galene/galene-password-generator/galene-password-generator.go

package main

import (
	"crypto/rand"
	"crypto/sha256"
	"encoding/hex"
	"encoding/json"
	"flag"
	"fmt"
	"log"
	"os"
	"strings"

	"golang.org/x/crypto/bcrypt"
	"golang.org/x/crypto/pbkdf2"

	"github.com/jech/galene/group"
)

func main() {
	var algorithm string
	var iterations int
	var cost int
	var length int
	var saltLen int
	var username string
	flag.StringVar(&username, "user", "",
		"generate entry for given `username`")
	flag.StringVar(&algorithm, "hash", "pbkdf2",
		"hashing `algorithm`")
	flag.IntVar(&iterations, "iterations", 4096,
		"`number` of iterations (pbkdf2)")
	flag.IntVar(&cost, "cost", bcrypt.DefaultCost,
		"`cost` (bcrypt)")
	flag.IntVar(&length, "key", 32, "key `length` (pbkdf2)")
	flag.IntVar(&saltLen, "salt", 8, "salt `length` (pbkdf2)")
	flag.Parse()

	if len(flag.Args()) == 0 {
		fmt.Fprintf(
			flag.CommandLine.Output(),
			"Usage: %s [option...] password...\n",
			os.Args[0])
		flag.PrintDefaults()
		os.Exit(2)
	}

	salt := make([]byte, saltLen)

	for _, pw := range flag.Args() {
		_, err := rand.Read(salt)
		if err != nil {
			log.Fatalf("Salt: %v", err)
		}
		var p group.Password
		if strings.EqualFold(algorithm, "pbkdf2") {
			key := pbkdf2.Key(
				[]byte(pw), salt, iterations, length, sha256.New,
			)
			p = group.Password{
				Type:       "pbkdf2",
				Hash:       "sha-256",
				Key:        hex.EncodeToString(key),
				Salt:       hex.EncodeToString(salt),
				Iterations: iterations,
			}
		} else if strings.EqualFold(algorithm, "bcrypt") {
			key, err := bcrypt.GenerateFromPassword(
				[]byte(pw), cost,
			)
			if err != nil {
				log.Fatalf("Couldn't hash password: %v", err)
			}

			p = group.Password{
				Type: "bcrypt",
				Key:  string(key),
			}
		} else {
			log.Fatalf("Unknown hash type %v", algorithm)
		}

		e := json.NewEncoder(os.Stdout)
		if username != "" {
			creds := group.ClientPattern{
				Username: username,
				Password: &p,
			}
			err = e.Encode(creds)
		} else {
			err = e.Encode(p)
		}
		if err != nil {
			log.Fatalf("Encode: %v", err)
		}
	}
}
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`package main`

			`import (`
			`"crypto/rand"`
			`"crypto/sha256"`
			`"encoding/hex"`
			`"encoding/json"`
			`"flag"`
Implement -user option in password generator. 2020-12-15 15:20:04 +01:00			`"fmt"`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`"log"`
			`"os"`
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00			`"strings"`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00			`"golang.org/x/crypto/bcrypt"`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`"golang.org/x/crypto/pbkdf2"`

Move to github. 2020-12-19 17:37:48 +01:00			`"github.com/jech/galene/group"`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`)`

			`func main() {`
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00			`var algorithm string`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`var iterations int`
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00			`var cost int`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`var length int`
			`var saltLen int`
Implement -user option in password generator. 2020-12-15 15:20:04 +01:00			`var username string`
			`flag.StringVar(&username, "user", "",`
			"generate entry for given `username`")
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00			`flag.StringVar(&algorithm, "hash", "pbkdf2",`
			"hashing `algorithm`")
			`flag.IntVar(&iterations, "iterations", 4096,`
			"`number` of iterations (pbkdf2)")
			`flag.IntVar(&cost, "cost", bcrypt.DefaultCost,`
			"`cost` (bcrypt)")
			flag.IntVar(&length, "key", 32, "key `length` (pbkdf2)")
			flag.IntVar(&saltLen, "salt", 8, "salt `length` (pbkdf2)")
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`flag.Parse()`

			`if len(flag.Args()) == 0 {`
Implement -user option in password generator. 2020-12-15 15:20:04 +01:00			`fmt.Fprintf(`
			`flag.CommandLine.Output(),`
			`"Usage: %s [option...] password...\n",`
			`os.Args[0])`
			`flag.PrintDefaults()`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`os.Exit(2)`
			`}`

			`salt := make([]byte, saltLen)`

			`for _, pw := range flag.Args() {`
			`_, err := rand.Read(salt)`
			`if err != nil {`
			`log.Fatalf("Salt: %v", err)`
			`}`
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00			`var p group.Password`
			`if strings.EqualFold(algorithm, "pbkdf2") {`
			`key := pbkdf2.Key(`
			`[]byte(pw), salt, iterations, length, sha256.New,`
			`)`
			`p = group.Password{`
			`Type: "pbkdf2",`
			`Hash: "sha-256",`
			`Key: hex.EncodeToString(key),`
			`Salt: hex.EncodeToString(salt),`
			`Iterations: iterations,`
			`}`
			`} else if strings.EqualFold(algorithm, "bcrypt") {`
			`key, err := bcrypt.GenerateFromPassword(`
			`[]byte(pw), cost,`
			`)`
			`if err != nil {`
			`log.Fatalf("Couldn't hash password: %v", err)`
			`}`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00			`p = group.Password{`
			`Type: "bcrypt",`
			`Key: string(key),`
			`}`
			`} else {`
			`log.Fatalf("Unknown hash type %v", algorithm)`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`}`
Add support for hashing password with BCrypt. 2023-11-23 13:57:37 +01:00
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`e := json.NewEncoder(os.Stdout)`
Implement -user option in password generator. 2020-12-15 15:20:04 +01:00			`if username != "" {`
Move password checking into group.go. It used to be delegated to clients. 2021-10-27 04:15:44 +02:00			`creds := group.ClientPattern{`
Implement -user option in password generator. 2020-12-15 15:20:04 +01:00			`Username: username,`
			`Password: &p,`
			`}`
			`err = e.Encode(creds)`
			`} else {`
			`err = e.Encode(p)`
			`}`
Implement hashed passwords. 2020-11-29 14:26:42 +01:00			`if err != nil {`
			`log.Fatalf("Encode: %v", err)`
			`}`
			`}`
			`}`