_sha512_salt(int);
38 static char *make_sha512_salt_para(char *);
39 static char *make_bf_salt(int, int);
40 static char *make_bf_salt_para(int, char *);
41 static char *generate_random_salt(char *, int);
42 static char *generate_poor_salt(char *, int);
44 static void full_usage(void) __attribute__((noreturn
));
45 static void brief_usage(void) __attribute__((noreturn
));
47 static char saltChars
[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
48 /* 0 .. 63, ascii - 64 */
56 static char getpassbuf
[PASS_MAX
+ 1];
59 getpass(const char *prompt
)
64 memset(getpassbuf
, 0, sizeof(getpassbuf
));
65 fputs(prompt
, stderr
);
79 fputs("\r\n", stderr
);
87 main(int argc
, char *argv
[])
89 char *plaintext
= NULL
;
91 char *saltpara
= NULL
;
93 char *hashed
, *hashed2
;
95 int length
= 0; /* Not Set */
96 int rounds
= 0; /* Not set, since blowfish needs 4 by default, a side effect
97 * of this being the encryption type parameter must be
98 * specified before the rounds parameter.
101 while((c
= getopt(argc
, argv
, "xymbr:h?l:s:p:")) != -1)
109 flag
|= FLAG_BLOWFISH
;
114 length
= atoi(optarg
);
118 rounds
= atoi(optarg
);
143 printf("Invalid Option: -%c\n", c
);
153 salt
= make_md5_salt_para(saltpara
);
155 salt
= make_md5_salt(length
);
157 else if(flag
& FLAG_BLOWFISH
)
162 salt
= make_bf_salt_para(rounds
, saltpara
);
164 salt
= make_bf_salt(rounds
, length
);
166 else if(flag
& FLAG_SHA256
)
171 salt
= make_sha256_salt_para(saltpara
);
173 salt
= make_sha256_salt(length
);
180 salt
= make_sha512_salt_para(saltpara
);
182 salt
= make_sha512_salt(length
);
189 fprintf(stderr
, "Please enter a valid password\n");
193 hashed
= rb_crypt(plaintext
, salt
);
197 plaintext
= getpass("plaintext: ");
198 hashed
= rb_crypt(plaintext
, salt
);
201 fprintf(stderr
, "rb_crypt() failed\n");
204 hashed
= strdup(hashed
);
206 plaintext
= getpass("again: ");
207 hashed2
= rb_crypt(plaintext
, salt
);
210 fprintf(stderr
, "rb_crypt() failed\n");
214 if (strcmp(hashed
, hashed2
) != 0)
216 fprintf(stderr
, "Passwords do not match\n");
221 printf("%s\n", hashed
);
226 make_md5_salt_para(char *saltpara
)
228 static char salt
[21];
229 if(saltpara
&& (strlen(saltpara
) <= 16))
231 /* sprintf used because of portability requirements, the length
232 ** is checked above, so it should not be too much of a concern
234 sprintf(salt
, "$1$%s$", saltpara
);
237 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
245 make_md5_salt(int length
)
247 static char salt
[21];
250 printf("MD5 salt length too long\n");
256 generate_random_salt(&salt
[3], length
);
257 salt
[length
+ 3] = '$';
258 salt
[length
+ 4] = '\0';
263 make_sha256_salt_para(char *saltpara
)
265 static char salt
[21];
266 if(saltpara
&& (strlen(saltpara
) <= 16))
268 /* sprintf used because of portability requirements, the length
269 ** is checked above, so it should not be too much of a concern
271 sprintf(salt
, "$5$%s$", saltpara
);
274 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
282 make_sha512_salt_para(char *saltpara
)
284 static char salt
[21];
285 if(saltpara
&& (strlen(saltpara
) <= 16))
287 /* sprintf used because of portability requirements, the length
288 ** is checked above, so it should not be too much of a concern
290 sprintf(salt
, "$6$%s$", saltpara
);
293 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
302 make_sha256_salt(int length
)
304 static char salt
[21];
307 printf("SHA256 salt length too long\n");
313 generate_random_salt(&salt
[3], length
);
314 salt
[length
+ 3] = '$';
315 salt
[length
+ 4] = '\0';
320 make_sha512_salt(int length
)
322 static char salt
[21];
325 printf("SHA512 salt length too long\n");
331 generate_random_salt(&salt
[3], length
);
332 salt
[length
+ 3] = '$';
333 salt
[length
+ 4] = '\0';
338 make_bf_salt_para(int rounds
, char *saltpara
)
340 static char salt
[31];
342 if(saltpara
&& (strlen(saltpara
) <= 22))
344 /* sprintf used because of portability requirements, the length
345 ** is checked above, so it should not be too much of a concern
347 sprintf(tbuf
, "%02d", rounds
);
348 sprintf(salt
, "$2a$%s$%s$", tbuf
, saltpara
);
351 printf("Invalid Salt, please use up to 22 random alphanumeric characters\n");
359 make_bf_salt(int rounds
, int length
)
361 static char salt
[31];
365 printf("Blowfish salt length too long\n");
368 sprintf(tbuf
, "%02d", rounds
);
369 sprintf(salt
, "$2a$%s$", tbuf
);
370 generate_random_salt(&salt
[7], length
);
371 salt
[length
+ 7] = '$';
372 salt
[length
+ 8] = '\0';
377 generate_poor_salt(char *salt
, int length
)
381 for(i
= 0; i
< length
; i
++)
383 salt
[i
] = saltChars
[rand() % 64];
389 generate_random_salt(char *salt
, int length
)
393 if((fd
= open("/dev/random", O_RDONLY
)) < 0)
395 return (generate_poor_salt(salt
, length
));
397 buf
= calloc(1, length
);
398 if(read(fd
, buf
, length
) != length
)
401 return (generate_poor_salt(salt
, length
));
404 for(i
= 0; i
< length
; i
++)
406 salt
[i
] = saltChars
[abs(buf
[i
]) % 64];
415 printf("mkpasswd [-m|-b|-x|-y] [-l saltlength] [-r rounds] [-s salt] [-p plaintext]\n");
416 printf("-x Generate a SHA256 password\n");
417 printf("-y Generate a SHA512 password\n");
418 printf("-m Generate an MD5 password\n");
419 printf("-b Generate a Blowfish password\n");
420 printf("-l Specify a length for a random MD5 or Blowfish salt\n");
421 printf("-r Specify a number of rounds for a Blowfish password\n");
422 printf(" Default 4, no more than 6 recommended\n");
423 printf("-s Specify a salt, up to 16 for MD5, SHA256, and SHA512\n");
424 printf(" up to 22 for Blowfish\n");
425 printf("-p Specify a plaintext password to use\n");
426 printf("Example: mkpasswd -m -s 3dr -p test\n");
433 printf("mkpasswd - password hash generator\n");
434 printf(" SHA512: mkpasswd [-y] [-l saltlength] [-s salt] [-p plaintext]\n");
435 printf(" SHA256: mkpasswd -x [-l saltlength] [-s salt] [-p plaintext]\n");
436 printf(" MD5: mkpasswd -m [-l saltlength] [-s salt] [-p plaintext]\n");
437 printf("Blowfish: mkpasswd -b [-r rounds] [-l saltlength] [-s salt]\n");
438 printf(" [-p plaintext]\n");
439 printf("Use -h for full usage\n");