1 /* simple password generator by Nelson Minar (minar@reed.edu)
2 ** copyright 1991, all rights reserved.
3 ** You can use this code as long as my name stays with it.
5 ** md5 patch by W. Campbell <wcampbel@botbay.net>
6 ** Modernization, getopt, etc for the Hybrid IRCD team
9 ** /dev/random for salt generation added by
10 ** Aaron Sethman <androsyn@ratbox.org>
19 #define FLAG_MD5 0x00000001
20 #define FLAG_DES 0x00000002
21 #define FLAG_SALT 0x00000004
22 #define FLAG_PASS 0x00000008
23 #define FLAG_LENGTH 0x00000010
24 #define FLAG_BLOWFISH 0x00000020
25 #define FLAG_ROUNDS 0x00000040
26 #define FLAG_EXT 0x00000080
28 extern char *getpass();
31 static char *make_des_salt(void);
32 static char *make_ext_salt(int);
33 static char *make_ext_salt_para(int, char *);
34 static char *make_md5_salt(int);
35 static char *make_md5_salt_para(char *);
36 static char *make_bf_salt(int, int);
37 static char *make_bf_salt_para(int, char *);
38 static char *int_to_base64(int);
39 static char *generate_random_salt(char *, int);
40 static char *generate_poor_salt(char *, int);
42 static void full_usage(void);
43 static void brief_usage(void);
45 static char saltChars
[] =
46 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
47 /* 0 .. 63, ascii - 64 */
51 int main(int argc
, char *argv
[])
53 char *plaintext
= NULL
;
55 char *saltpara
= NULL
;
58 int length
= 0; /* Not Set */
59 int rounds
= 0; /* Not set, since extended DES needs 25 and blowfish needs
60 ** 4 by default, a side effect of this being the encryption
61 ** type parameter must be specified before the rounds
65 while( (c
=getopt(argc
, argv
, "mdber:h?l:s:p:")) != -1)
76 flag
|= FLAG_BLOWFISH
;
85 length
= atoi(optarg
);
89 rounds
= atoi(optarg
);
108 printf("Invalid Option: -%c\n", c
);
117 if (flag
& FLAG_SALT
)
118 salt
= make_md5_salt_para(saltpara
);
120 salt
= make_md5_salt(length
);
122 else if (flag
& FLAG_BLOWFISH
)
126 if (flag
& FLAG_SALT
)
127 salt
= make_bf_salt_para(rounds
, saltpara
);
129 salt
= make_bf_salt(rounds
, length
);
131 else if (flag
& FLAG_EXT
)
133 /* XXX - rounds needs to be done */
134 if (flag
& FLAG_SALT
)
136 if ((strlen(saltpara
) == 4))
138 salt
= make_ext_salt_para(rounds
, saltpara
);
142 printf("Invalid salt, please enter 4 alphanumeric characters\n");
148 salt
= make_ext_salt(rounds
);
153 if (flag
& FLAG_SALT
)
155 if ((strlen(saltpara
) == 2))
161 printf("Invalid salt, please enter 2 alphanumeric characters\n");
167 salt
= make_des_salt();
171 if (flag
& FLAG_PASS
)
174 printf("Please enter a valid password\n");
178 plaintext
= getpass("plaintext: ");
181 printf("%s\n", crypt(plaintext
, salt
));
185 static char *make_des_salt()
188 generate_random_salt(salt
, 2);
193 char *int_to_base64(int value
)
198 for (i
= 0; i
< 4; i
++)
200 buf
[i
] = saltChars
[value
& 63];
201 value
>>= 6; /* Right shifting 6 places is the same as dividing by 64 */
204 buf
[i
] = '\0'; /* not REALLY needed as it's static, and thus initialized
210 char *make_ext_salt(int rounds
)
212 static char salt
[10];
214 sprintf(salt
, "_%s", int_to_base64(rounds
));
215 generate_random_salt(&salt
[5], 4);
220 char *make_ext_salt_para(int rounds
, char *saltpara
)
222 static char salt
[10];
224 sprintf(salt
, "_%s%s", int_to_base64(rounds
), saltpara
);
228 char *make_md5_salt_para(char *saltpara
)
230 static char salt
[21];
231 if (saltpara
&& (strlen(saltpara
) <= 16))
233 /* sprintf used because of portability requirements, the length
234 ** is checked above, so it should not be too much of a concern
236 sprintf(salt
, "$1$%s$", saltpara
);
239 printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
246 char *make_md5_salt(int length
)
248 static char salt
[21];
251 printf("MD5 salt length too long\n");
257 generate_random_salt(&salt
[3], length
);
258 salt
[length
+3] = '$';
259 salt
[length
+4] = '\0';
263 char *make_bf_salt_para(int rounds
, char *saltpara
)
265 static char salt
[31];
267 if (saltpara
&& (strlen(saltpara
) <= 22))
269 /* sprintf used because of portability requirements, the length
270 ** is checked above, so it should not be too much of a concern
272 sprintf(tbuf
, "%02d", rounds
);
273 sprintf(salt
, "$2a$%s$%s$", tbuf
, saltpara
);
276 printf("Invalid Salt, please use up to 22 random alphanumeric characters\n");
283 char *make_bf_salt(int rounds
, int length
)
285 static char salt
[31];
289 printf("BlowFish salt length too long\n");
292 sprintf(tbuf
, "%02d", rounds
);
293 sprintf(salt
, "$2a$%s$", tbuf
);
294 generate_random_salt(&salt
[7], length
);
295 salt
[length
+7] = '$';
296 salt
[length
+8] = '\0';
300 char *generate_poor_salt(char *salt
, int length
)
304 for(i
= 0; i
< length
; i
++)
306 salt
[i
] = saltChars
[random() % 64];
311 char *generate_random_salt(char *salt
, int length
)
315 if((fd
= open("/dev/random", O_RDONLY
)) < 0)
317 return(generate_poor_salt(salt
, length
));
319 buf
= calloc(1, length
);
320 if(read(fd
, buf
, length
) != length
)
323 return(generate_poor_salt(salt
, length
));
326 for(i
= 0; i
< length
; i
++)
328 salt
[i
] = saltChars
[abs(buf
[i
]) % 64];
336 printf("mkpasswd [-m|-d|-b|-e] [-l saltlength] [-r rounds] [-s salt] [-p plaintext]\n");
337 printf("-m Generate an MD5 password\n");
338 printf("-d Generate a DES password\n");
339 printf("-b Generate a BlowFish password\n");
340 printf("-e Generate an Extended DES password\n");
341 printf("-l Specify a length for a random MD5 or BlowFish salt\n");
342 printf("-r Specify a number of rounds for a BlowFish or Extended DES password\n");
343 printf(" BlowFish: default 4, no more than 6 recommended\n");
344 printf(" Extended DES: default 25\n");
345 printf("-s Specify a salt, 2 alphanumeric characters for DES, up to 16 for MD5,\n");
346 printf(" up to 22 for BlowFish, and 4 for Extended DES\n");
347 printf("-p Specify a plaintext password to use\n");
348 printf("Example: mkpasswd -m -s 3dr -p test\n");
354 printf("mkpasswd - password hash generator\n");
355 printf("Standard DES: mkpasswd [-d] [-s salt] [-p plaintext]\n");
356 printf("Extended DES: mkpasswd -e [-r rounds] [-s salt] [-p plaintext]\n");
357 printf(" MD5: mkpasswd -m [-l saltlength] [-s salt] [-p plaintext]\n");
358 printf(" BlowFish: mkpasswd -b [-r rounds] [-l saltlength] [-s salt]\n");
359 printf(" [-p plaintext]\n");
360 printf("Use -h for full usage\n");