1 /*
2  * Copyright (c) 2000-2002,2005,2008 by Solar Designer.  See LICENSE.
3  */
4 
5 #include <stdio.h>
6 #include <string.h>
7 #include <unistd.h>
8 #include <errno.h>
9 #include <fcntl.h>
10 
11 #include "passwdqc.h"
12 
13 /*
14  * We separate words in the generated "passphrases" with random special
15  * characters out of a set of 8 (so we encode 3 bits per separator
16  * character).  To enable the use of our "passphrases" within FTP URLs
17  * (and similar), we pick characters that are defined by RFC 3986 as
18  * being safe within "userinfo" part of URLs without encoding and
19  * without having a special meaning.  Out of those, we avoid characters
20  * that are visually ambiguous or difficult over the phone.  This
21  * happens to leave us with exactly 8 characters.
22  */
23 #define SEPARATORS			"-_!$&*+="
24 
25 static int read_loop(int fd, unsigned char *buffer, int count)
26 {
27 	int offset, block;
28 
29 	offset = 0;
30 	while (count > 0) {
31 		block = read(fd, &buffer[offset], count);
32 
33 		if (block < 0) {
34 			if (errno == EINTR) continue;
35 			return block;
36 		}
37 		if (!block) return offset;
38 
39 		offset += block;
40 		count -= block;
41 	}
42 
43 	return offset;
44 }
45 
46 char *_passwdqc_random(passwdqc_params_t *params)
47 {
48 	static char output[0x100];
49 	int bits;
50 	int use_separators, count, i;
51 	unsigned int length, extra;
52 	char *start, *end;
53 	int fd;
54 	unsigned char bytes[2];
55 
56 	bits = params->random_bits;
57 	if (bits < 24 || bits > 128)
58 		return NULL;
59 
60 	count = 1 + (bits + (14 - 12)) / 15;
61 	use_separators = ((bits + 11) / 12 != count);
62 
63 	length = count * 7 - 1;
64 	if (length >= sizeof(output) || (int)length > params->max)
65 		return NULL;
66 
67 	if ((fd = open("/dev/urandom", O_RDONLY)) < 0) return NULL;
68 
69 	length = 0;
70 	do {
71 		if (read_loop(fd, bytes, sizeof(bytes)) != sizeof(bytes)) {
72 			close(fd);
73 			return NULL;
74 		}
75 
76 		i = (((int)bytes[1] & 0x0f) << 8) | (int)bytes[0];
77 		start = _passwdqc_wordset_4k[i];
78 		end = memchr(start, '\0', 6);
79 		if (!end) end = start + 6;
80 		extra = end - start;
81 		if (length + extra >= sizeof(output) - 1) {
82 			close(fd);
83 			return NULL;
84 		}
85 		memcpy(&output[length], start, extra);
86 		length += extra;
87 		bits -= 12;
88 
89 		if (use_separators && bits > 3) {
90 			i = ((int)bytes[1] & 0x70) >> 4;
91 			output[length++] = SEPARATORS[i];
92 			bits -= 3;
93 		} else
94 		if (bits > 0)
95 			output[length++] = ' ';
96 	} while (bits > 0);
97 
98 	memset(bytes, 0, sizeof(bytes));
99 	output[length] = '\0';
100 
101 	close(fd);
102 
103 	return output;
104 }
105