From 8a682edadecf95b816b6a5b461f8be2d024b9af1 Mon Sep 17 00:00:00 2001 From: Jephte Clain Date: Tue, 2 Nov 2021 11:12:19 +0400 Subject: [PATCH] =?UTF-8?q?upassword:=20changer=20le=20g=C3=A9n=C3=A9rateu?= =?UTF-8?q?r=20al=C3=A9atoire?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- upassword | 145 +++++++++++++++++++++++------------------------------- 1 file changed, 61 insertions(+), 84 deletions(-) diff --git a/upassword b/upassword index fa3e535..9d30608 100755 --- a/upassword +++ b/upassword @@ -19,7 +19,6 @@ import java.security.SecureRandom; import java.util.Arrays; import java.util.List; import java.util.Random; -import java.util.concurrent.ThreadLocalRandom; import java.util.regex.Pattern; import javax.crypto.Cipher; @@ -139,7 +138,6 @@ public class upassword { } // ------------------------------------------------------------------------ - public static class Base64 { public final static int NO_OPTIONS = 0; @@ -968,7 +966,6 @@ public class upassword { } // ------------------------------------------------------------------------ - public static class DES { private int[] encryptKeys = new int[32]; @@ -1873,7 +1870,6 @@ public class upassword { } // ------------------------------------------------------------------------ - public static class MD4 extends MessageDigest implements Cloneable { private static final int BLOCK_LENGTH = 64; @@ -2030,7 +2026,6 @@ public class upassword { } // ------------------------------------------------------------------------ - public static class jcrypt { private jcrypt() { } @@ -3660,7 +3655,6 @@ public class upassword { } // ------------------------------------------------------------------------ - public static class Salt { public static final String getCryptSalt(String pw) { if (pw == null) return null; @@ -3758,7 +3752,6 @@ public class upassword { } // ------------------------------------------------------------------------ - public static class Password { public static final String CLEARTEXT = "", CRYPT = "CRYPT", MD5 = "MD5", SMD5 = "SMD5", SHA = "SHA", XSHA = "XSHA", SSHA = "SSHA"; @@ -4193,7 +4186,6 @@ public class upassword { } // ------------------------------------------------------------------------ - public static class PasswordChecker { public PasswordChecker(int minLen, int minUpper, int minLower, int minAlpha, int minNumber, int minSymbol, int minSpecial, boolean allowMultibytes) { @@ -4564,6 +4556,60 @@ public class upassword { return generate(minLen, maxLen, sections, DEFAULT_RAND); } + /** + * Génère une chaine de caractère aléatoire d'une taille définie adapté aux mot de passe + * + * @param size Nombre de bloque de 4 caractères à générer + * @param punctuationsNumber Nombre de ponctuations à insérer + * @return Chaine de caractères aléatoires générée + */ + public static String generateJk(int size, int punctuationsNumber, Random rand) { + final String CONSONANTS = "bcdfghjklmnpqrstvwxz"; + final String VOWELS = "aeiuoy"; + final String PUNCTUATIONS = "!:;,?."; + String seed; + // taille minimale de la chaine + if (size < 1) { + size = 3; + } + // S'il y a trop de ponctuations à placer + if (punctuationsNumber > size) { + punctuationsNumber = size; + } + // préparation d'un constructeur de chaîne + StringBuilder builder = new StringBuilder(size); + String punctuationsUsed = ""; + int rnd; + // calcule aléatoirement le caractère à sélectionner + for (int index = 0; index < size * 4; index++) { + // espace + if (index != 0 && index % 4 == 0) { + builder.append(" "); + } + // lettre + seed = index % 2 == 0 ? CONSONANTS : VOWELS; + builder.append( + seed.charAt( + rand.nextInt(seed.length()) + ) + ); + // ponctuation + if (punctuationsNumber > 0 && (index + 1) % 4 == 0) { + rnd = rand.nextInt(size); + if (punctuationsUsed.length() < punctuationsNumber && rnd <= punctuationsNumber) { + punctuationsUsed += PUNCTUATIONS.charAt( + rand.nextInt(PUNCTUATIONS.length()) + ); + builder.append(punctuationsUsed.charAt(punctuationsUsed.length() - 1)); + } + } + } + return builder.toString(); + } + public static String generateJk(int size, int punctuationsNumber) { + return generateJk(size, punctuationsNumber, DEFAULT_RAND); + } + public PasswordGenerator(int minLen, String[] sections, int[] minCounts, Random rand) { setMinLen(minLen); setSections(sections); @@ -4626,10 +4672,12 @@ public class upassword { public String generate(int maxLen) { return generate(minLen, maxLen, sections, minCounts, rand); } + public String generateJk() { + return generateJk(3, 1, rand); + } } // ------------------------------------------------------------------------ - public static class AESEnc { private static final String AES = "AES"; @@ -4721,76 +4769,6 @@ public class upassword { // ------------------------------------------------------------------------ - public static class WOJavaMonitorPassword { - public static long myrand() { - long nextLong = ThreadLocalRandom.current().nextLong(); - while (nextLong == Long.MIN_VALUE) { - nextLong = ThreadLocalRandom.current().nextLong(); - } - return Math.abs(nextLong); - } - - public static String encryptStringWithKey(String to_be_encrypted, String aKey) { - String encrypted_value = ""; - char xdigit[] = { '0' , '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'}; - MessageDigest messageDigest; - - try { - messageDigest = MessageDigest.getInstance("MD5"); - } catch (NoSuchAlgorithmException exc) { - throw new AssertionError("MD5 n'est pas disponible: " + getSummary(exc)); - } - if (to_be_encrypted != null) { - byte digest[]; - byte fudge_constant[]; - try { - fudge_constant = ("X#@!").getBytes("UTF8"); - } catch (UnsupportedEncodingException uee) { - fudge_constant = ("X#@!").getBytes(); - } - byte fudgetoo_part[] = { - (byte)xdigit[(int)(myrand() % 16)] , - (byte)xdigit[(int)(myrand() % 16)] , - (byte)xdigit[(int)(myrand() % 16)] , - (byte)xdigit[(int)(myrand() % 16)] - }; - int i = 0; - - if (aKey != null) { - try { - fudgetoo_part = aKey.getBytes("UTF8"); - } catch (UnsupportedEncodingException uee) { - fudgetoo_part = aKey.getBytes(); - } - } - messageDigest.update(fudge_constant); - try { - messageDigest.update(to_be_encrypted.getBytes("UTF8")); - } catch (UnsupportedEncodingException uee) { - messageDigest.update(to_be_encrypted.getBytes()); - } - messageDigest.update(fudgetoo_part); - digest = messageDigest.digest(); - encrypted_value = new String(fudgetoo_part); - for (i = 0; i < digest.length; i++) { - int mashed; - char temp[] = new char[2]; - if (digest[i] < 0) { - mashed = 127 + ( -1 * digest[i]); - } else { - mashed = digest[i]; - } - temp[0] = xdigit[mashed / 16]; - temp[1] = xdigit[mashed % 16]; - encrypted_value = encrypted_value + (new String(temp)); - } - } - return encrypted_value; - } - } - - // ------------------------------------------------------------------------ - private Password getPasswordAnySalt(String clear, String scheme, final String anySalt) { return new Password(clear, scheme) { @Override @@ -5111,7 +5089,7 @@ public class upassword { if (clear == null) { PasswordGenerator pg = new PasswordGenerator(); - clear = pg.generate(); + clear = pg.generateJk(); } String newCryptSalt = null; @@ -5186,7 +5164,6 @@ public class upassword { String md5 = getPasswordAnySalt(clear, Password.MD5, null).getNormalized(); String smd5 = getPasswordBinarySalt(clear, Password.SMD5, newBinarySalt) .getNormalized(); - String wojmp = WOJavaMonitorPassword.encryptStringWithKey(clear, null); String aes = null; if (aeskey != null) { try { @@ -5205,7 +5182,6 @@ public class upassword { printvar("ssha", ssha, shell); printvar("md5", md5, shell); printvar("smd5", smd5, shell); - printvar("wojmp", wojmp, shell); if (aes != null) printvar("aes", aes, shell); } else if (hashAction == EHashAction.CHECK_MATCH) { // Afficher uniquement les versions cryptées des mots de passe avec @@ -5276,8 +5252,9 @@ public class upassword { } case GEN_AESKEY: { - if (aeskeyfile == null) die("Vous devez spécifier l'option -f", null); - if (new File(aeskeyfile).exists()) { + if (aeskeyfile == null) { + die("Vous devez spécifier l'option -f", null); + } else if (new File(aeskeyfile).exists()) { die(aeskeyfile + ": Refus d'écraser un fichier existant", null); }