ispfw.4: Remove extra .Pp
[dragonfly.git] / contrib / pam_passwdqc / passwdqc_random.c
blob4183cf6bbfc68f143db4094a32712dbd7349ca94
1 /*
2 * Copyright (c) 2000-2002,2005,2008 by Solar Designer. See LICENSE.
3 */
5 #include <stdio.h>
6 #include <string.h>
7 #include <unistd.h>
8 #include <errno.h>
9 #include <fcntl.h>
11 #include "passwdqc.h"
14 * We separate words in the generated "passphrases" with random special
15 * characters out of a set of 8 (so we encode 3 bits per separator
16 * character). To enable the use of our "passphrases" within FTP URLs
17 * (and similar), we pick characters that are defined by RFC 3986 as
18 * being safe within "userinfo" part of URLs without encoding and
19 * without having a special meaning. Out of those, we avoid characters
20 * that are visually ambiguous or difficult over the phone. This
21 * happens to leave us with exactly 8 characters.
23 #define SEPARATORS "-_!$&*+="
25 static int read_loop(int fd, unsigned char *buffer, int count)
27 int offset, block;
29 offset = 0;
30 while (count > 0) {
31 block = read(fd, &buffer[offset], count);
33 if (block < 0) {
34 if (errno == EINTR) continue;
35 return block;
37 if (!block) return offset;
39 offset += block;
40 count -= block;
43 return offset;
46 char *_passwdqc_random(passwdqc_params_t *params)
48 static char output[0x100];
49 int bits;
50 int use_separators, count, i;
51 unsigned int length, extra;
52 char *start, *end;
53 int fd;
54 unsigned char bytes[2];
56 bits = params->random_bits;
57 if (bits < 24 || bits > 128)
58 return NULL;
60 count = 1 + (bits + (14 - 12)) / 15;
61 use_separators = ((bits + 11) / 12 != count);
63 length = count * 7 - 1;
64 if (length >= sizeof(output) || (int)length > params->max)
65 return NULL;
67 if ((fd = open("/dev/urandom", O_RDONLY)) < 0) return NULL;
69 length = 0;
70 do {
71 if (read_loop(fd, bytes, sizeof(bytes)) != sizeof(bytes)) {
72 close(fd);
73 return NULL;
76 i = (((int)bytes[1] & 0x0f) << 8) | (int)bytes[0];
77 start = _passwdqc_wordset_4k[i];
78 end = memchr(start, '\0', 6);
79 if (!end) end = start + 6;
80 extra = end - start;
81 if (length + extra >= sizeof(output) - 1) {
82 close(fd);
83 return NULL;
85 memcpy(&output[length], start, extra);
86 length += extra;
87 bits -= 12;
89 if (use_separators && bits > 3) {
90 i = ((int)bytes[1] & 0x70) >> 4;
91 output[length++] = SEPARATORS[i];
92 bits -= 3;
93 } else
94 if (bits > 0)
95 output[length++] = ' ';
96 } while (bits > 0);
98 memset(bytes, 0, sizeof(bytes));
99 output[length] = '\0';
101 close(fd);
103 return output;