Minor code cleanups and updated README to reflect #27

This commit is contained in:
Winni Neessen 2021-09-23 15:48:03 +02:00
parent 6d17f5fd72
commit aeb278355c
6 changed files with 58 additions and 5 deletions

View file

@ -5,7 +5,12 @@
</component> </component>
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="e32960c0-29e5-4669-9fc2-ef12314486ce" name="Changes" comment="Added pronounceable passwords #27"> <list default="true" id="e32960c0-29e5-4669-9fc2-ef12314486ce" name="Changes" comment="Added pronounceable passwords #27">
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/README.md" beforeDir="false" afterPath="$PROJECT_DIR$/README.md" afterDir="false" />
<change beforePath="$PROJECT_DIR$/chars/chars.go" beforeDir="false" afterPath="$PROJECT_DIR$/chars/chars.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/chars/koremutake.go" beforeDir="false" afterPath="$PROJECT_DIR$/chars/koremutake.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/cmd/apg/apg.go" beforeDir="false" afterPath="$PROJECT_DIR$/cmd/apg/apg.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/cmd/apg/apg.go" beforeDir="false" afterPath="$PROJECT_DIR$/cmd/apg/apg.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/cmd/apg/apg_test.go" beforeDir="false" afterPath="$PROJECT_DIR$/cmd/apg/apg_test.go" afterDir="false" />
</list> </list>
<option name="SHOW_DIALOG" value="false" /> <option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" /> <option name="HIGHLIGHT_CONFLICTS" value="true" />
@ -48,7 +53,7 @@
<property name="go.modules.go.list.on.any.changes.was.set" value="true" /> <property name="go.modules.go.list.on.any.changes.was.set" value="true" />
<property name="go.sdk.automatically.set" value="true" /> <property name="go.sdk.automatically.set" value="true" />
<property name="last_opened_file_path" value="$USER_HOME$" /> <property name="last_opened_file_path" value="$USER_HOME$" />
<property name="settings.editor.selected.configurable" value="go.vgo" /> <property name="settings.editor.selected.configurable" value="go.sdk" />
</component> </component>
<component name="RunManager"> <component name="RunManager">
<configuration name="Test Application" type="GoTestRunConfiguration" factoryName="Go Test"> <configuration name="Test Application" type="GoTestRunConfiguration" factoryName="Go Test">

View file

@ -8,8 +8,8 @@ which hasn't been maintained since 2003. Since more and more Unix distributions
looking for an alternative. FreeBSD for example recommends "security/makepasswd", which is written in Perl looking for an alternative. FreeBSD for example recommends "security/makepasswd", which is written in Perl
but requires a lot of dependency packages and doesn't offer the feature-set/flexibility of APG. but requires a lot of dependency packages and doesn't offer the feature-set/flexibility of APG.
Since FIPS-181 (pronouncable passwords) has been withdrawn in 2015, I didn't see any use in replicating that Since FIPS-181 (pronouncable passwords) has been withdrawn in 2015, apg-go does not follow this standard. Instead
feature. Therfore apg-go does not support pronouncable passwords. it implements the [Koremutake Syllables System](https://shorl.com/koremutake.php) in its pronouncable password mode.
## Installation ## Installation
### Ports/Packages ### Ports/Packages
@ -175,6 +175,38 @@ $ ./apg-go -n 1 -M LUSN -H -E : -l
fUTDKeFsU+zn3r= (foxtrot/Uniform/Tango/Delta/Kilo/echo/Foxtrot/sierra/Uniform/PLUS_SIGN/zulu/november/THREE/romeo/EQUAL_SIGN) fUTDKeFsU+zn3r= (foxtrot/Uniform/Tango/Delta/Kilo/echo/Foxtrot/sierra/Uniform/PLUS_SIGN/zulu/november/THREE/romeo/EQUAL_SIGN)
``` ```
### Pronouncable passwords
Since v0.4.0 apg-go supports pronouncable passwords, anologous to the original c-apg using the `-a 0`
flag. The original c-apg implemented FIPS-181, which was withdrawn in 2015 for generating pronouncable
passwords. Since the standard is not recommended anymore, `apg-go` instead make use of the
[Koremutake Syllables System](https://shorl.com/koremutake.php). Similar to the original apg, `agp-go`
will automatically randomly add special characters and number (from the human-readable pool) to each
generated pronouncable password. Additionally it will perform a "coinflip" for each Koremutake syllable
and decided if it should switch the case of one of the characters to an upper-case character.
Using the `-t` parameter, `apg-go` will display a spelled out version of the pronouncable password, where
each syllable or number/special character is seperated with a "-" (dash) and if the syllable is not a
Koremutake syllable the character will be spelled out the same was as with activated `-l` in the
non-pronouncable password mode (`-a 1`).
**Note on password length**: The `-m` and `-x` parameters will work in prouncable password mode, but
please keep in mind, that due to the nature how syllables work, your generated password might exceed
the desired length by one complete (which can be up to 3 characters long).
**Security consideration:** Please keep in mind, that pronouncable passwords are less secure then truly
randomly created passwords, due to the nature how syllables work. As a rule of thumb, it is recommended
to multiply the length of your generated pronouncable passwords by at least 1.5 times, compared to truly
randomly generated passwords. It might also be helpful to run the pronoucable password mode with enabled
"HIBP" flag, so that each generated password is automatically checked against "Have I Been Pwned"
database.
```shell
$ ./apg-go -a 0 -n 1
KebrutinernMy
$ ./apg-go -a 0 -n 1 -m 15 -x 15 -t
pEnbocydrageT*En (pEn-bo-cy-dra-geT-ASTERISK-En)
```
### Have I Been Pwned ### Have I Been Pwned
Even though, the passwords that apg-go generated for you, are secure, there is a minimal chance, that Even though, the passwords that apg-go generated for you, are secure, there is a minimal chance, that
someone on the planet used exactly the same password before and that this person was part of an someone on the planet used exactly the same password before and that this person was part of an

View file

@ -5,13 +5,28 @@ import (
"regexp" "regexp"
) )
// PwLowerCharsHuman is the range of lower-case characters in human-readable mode
const PwLowerCharsHuman string = "abcdefghjkmnpqrstuvwxyz" const PwLowerCharsHuman string = "abcdefghjkmnpqrstuvwxyz"
// PwUpperCharsHuman is the range of upper-case characters in human-readable mode
const PwUpperCharsHuman string = "ABCDEFGHJKMNPQRSTUVWXYZ" const PwUpperCharsHuman string = "ABCDEFGHJKMNPQRSTUVWXYZ"
// PwLowerChars is the range of lower-case characters
const PwLowerChars string = "abcdefghijklmnopqrstuvwxyz" const PwLowerChars string = "abcdefghijklmnopqrstuvwxyz"
// PwUpperChars is the range of upper-case characters
const PwUpperChars string = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" const PwUpperChars string = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
// PwSpecialCharsHuman is the range of special characters in human-readable mode
const PwSpecialCharsHuman string = "\"#%*+-/:;=\\_|~" const PwSpecialCharsHuman string = "\"#%*+-/:;=\\_|~"
// PwSpecialChars is the range of special characters
const PwSpecialChars string = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" const PwSpecialChars string = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
// PwNumbersHuman is the range of numbers in human-readable mode
const PwNumbersHuman string = "23456789" const PwNumbersHuman string = "23456789"
// PwNumbers is the range of numbers
const PwNumbers string = "1234567890" const PwNumbers string = "1234567890"
// GetRange provides the range of available characters based on configured parameters // GetRange provides the range of available characters based on configured parameters

View file

@ -1,6 +1,6 @@
package chars package chars
// KoremutakeSyllables is a slightly modified Koremutake syllabels list based on // KoremutakeSyllables is a slightly modified Koremutake syllables list based on
// the mechanism described on https://shorl.com/koremutake.php // the mechanism described on https://shorl.com/koremutake.php
var KoremutakeSyllables = []string{"ba", "be", "bi", "bo", "bu", "by", "da", "de", "di", var KoremutakeSyllables = []string{"ba", "be", "bi", "bo", "bu", "by", "da", "de", "di",
"do", "du", "dy", "fe", "fi", "fo", "fu", "fy", "ga", "ge", "gi", "go", "gu", "do", "du", "dy", "fe", "fi", "fo", "fu", "fy", "ga", "ge", "gi", "go", "gu",

View file

@ -14,6 +14,7 @@ import (
"time" "time"
) )
// VersionString represents the current version of the apg-go CLI
const VersionString string = "0.4.0-dev" const VersionString string = "0.4.0-dev"
// Help text // Help text

View file

@ -10,7 +10,7 @@ import (
var cfgObj config.Config var cfgObj config.Config
// Make sure the flags are initalized // Make sure the flags are initialized
var _ = func() bool { var _ = func() bool {
testing.Init() testing.Init()
cfgObj = config.New() cfgObj = config.New()