SHOW:
|
|
- or go back to the newest paste.
1 | /* Secure random password generation via /dev/random */ | |
2 | /* James Hess Copyright (C) 2011, 2012; All Rights Reserved */ | |
3 | ||
4 | #include <stdio.h> | |
5 | #include <unistd.h> | |
6 | #include <string.h> | |
7 | #include <stdlib.h> | |
8 | #include <time.h> | |
9 | #include <sys/time.h> | |
10 | ||
11 | /* Number of entropy buffers to require for each byte of secret generated (More = longer wait) */ | |
12 | #define _EXTRA_ITERATIONS 3 | |
13 | - | char buf[1024] = "", junk[80], *f; /* Buffer to read file data into */ |
13 | + | |
14 | /* Number bytes entropy to require for 1 iteration on each byte of secret generated (More = longer wait) */ | |
15 | #define _ENTROPY_BUFSIZE 8 | |
16 | - | int bufsize = sizeof(buf), passlen = 15; |
16 | + | |
17 | /* You should replace this with a system-specific value*/ | |
18 | - | clock_t cl1 = clock(), cl2 = 0; |
18 | + | static char _EXTRA_SECRET[] = "fido&9uct>_^/38:u{E$43ikOrQS{R9ln2L/f]cqlr1ce9-MviXIWn4dk[nBv2<xu\"kiL!xY;Ps5ez&Ec8^*^P[]I8nQeu12xk*lys69L-Tfi8lRmx1]]/a|"; |
19 | - | |
19 | + | |
20 | int main(argc,argv) | |
21 | int argc; char *argv[]; | |
22 | - | int repeats = 30; |
22 | + | |
23 | char buf[_ENTROPY_BUFSIZE] = "", junk[80], *f; /* Buffer to read file data into */ | |
24 | ||
25 | /* Buffer size, default password length */ | |
26 | int bufsize = sizeof(buf), passlen = 15, m; | |
27 | struct timeval tv1, tv2; | |
28 | clock_t cl1 = clock(), cl2 = 0, cl3=0; | |
29 | ||
30 | /* Repeat XOR this many random values per password character */ | |
31 | int repeats = _EXTRA_ITERATIONS; | |
32 | ||
33 | /* List of characters to use in passwords */ | |
34 | //char maptop[] = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-.,/~!#$%^&*()+=[]{}|;:\"<>/"; | |
35 | //char maptop[] = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; | |
36 | char maptop[] = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; | |
37 | int maptop_size = sizeof maptop; | |
38 | ||
39 | unsigned char random_byteval; | |
40 | int i, j, k; | |
41 | ||
42 | /* Open /dev/random */ | |
43 | FILE* fp = fopen("/dev/random","r"); | |
44 | ||
45 | if (argv && argc > 1 && argv[1] && (j = atoi(argv[1])) && 0 < passlen ) | |
46 | passlen = j; | |
47 | ||
48 | - | for (f = (char *)&cl1; f < ( sizeof(clock_t) + (char *)&cl1); f++, random_byteval ^= (*f) ) ; |
48 | + | if (fread(buf, bufsize, 1, fp) < 1 ) { |
49 | - | for (f = (char *)&cl2; f < ( sizeof(clock_t) + (char *)&cl2); f++, random_byteval ^= (*f) ) ; |
49 | + | perror("fread"); |
50 | - | for (f = (char *)&tv1; f < ((char *)&tv1 + sizeof(struct timeval)); f++, random_byteval ^= (*f)); |
50 | + | return 1; |
51 | - | for (f = (char *)&tv2; f < ( (char *)&tv2 + sizeof(struct timeval)); f++, random_byteval ^= (*f) ); |
51 | + | } |
52 | ||
53 | gettimeofday(&tv1, NULL); | |
54 | puts("Press [ENTER] to continue"); | |
55 | fgets(junk, 10, stdin); | |
56 | gettimeofday(&tv2, NULL); | |
57 | cl2 = clock(); | |
58 | ||
59 | - | random_byteval ^= buf[j]; |
59 | + | for(m = 4; m < bufsize; m++) |
60 | buf[(m - 4)%4] ^= buf[m]; | |
61 | ||
62 | cl3 = cl2 - cl1 + time(0); | |
63 | for (i = 0, f = (char *)&cl3; f < ( sizeof(clock_t) + (char *)&cl3); buf[i] ^= (*f), i++, f++ ) ; | |
64 | ||
65 | srandom( buf[0] | (buf[1] << 8) | (buf[2] << 16) || (buf[3] << 24) ); | |
66 | ||
67 | ||
68 | if (fp) { | |
69 | for(i = 0; i < passlen; i++) { | |
70 | cl3 = clock() - cl3; | |
71 | for (f = (char *)&cl1; f < ( sizeof(clock_t) + (char *)&cl1); random_byteval ^= (*f), f++ ) ; | |
72 | for (f = (char *)&cl2; f < ( sizeof(clock_t) + (char *)&cl2); random_byteval ^= (*f), f++ ) ; | |
73 | for (f = (char *)&cl3; f < ( sizeof(clock_t) + (char *)&cl3); random_byteval ^= (*f), f++ ) ; | |
74 | for (f = (char *)&tv1; f < ((char *)&tv1 + sizeof(struct timeval)); random_byteval ^= (*f), f++ ) ; | |
75 | for (f = (char *)&tv2; f < ( (char *)&tv2 + sizeof(struct timeval)); random_byteval ^= (*f), f++ ) ; | |
76 | ||
77 | /* Read in that a buffer full of random bytes, and XOR each byte together */ | |
78 | /* repeat 'repeats' time, for each password character to be generated */ | |
79 | ||
80 | for(k = 0; k < repeats; k++) { | |
81 | if ( fread(buf, bufsize, 1, fp) >= 1 ) { | |
82 | for(j = 0; j < sizeof(_EXTRA_SECRET); j++) | |
83 | random_byteval ^= _EXTRA_SECRET[j] ^ (char)random(); | |
84 | ||
85 | for(j = 0 ; j < bufsize ; j++) { | |
86 | random_byteval ^= buf[j] ^ (char)random(); | |
87 | } | |
88 | } else { | |
89 | perror("fread"); | |
90 | exit(0); | |
91 | } | |
92 | } | |
93 | ||
94 | /* pick a password character in the chosen character set. */ | |
95 | printf("%c", maptop[ random_byteval % maptop_size ] ); | |
96 | ||
97 | } | |
98 | } else perror("fopen"); | |
99 | ||
100 | memset(_EXTRA_SECRET, 0, sizeof(_EXTRA_SECRET)); | |
101 | memset(buf, 0, sizeof(buf)); | |
102 | srandom(0); | |
103 | random_byteval = 0; | |
104 | cl1 = cl2 = cl3 = 0; | |
105 | memset(&tv1, 0, sizeof(struct timeval) ); | |
106 | memset(&tv2, 0, sizeof(struct timeval) ); | |
107 | puts(""); | |
108 | puts("Press [ENTER] to clear screen"); | |
109 | fgets(junk, 10, stdin); | |
110 | printf("\e[H\e[J\nDone.\n"); | |
111 | ||
112 | puts(""); | |
113 | } | |
114 | ||
115 | /* | |
116 | Copyright (c) 2013 James Hess | |
117 | All rights reserved. | |
118 | ||
119 | Redistribution and use in source and binary forms, with or without | |
120 | modification, are permitted provided that the following conditions are met: | |
121 | 1. Redistributions of source code must retain the above copyright | |
122 | notice, this list of conditions and the following disclaimer. | |
123 | 2. Redistributions in binary form must reproduce the above copyright | |
124 | notice, this list of conditions and the following disclaimer in the | |
125 | documentation and/or other materials provided with the distribution. | |
126 | 3. All advertising materials mentioning features or use of this software | |
127 | must display the following acknowledgement: | |
128 | This product includes software developed by James Hess. | |
129 | 4. Neither the name of the organization nor the | |
130 | names of its contributors may be used to endorse or promote products | |
131 | derived from this software without specific prior written permission. | |
132 | ||
133 | THIS SOFTWARE IS PROVIDED ''AS IS'' AND ANY | |
134 | EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
135 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
136 | DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY | |
137 | DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
138 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
139 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | |
140 | ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
141 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | |
142 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
143 | */ |