wneessen/apg-go
1
1
Fork 0
mirror of https://github.com/wneessen/apg-go.git synced 2024-11-10 00:02:54 +01:00
Code Issues Projects Releases Packages Wiki Activity
apg-go/apg.go
Winni Neessen 5a29d4bc19
Added optional HIBP database check 
Even though the generated passwords are generated in a secure
way, there is a minimal chance, that the same password was used
by someone before and this password was part of a leak.

If you want to be on the safe side, you can now use the "-p"
parameter, to have your newly generated password against the
HIBP (https://haveibeenpwned.com) database. This feature is
disabled by default, since it requires internet access and also
the API call might take ~500ms to 1sec.
2021-04-29 12:22:10 +02:00

113 lines
3.4 KiB
Go
Raw Blame History

package main
import (
"flag"
"fmt"
"log"
"os"
)
// Constants
const DefaultMinLenght int = 12
const DefaultMaxLenght int = 20
const VersionString string = "0.3.2"
type Config struct {
minPassLen int
maxPassLen int
numOfPass int
useComplex bool
useLowerCase bool
useUpperCase bool
useNumber bool
useSpecial bool
humanReadable bool
checkHibp bool
excludeChars string
newStyleModes string
spellPassword bool
ShowHelp bool
showVersion bool
outputMode int
}
// Help text
const usage = `apg-go // A "Automated Password Generator"-clone
Copyright (c) 2021 Winni Neessen
apg [-m <length>] [-x <length>] [-L] [-U] [-N] [-S] [-H] [-C]
[-l] [-M mode] [-E char_string] [-n num_of_pass] [-v] [-h]
Options:
-m LENGTH Minimum length of the password to be generated (Default: 12)
-x LENGTH Maximum length of the password to be generated (Default: 20)
-n NUMBER Amount of password to be generated (Default: 6)
-E CHARS List of characters to be excluded in the generated password
-M [LUNSHClunshc] New style password parameters (upper case: on, lower case: off)
-L Use lower case characters in passwords (Default: on)
-U Use upper case characters in passwords (Default: on)
-N Use numeric characters in passwords (Default: on)
-S Use special characters in passwords (Default: off)
-H Avoid ambiguous characters in passwords (i. e.: 1, l, I, O, 0) (Default: off)
-C Enable complex password mode (implies -L -U -N -S and disables -H) (Default: off)
-l Spell generated passwords in phonetic alphabet (Default: off)
-p Check the HIBP database if the generated passwords was found in a leak before (Default: off)
'--> this feature requires internet connectivity
-h Show this help text
-v Show version string`
// Main function that generated the passwords and returns them
func main() {
// Log config
log.SetFlags(log.Ltime | log.Ldate | log.Lshortfile)
// Read and parse flags
flag.Usage = func() { _, _ = fmt.Fprintf(os.Stderr, "%s\n", usage) }
var config = parseFlags()
// Show version and exit
if config.showVersion {
_, _ = os.Stderr.WriteString(`apg-go // A "Automated Password Generator"-clone v` + VersionString + "\n")
_, _ = os.Stderr.WriteString("(C) 2021 by Winni Neessen\n")
os.Exit(0)
}
// Set PW length and available characterset
charRange := getCharRange(&config)
// Generate passwords
for i := 1; i <= config.numOfPass; i++ {
pwLength := getPwLengthFromParams(&config)
pwString, err := getRandChar(&charRange, pwLength)
if err != nil {
log.Fatalf("getRandChar returned an error: %q\n", err)
}
switch config.outputMode {
case 1:
{
spelledPw, err := spellPasswordString(pwString)
if err != nil {
log.Fatalf("spellPasswordString returned an error: %q\n", err.Error())
}
fmt.Printf("%v (%v)\n", pwString, spelledPw)
break
}
default:
{
fmt.Println(pwString)
break
}
}
if config.checkHibp {
isPwned, err := checkHibp(pwString)
if err != nil {
log.Printf("unable to check HIBP database: %v", err)
}
if isPwned {
fmt.Print("^-- !!WARNING: The previously generated password was found in HIPB database. Do not use it!!\n")
}
}
}
}
Reference in a new issue View git blame Copy permalink