CryptoPassphrase  Check-in [617d8a7cfb]

Overview
Comment:Move actual password derivation to separate class
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 617d8a7cfbdb53246271b8a294260ee95cdcbef16e857e96e596a3da24e9700c
User & Date: js on 2016-10-03 11:40:54
Other Links: manifest | tags
Context
2016-10-08
12:24
Add a license check-in: 4772cb8670 user: js tags: trunk
2016-10-03
11:40
Move actual password derivation to separate class check-in: 617d8a7cfb user: js tags: trunk
2016-10-01
22:46
Initial commit check-in: 4364044864 user: js tags: trunk
Changes

Added LegacyPasswordGenerator.h version [e7a09ac297].

Added LegacyPasswordGenerator.m version [cc7dba9d4e].

Modified ScryptPWGen.m from [8240695fb9] to [c7a76473a8].

1
2
3
4
5

6
7
8
9
10
11
12
#include <string.h>

#include <unistd.h>

#import "ScryptPWGen.h"


OF_APPLICATION_DELEGATE(ScryptPWGen)

static void
showHelp(OFStream *output, bool verbose)
{
	[output writeFormat: @"Usage: %@ [-hlr] site\n",





>







1
2
3
4
5
6
7
8
9
10
11
12
13
#include <string.h>

#include <unistd.h>

#import "ScryptPWGen.h"
#import "LegacyPasswordGenerator.h"

OF_APPLICATION_DELEGATE(ScryptPWGen)

static void
showHelp(OFStream *output, bool verbose)
{
	[output writeFormat: @"Usage: %@ [-hlr] site\n",
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
		{ 'l', @"length", 1, NULL, &lengthStr },
		{ 'r', @"repeat", 0, &_repeat, NULL },
		{ '\0', nil, 0, NULL, NULL }
	};
	OFOptionsParser *optionsParser =
	    [OFOptionsParser parserWithOptions: options];
	of_unichar_t option;
	OFString *site, *prompt;
	char *passphrase;
	OFSHA256Hash *siteHash;
	unsigned char *output;

	while ((option = [optionsParser nextOption]) != '\0') {
		switch (option) {
		case 'h':
			showHelp(of_stdout, true);

			[OFApplication terminate];







|

|
<







31
32
33
34
35
36
37
38
39
40

41
42
43
44
45
46
47
		{ 'l', @"length", 1, NULL, &lengthStr },
		{ 'r', @"repeat", 0, &_repeat, NULL },
		{ '\0', nil, 0, NULL, NULL }
	};
	OFOptionsParser *optionsParser =
	    [OFOptionsParser parserWithOptions: options];
	of_unichar_t option;
	size_t length;
	char *passphrase;
	OFString *site, *prompt;


	while ((option = [optionsParser nextOption]) != '\0') {
		switch (option) {
		case 'h':
			showHelp(of_stdout, true);

			[OFApplication terminate];
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

117

118
119
120
121
122
123
124

125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142



143

144

145
146
147
148
			[OFApplication terminateWithStatus: 1];
			break;
		}
	}

	if (lengthStr != nil) {
		@try {
			_length = (size_t)[lengthStr decimalValue];

			if (_length < 3)
				@throw [OFInvalidFormatException exception];
		} @catch (OFInvalidFormatException *e) {
			[of_stderr writeFormat:
			    @"%@: Invalid length: %@\n",
			    [OFApplication programName], lengthStr];

			[OFApplication terminateWithStatus: 1];
		}
	} else
		_length = 16;


	if ([[optionsParser remainingArguments] count] != 1) {
		showHelp(of_stderr, false);

		[OFApplication terminateWithStatus: 1];
	}

	site = [[optionsParser remainingArguments] firstObject];
	siteHash = [OFSHA256Hash cryptoHash];
	[siteHash updateWithBuffer: [site UTF8String]
			    length: [site UTF8StringLength]];

	prompt = [OFString stringWithFormat: @"Passphrase for site \"%@\": ",
					     site];
	passphrase = getpass([prompt cStringWithEncoding:
	    [OFSystemInfo native8BitEncoding]]);

	output = [self allocMemoryWithSize: _length + 1];

	of_scrypt(8, 524288, 2, [siteHash digest],
	    [[siteHash class] digestSize], passphrase, strlen(passphrase),

	    output, _length);


	of_explicit_memset(passphrase, 0, strlen(passphrase));

	/*
	 * This has a bias, but is what scrypt-genpass does. This should be
	 * compatible to passwords generated by scrypt-genpass for now to allow
	 * an easy migration.

	 *
	 * This will be replaced with something better later on and the current
	 * code only available in legacy mode (which can be enabled using a
	 * flag).
	 */
	output[0] = "abcdefghijklmnopqrstuvwxyz"[output[0] % 26];
	output[1] = "0123456789"[output[1] % 10];
	output[2] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"[output[2] % 26];

	for (size_t i = 3; i < _length; i++)
		output[i] = "abcdefghijklmnopqrstuvwxyz"
		    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
		    "0123456789"[output[i] % (26 + 26 + 10)];

	output[_length] = '\n';

	[of_stdout writeBuffer: output
			length: _length + 1];





	of_explicit_memset(output, 0, _length + 1);


	[OFApplication terminate];
}
@end







|

|








<
<
>







<
<
<
<
<


<
<

<
|
<
<
>
|
>

|
|
<
<
<
|
>
|
<
<
<
<
<
<
<
|
<
<
<
<
|
|
|
|
|
>
>
>
|
>
|
>




76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93


94
95
96
97
98
99
100
101





102
103


104

105


106
107
108
109
110
111



112
113
114







115




116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
			[OFApplication terminateWithStatus: 1];
			break;
		}
	}

	if (lengthStr != nil) {
		@try {
			length = (size_t)[lengthStr decimalValue];

			if (length < 3)
				@throw [OFInvalidFormatException exception];
		} @catch (OFInvalidFormatException *e) {
			[of_stderr writeFormat:
			    @"%@: Invalid length: %@\n",
			    [OFApplication programName], lengthStr];

			[OFApplication terminateWithStatus: 1];
		}


	}

	if ([[optionsParser remainingArguments] count] != 1) {
		showHelp(of_stderr, false);

		[OFApplication terminateWithStatus: 1];
	}






	prompt = [OFString stringWithFormat: @"Passphrase for site \"%@\": ",
					     site];




	LegacyPasswordGenerator *generator =


	    [LegacyPasswordGenerator generator];
	generator.length = length;
	generator.site = [[optionsParser remainingArguments] firstObject];

	passphrase = getpass(
	    [prompt cStringWithEncoding: [OFSystemInfo native8BitEncoding]]);



	@try {
		generator.passphrase = passphrase;








		[generator derivePassword];




		@try {
			[of_stdout writeBuffer: generator.output
					length: generator.length];
			[of_stdout writeBuffer: "\n"
					length: 1];
		} @finally {
			of_explicit_memset(generator.output, 0,
			    generator.length);
		}
	} @finally {
		of_explicit_memset(passphrase, 0, strlen(passphrase));
	}

	[OFApplication terminate];
}
@end