2 * Copyright (c) 2007, Cameron Rich
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
9 * * Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above copyright notice,
12 * this list of conditions and the following disclaimer in the documentation
13 * and/or other materials provided with the distribution.
14 * * Neither the name of the axTLS project nor the names of its contributors
15 * may be used to endorse or promote products derived from this software
16 * without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38 void base64_encode(const uint8_t *in
, size_t inlen
, char *out
, size_t outlen
)
40 static const char b64str
[64] =
41 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
43 while (inlen
&& outlen
)
45 *out
++ = b64str
[(in
[0] >> 2) & 0x3f];
49 *out
++ = b64str
[((in
[0] << 4)
50 + (--inlen
? in
[1] >> 4 : 0)) & 0x3f];
54 ? b64str
[((in
[1] << 2)
55 + (--inlen
? in
[2] >> 6 : 0))
60 *out
++ = inlen
? b64str
[in
[2] & 0x3f] : '=';
73 static void usage(void)
75 fprintf(stderr
,"Usage: htpasswd username\n");
80 static char * getpass(const char *prompt
)
85 printf(prompt
); TTY_FLUSH();
87 fp
= fopen("/dev/tty", "w");
90 printf("null\n"); TTY_FLUSH();
95 fgets(buf
, sizeof(buf
), fp
);
96 while (buf
[strlen(buf
)-1] < ' ')
97 buf
[strlen(buf
)-1] = '\0';
105 int main(int argc
, char *argv
[])
108 uint8_t md5_salt
[MD5_SIZE
], md5_pass
[MD5_SIZE
];
109 char b64_salt
[MD5_SIZE
+10], b64_pass
[MD5_SIZE
+10];
115 pw
= strdup(getpass("New password:"));
116 if (strcmp(pw
, getpass("Re-type new password:")) != 0)
118 fprintf(stderr
, "They don't match, sorry.\n" );
122 RNG_initialize((uint8_t *)pw
, sizeof(pw
));
123 get_random(MD5_SIZE
, md5_salt
);
125 base64_encode(md5_salt
, MD5_SIZE
, b64_salt
, sizeof(b64_salt
));
128 MD5_Update(&ctx
, md5_salt
, MD5_SIZE
);
129 MD5_Update(&ctx
, (uint8_t *)pw
, strlen(pw
));
130 MD5_Final(md5_pass
, &ctx
);
131 base64_encode(md5_pass
, MD5_SIZE
, b64_pass
, sizeof(b64_pass
));
133 printf("Add the following to your '.htpasswd' file\n");
134 printf("%s:%s$%s\n", argv
[1], b64_salt
, b64_pass
);