-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpassword.cpp
223 lines (215 loc) · 7.6 KB
/
password.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
#include "password.hpp"
using namespace std;
bool password_policy(string password) {
char restart;
size_t special, lower, upper;
int len = password.size();
int token = 0;
/** check length **/
if (len < 8) {
printColored("Passwort too short!\n", "red");
token++;
} else if (len > 20) {
printColored("Passwort too long!\n", "red");
token++;
}
/** check numbers **/
if (!any_of(password.begin(), password.end(), ::isdigit)) {
printColored("Passwort doesn´t have any numbers!\n", "red");
token++;
}
/** check small letters **/
if (!any_of(password.begin(), password.end(), ::islower)) {
printColored("Passwort doesn´t have any Lowercase-Letter!\n", "red");
token++;
}
/** check big letters **/
if (!any_of(password.begin(), password.end(), ::isupper)) {
printColored("Passwort doesn´t have any Uppercase-Letter!\n", "red");
token++;
}
/** check special chars **/
if (!any_of(password.begin(), password.end(), ::ispunct)) {
printColored("Passwort doesn´t have any Special-Character!\n", "red");
token++;
}
/** strength meter **/
if (token == 0) {
printColored("Very strong password!", "green");
return true;
} else if (token == 1) {
printColored("Moderate password!", "yellow");
cout << "Do you want to change it: (Y) Yes, (N) No: ";
cin >> restart;
if (tolower(restart) == 'y')
return false;
return true;
} else {
printColored("Insecure password!\n", "red");
return false;
}
return true;
}
void add_password(string domain) {
int choice;
string username, password;
/** get data **/
if (!domain.size()) {
cout << "Enter domain name: ";
cin >> domain;
}
domain.append(":");
cout << "Enter username: ";
cin >> username;
cout << "\n(0) enter password\n(1) generate password\n\nChoose type of password: ";
cin >> choice;
sanitize();
cout << endl;
if (choice) {
int pass_length;
do{
cout << "Choose password length between 8-20 characters: ";
cin >> pass_length;
sanitize();
cout << endl;
} while(pass_length < 8 || pass_length > 20);
password = password_generator(pass_length);
cout << "Generated password: " << password << "\n\n";
}
else {
printColored("Note: A strong passwort contains each of the following characters atleast once:\n"
"* Password length 8-20 characters\n"
"* Numbers\n"
"* Lower- and Uppercase Letters\n"
"* Special-Characters: !\"#$%&'()*+,-./:;<?=@>[\\]^_`{|}~\n", "yellow");
do {
cout << "\nEnter password: ";
cin >> password;
} while(!password_policy(password));
}
/** encrypt data **/
int ciphertext_len;
unsigned char ciphertext[128];
string result = username + ":" + password;
auto [ivv, keyy] = hkdf();
unsigned char *plaintext = (unsigned char *)result.c_str();
unsigned char *key = (unsigned char *)keyy.c_str();
unsigned char *iv = (unsigned char *)ivv.c_str();
ciphertext_len = aes256_cbc_encrypt(plaintext, strlen((char *)plaintext), key, iv, ciphertext);
write_storage(domain + (const char*)iv + ":" + toHex(ciphertext, ciphertext_len), "vault");
}
string read_password(string account, bool output) {
int decryptedtext_len;
unsigned char decryptedtext[128];
if (!account.size())
return "";
string domain = read_storage(account, "vault");
/** read iv & cipher **/
stringstream ss(domain);
string cipher, iv_str, username, password;
getline(ss, domain, ':');
getline(ss, iv_str, ':');
getline(ss, cipher, ':');
/** account information **/
int len = cipher.length();
string newString;
for(int i=0; i<len; i+=2)
{
string byte = cipher.substr(i,2);
char chr = (char) (int)strtol(byte.c_str(), NULL, 16);
newString.push_back(chr);
}
unsigned char *ciphertext = (unsigned char *)newString.c_str();
/** decrypt ciphertext **/
auto [ivv, keyy] = hkdf();
unsigned char *iv = (unsigned char *)iv_str.c_str();
unsigned char *key = (unsigned char *)keyy.c_str();
decryptedtext_len = aes256_cbc_decrypt(ciphertext, len/2, key, iv, decryptedtext);
decryptedtext[decryptedtext_len] = '\0';
/** read username & password **/
stringstream dd((const char*)decryptedtext);
getline(dd, username, ':');
getline(dd, password, ':');
if (output)
cout << "\nDomain: " << domain << "\nUsername: " << username << "\nPassword: " << password << "\n\n";
return password;
}
void change_password(string account) {
add_password(remove_line("vault", account));
}
string password_generator(int len) {
char rand[len];
string password = "";
unsigned long long int random_value;
const char numbers[] = "0123456789";
const char letter[] = "abcdefghijklmnopqrstuvwxyz";
const char LETTER[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const char symbols[] = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
ifstream random("/dev/urandom", ios::in|ios::binary);
for (int i=0; i<len; i++) {
random.read(reinterpret_cast<char*>(&random_value), 20);
switch(random_value%4) {
case 0:
password += letter[random_value % 26];
break;
case 1:
password += numbers[random_value % 10];
break;
case 2:
password += symbols[random_value % 8];
break;
case 3:
password += LETTER[random_value % 26];
break;
}
}
random.close();
return password;
}
size_t WriteCallback(char *contents, size_t size, size_t nmemb, void *userp)
{
((string*)userp)->append((char*)contents, size * nmemb);
return size * nmemb;
}
void check_breach() {
char confirm;
long response_code;
string response, password, hash, url;
string *account = all_accounts();
for (int i=0; i<storage_size(); i++) {
password = read_password(account[i], false);
hash = sha(password);
url = "https://api.pwnedpasswords.com/range/";
url.append(hash.substr(0, 5));
hash = hash.substr(5, 50);
CURL* curl = curl_easy_init();
if (curl) {
curl_easy_setopt(curl, CURLOPT_URL, url.c_str());
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteCallback);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &response);
curl_easy_perform(curl);
curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response_code);
curl_easy_cleanup(curl);
curl = NULL;
}
if (response_code == 200) {
size_t pos = 0;
string token;
while ((pos = response.find("\n")) != string::npos) {
token = response.substr(0, pos);
stringstream ss(token);
getline(ss, token, ':');
if (!strcasecmp(token.c_str(), hash.c_str())) {
getline(ss, token, ':');
cout << "'" << password << "' from '" + account[i] + "' has been seen " << stoi(token) << " times before!\n\n";
cout << "Do you want to change this password? (Y) (N): ";
cin >> confirm;
if (tolower(confirm) == 'y')
change_password(account[i]);
return;
}
response.erase(0, pos + 1);
}
}
}
}