xkcdpass/xkcd_password.py

   1 #!/usr/bin/env python
   2 # encoding: utf-8
   3
   4 import random
   5 import os
   6 import optparse
   7 import re
   8 import math
   9 import sys
  10
  11 __LICENSE__ = """
  12 Copyright (c) 2011 - 2015, Steven Tobin and Contributors.
  13 All rights reserved.
  14
  15 Contributors: Steven Tobin,
  16               Rob Lanphier <robla@robla.net>,
  17               Mithrandir <mithrandiragain@lavabit.com>,
  18               Daniel Beecham <daniel@lunix.se>,
  19               Kim Slawson <kimslawson@gmail.com>,
  20               Stanislav Bytsko <zbstof@gmail.com>,
  21               Lowe Thiderman <lowe.thiderman@gmail.com>,
  22               Daniil Baturin <daniil@baturin.org>,
  23               Ben Finney <ben@benfinney.id.au>,
  24               Simeon Visser <simeon87@gmail.com>,
  25               Scot Hacker <shacker@birdhouse.org>,
  26               Lars Noschinski <lars@public.noschinski.de>
  27
  28 Redistribution and use in source and binary forms, with or without
  29 modification, are permitted provided that the following conditions are met:
  30     * Redistributions of source code must retain the above copyright
  31       notice, this list of conditions and the following disclaimer.
  32     * Redistributions in binary form must reproduce the above copyright
  33       notice, this list of conditions and the following disclaimer in the
  34       documentation and/or other materials provided with the distribution.
  35     * Neither the name of the <organization> nor the
  36       names of its contributors may be used to endorse or promote products
  37       derived from this software without specific prior written permission.
  38
  39 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
  40 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  41 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  42 DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
  43 DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  44 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  45 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  46 ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  47 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  48 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  49 """
  50
  51 # random.SystemRandom() should be cryptographically secure
  52 try:
  53     rng = random.SystemRandom
  54 except AttributeError:
  55     sys.stderr.write("WARNING: System does not support cryptographically "
  56                      "secure random number generator or you are using Python "
  57                      "version < 2.4.\n"
  58                      "Continuing with less-secure generator.\n")
  59     rng = random.Random
  60
  61 # Python 3 compatibility
  62 if sys.version_info[0] >= 3:
  63     raw_input = input
  64     xrange = range
  65
  66
  67 def validate_options(parser, options, args):
  68     """
  69     Given a set of command line options, performs various validation checks
  70     """
  71
  72     if options.max_length < options.min_length:
  73         sys.stderr.write("The maximum length of a word can not be "
  74                          "lesser then minimum length.\n"
  75                          "Check the specified settings.\n")
  76         sys.exit(1)
  77
  78     if len(args) > 1:
  79         parser.error("Too many arguments.")
  80
  81     if len(args) == 1:
  82         # supporting either -w or args[0] for wordlist, but not both
  83         if options.wordfile is None:
  84             options.wordfile = args[0]
  85         elif options.wordfile == args[0]:
  86             pass
  87         else:
  88             parser.error("Conflicting values for wordlist: " + args[0] +
  89                          " and " + options.wordfile)
  90     if options.wordfile is not None:
  91         if not os.path.exists(os.path.abspath(options.wordfile)):
  92             sys.stderr.write("Could not open the specified word file.\n")
  93             sys.exit(1)
  94     else:
  95         options.wordfile = locate_wordfile()
  96
  97         if not options.wordfile:
  98             sys.stderr.write("Could not find a word file, or word file does "
  99                              "not exist.\n")
 100             sys.exit(1)
 101
 102
 103 def locate_wordfile():
 104     static_default = os.path.join(
 105         os.path.dirname(os.path.abspath(__file__)),
 106         'static',
 107         'default.txt')
 108     common_word_files = ["/usr/share/cracklib/cracklib-small",
 109                          static_default,
 110                          "/usr/dict/words",
 111                          "/usr/share/dict/words"]
 112
 113     for wfile in common_word_files:
 114         if os.path.exists(wfile):
 115             return wfile
 116
 117
 118 def generate_wordlist(wordfile=None,
 119                       min_length=5,
 120                       max_length=9,
 121                       valid_chars='.'):
 122     """
 123     Generate a word list from either a kwarg wordfile, or a system default
 124     valid_chars is a regular expression match condition (default - all chars)
 125     """
 126
 127     words = []
 128
 129     regexp = re.compile("^%s{%i,%i}$" % (valid_chars, min_length, max_length))
 130
 131     # At this point wordfile is set
 132     wordfile = os.path.expanduser(wordfile)  # just to be sure
 133     wlf = open(wordfile)
 134
 135     for line in wlf:
 136         thisword = line.strip()
 137         if regexp.match(thisword) is not None:
 138             words.append(thisword)
 139
 140     wlf.close()
 141
 142     return words
 143
 144
 145 def wordlist_to_worddict(wordlist):
 146     """
 147     Takes a wordlist and returns a dictionary keyed by the first letter of
 148     the words. Used for acrostic pass phrase generation
 149     """
 150
 151     worddict = {}
 152
 153     # Maybe should be a defaultdict, but this reduces dependencies
 154     for word in wordlist:
 155         try:
 156             worddict[word[0]].append(word)
 157         except KeyError:
 158             worddict[word[0]] = [word, ]
 159
 160     return worddict
 161
 162
 163 def verbose_reports(length, numwords, wordfile):
 164     """
 165     Report entropy metrics based on word list and requested password size"
 166     """
 167
 168     bits = math.log(length, 2)
 169
 170     print("The supplied word list is located at %s."
 171           % os.path.abspath(wordfile))
 172
 173     if int(bits) == bits:
 174         print("Your word list contains %i words, or 2^%i words."
 175               % (length, bits))
 176     else:
 177         print("Your word list contains %i words, or 2^%0.2f words."
 178               % (length, bits))
 179
 180     print("A %i word password from this list will have roughly "
 181           "%i (%0.2f * %i) bits of entropy," %
 182           (numwords, int(bits * numwords), bits, numwords)),
 183     print("assuming truly random word selection.")
 184
 185
 186 def find_acrostic(acrostic, worddict):
 187     """
 188     Constrain choice of words to those beginning with the letters of the
 189     given word (acrostic).
 190     Second argument is a dictionary (output of wordlist_to_worddict)
 191     """
 192
 193     words = []
 194
 195     for letter in acrostic:
 196         try:
 197             words.append(rng().choice(worddict[letter]))
 198         except KeyError:
 199             sys.stderr.write("No words found starting with " + letter + "\n")
 200             sys.exit(1)
 201     return words
 202
 203
 204 def choose_words(wordlist, numwords):
 205     s = []
 206     for i in xrange(numwords):
 207         s.append(rng().choice(wordlist))
 208     return s
 209
 210 def generate_xkcdpassword(wordlist,
 211                           numwords=6,
 212                           interactive=False,
 213                           acrostic=False,
 214                           delimiter=" "):
 215     """
 216     Generate an XKCD-style password from the words in wordlist.
 217     """
 218
 219     passwd = False
 220
 221     # generate the worddict if we are looking for acrostics
 222     if acrostic:
 223         worddict = wordlist_to_worddict(wordlist)
 224
 225     # useful if driving the logic from other code
 226     if not interactive:
 227         if not acrostic:
 228             passwd = delimiter.join(choose_words(wordlist, numwords))
 229         else:
 230             passwd = delimiter.join(find_acrostic(acrostic, worddict))
 231
 232         return passwd
 233
 234     # else, interactive session
 235     if not acrostic:
 236         custom_n_words = raw_input("Enter number of words (default 6): ")
 237
 238         if custom_n_words:
 239             numwords = int(custom_n_words)
 240     else:
 241         numwords = len(acrostic)
 242
 243     accepted = "n"
 244
 245     while accepted.lower() not in ["y", "yes"]:
 246         if not acrostic:
 247             passwd = delimiter.join(choose_words(wordlist, numwords))
 248         else:
 249             passwd = delimiter.join(find_acrostic(acrostic, worddict))
 250         print("Generated: ", passwd)
 251         accepted = raw_input("Accept? [yN] ")
 252
 253     return passwd
 254
 255
 256 def main():
 257     count = 1
 258     usage = "usage: %prog [options]"
 259     parser = optparse.OptionParser(usage)
 260
 261     parser.add_option(
 262         "-w", "--wordfile",
 263         dest="wordfile", default=None, metavar="WORDFILE",
 264         help=(
 265             "Specify that the file WORDFILE contains the list of valid words"
 266             " from which to generate passphrases."))
 267     parser.add_option(
 268         "--min",
 269         dest="min_length", type="int", default=5, metavar="MIN_LENGTH",
 270         help="Generate passphrases containing at least MIN_LENGTH words.")
 271     parser.add_option(
 272         "--max",
 273         dest="max_length", type="int", default=9, metavar="MAX_LENGTH",
 274         help="Generate passphrases containing at most MAX_LENGTH words.")
 275     parser.add_option(
 276         "-n", "--numwords",
 277         dest="numwords", type="int", default=6, metavar="NUM_WORDS",
 278         help="Generate passphrases containing exactly NUM_WORDS words.")
 279     parser.add_option(
 280         "-i", "--interactive",
 281         action="store_true", dest="interactive", default=False,
 282         help=(
 283             "Generate and output a passphrase, query the user to accept it,"
 284             " and loop until one is accepted."))
 285     parser.add_option(
 286         "-v", "--valid_chars",
 287         dest="valid_chars", default=".", metavar="VALID_CHARS",
 288         help=(
 289             "Limit passphrases to only include words matching the regex"
 290             " pattern VALID_CHARS (e.g. '[a-z]')."))
 291     parser.add_option(
 292         "-V", "--verbose",
 293         action="store_true", dest="verbose", default=False,
 294         help="Report various metrics for given options.")
 295     parser.add_option(
 296         "-a", "--acrostic",
 297         dest="acrostic", default=False,
 298         help="Generate passphrases with an acrostic matching ACROSTIC.")
 299     parser.add_option(
 300         "-c", "--count",
 301         dest="count", type="int", default=1, metavar="COUNT",
 302         help="Generate COUNT passphrases.")
 303     parser.add_option(
 304         "-d", "--delimiter",
 305         dest="delimiter", default=" ", metavar="DELIM",
 306         help="Separate words within a passphrase with DELIM.")
 307
 308     (options, args) = parser.parse_args()
 309     validate_options(parser, options, args)
 310
 311     my_wordlist = generate_wordlist(wordfile=options.wordfile,
 312                                     min_length=options.min_length,
 313                                     max_length=options.max_length,
 314                                     valid_chars=options.valid_chars)
 315
 316     if options.verbose:
 317         verbose_reports(len(my_wordlist),
 318                         options.numwords,
 319                         options.wordfile)
 320
 321     count = options.count
 322     while count > 0:
 323         print(generate_xkcdpassword(my_wordlist,
 324                                     interactive=options.interactive,
 325                                     numwords=options.numwords,
 326                                     acrostic=options.acrostic,
 327                                     delimiter=options.delimiter))
 328         count -= 1
 329
 330
 331 if __name__ == '__main__':
 332     main()