1 /* 2 * Copyright (c) 2000-2002,2005,2008 by Solar Designer. See LICENSE. 3 */ 4 5 #include <stdio.h> 6 #include <string.h> 7 #include <unistd.h> 8 #include <errno.h> 9 #include <fcntl.h> 10 11 #include "passwdqc.h" 12 13 /* 14 * We separate words in the generated "passphrases" with random special 15 * characters out of a set of 8 (so we encode 3 bits per separator 16 * character). To enable the use of our "passphrases" within FTP URLs 17 * (and similar), we pick characters that are defined by RFC 3986 as 18 * being safe within "userinfo" part of URLs without encoding and 19 * without having a special meaning. Out of those, we avoid characters 20 * that are visually ambiguous or difficult over the phone. This 21 * happens to leave us with exactly 8 characters. 22 */ 23 #define SEPARATORS "-_!$&*+=" 24 25 static int read_loop(int fd, unsigned char *buffer, int count) 26 { 27 int offset, block; 28 29 offset = 0; 30 while (count > 0) { 31 block = read(fd, &buffer[offset], count); 32 33 if (block < 0) { 34 if (errno == EINTR) continue; 35 return block; 36 } 37 if (!block) return offset; 38 39 offset += block; 40 count -= block; 41 } 42 43 return offset; 44 } 45 46 char *_passwdqc_random(passwdqc_params_t *params) 47 { 48 static char output[0x100]; 49 int bits; 50 int use_separators, count, i; 51 unsigned int length, extra; 52 char *start, *end; 53 int fd; 54 unsigned char bytes[2]; 55 56 bits = params->random_bits; 57 if (bits < 24 || bits > 128) 58 return NULL; 59 60 count = 1 + (bits + (14 - 12)) / 15; 61 use_separators = ((bits + 11) / 12 != count); 62 63 length = count * 7 - 1; 64 if (length >= sizeof(output) || (int)length > params->max) 65 return NULL; 66 67 if ((fd = open("/dev/urandom", O_RDONLY)) < 0) return NULL; 68 69 length = 0; 70 do { 71 if (read_loop(fd, bytes, sizeof(bytes)) != sizeof(bytes)) { 72 close(fd); 73 return NULL; 74 } 75 76 i = (((int)bytes[1] & 0x0f) << 8) | (int)bytes[0]; 77 start = _passwdqc_wordset_4k[i]; 78 end = memchr(start, '\0', 6); 79 if (!end) end = start + 6; 80 extra = end - start; 81 if (length + extra >= sizeof(output) - 1) { 82 close(fd); 83 return NULL; 84 } 85 memcpy(&output[length], start, extra); 86 length += extra; 87 bits -= 12; 88 89 if (use_separators && bits > 3) { 90 i = ((int)bytes[1] & 0x70) >> 4; 91 output[length++] = SEPARATORS[i]; 92 bits -= 3; 93 } else 94 if (bits > 0) 95 output[length++] = ' '; 96 } while (bits > 0); 97 98 memset(bytes, 0, sizeof(bytes)); 99 output[length] = '\0'; 100 101 close(fd); 102 103 return output; 104 } 105