Recently, I found myself with a burst of inspiration and thought, "Why not create a secure password generator in C?" This project would not only allow me to dive into the intricacies of cryptographically secure pseudorandom number generators (CSPRNGs) but also give me a useful tool for my future automation projects—like hooking it up to an API. Some might wonder, "Why not just use random.org's API?" Well, to put it simply: I'm just bored. 😄
Laying Out the Plan
Before jumping into coding, it’s crucial to have a clear plan. Here are eight key points I considered for my password generator:
- Random Number Generation: Utilize a CSPRNG for high-quality randomness. Standard functions like
rand()won't cut it; instead, libraries like OpenSSL and GnuPG are what I’ll be using. - Character Sets: Define a diverse character set that includes uppercase and lowercase letters, numbers, and special characters. This variety will help strengthen the passwords.
- Password Length: Allow users to specify the password length. While longer passwords generally enhance security, it’s essential to find a balance between security and usability.
- Entropy: Ensure sufficient entropy to guard against brute force and dictionary attacks. Using a CSPRNG and a varied character set is key to achieving this.
- Portability: Keep portability in mind. The program should function across different platforms and architectures, avoiding platform-specific libraries when possible.
- Code Security: Write secure code that is free from vulnerabilities like buffer overflows or memory leaks. Tools for static and dynamic analysis can help identify potential issues.
- User Interface: Design a user-friendly interface that allows users to easily configure settings and generate passwords.
Getting Started with Code
To kick things off, I needed to see how I could implement a character set with rand(), but here’s the kicker: rand() doesn’t accept parameters. So, my short answer is: don’t bother with rand(). The longer answer? Overengineering every single part of it! 😅
Here’s the initial version of the code I wrote:
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
const char *charSet = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!@#$%^&*()-_=+[]{};:,.<>?/\\| \t\n";
int main() {
srand(time(NULL)); // Seed the random number generator with the current time
int passwordLength = 16;
// Generate the password
for (int i = 0; i < passwordLength; ++i) {
int randomIndex = rand() % (int)strlen(charSet);
printf("%c", charSet[randomIndex]);
}
printf("\n");
return 0;
}Now, you don’t need to be a genius to realize that this approach might not work half the time. Specifically, the inclusion of \n in the character set means that the program could split the password into two or more parts. So, I removed that character and added user input to enhance functionality.
Next, I decided to eliminate the symbols since they were somewhat cumbersome and didn’t significantly contribute to password strength. I also incorporated command-line flags for future automation purposes. Here’s the updated code:
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include <getopt.h>
const char *charSet = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
int passwordLength = 12;
void parseArgs(int argc, char **argv) {
int option;
while ((option = getopt(argc, argv, "l:")) != -1) {
switch (option) {
case 'l':
passwordLength = atoi(optarg);
break;
default:
printf("Usage: %s -l <password_length>\n", argv[0]);
exit(1);
}
}
}
int main(int argc, char **argv) {
parseArgs(argc, argv); // Parse command-line arguments
srand(time(NULL)); // Seed the random number generator
// Generate the password
for (int i = 0; i < passwordLength; ++i) {
int randomIndex = rand() % (int)strlen(charSet);
printf("%c", charSet[randomIndex]);
}
printf("\n");
return 0;
}Evaluating Our Progress
Now, let’s take a step back and see how we’re doing against our initial goals:
- Random Number Generation (CSPRNG):
- Current State: We're still using
rand(), which isn't cryptographically secure. - Status: ❌ Not using a CSPRNG (like OpenSSL's
RAND_bytes()).
- Current State: We're still using
- Character Sets:
- Current State: Our character set includes uppercase, lowercase, and digits, but no special characters.
- Status: ✔️ (partial) — Could include more special characters for added strength.
- Password Length:
- Current State: Users can specify the password length via flags.
- Status: ✔️ — Fully customizable.
- Entropy:
- Current State:
rand()does not provide high entropy. - Status: ❌ Needs improvement with a CSPRNG.
- Current State:
- Portability:
- Current State: Simple C code that works on various platforms.
- Status: ✔️ — Portable across platforms.
- Code Security:
- Current State: Code appears secure but relies on
rand(). - Status: ⚠️ (partial) — Could improve with a secure random generator.
- Current State: Code appears secure but relies on
- User Interface:
- Current State: Simple command-line interface.
- Status: ✔️ — User-friendly.
Next Steps
So, what’s next? It’s time to roll up our sleeves and enhance the program.
- Transitioning to OpenSSL: The most significant change will be replacing
rand()with OpenSSL'sRAND_bytes(). This matters because:- Cryptographic Security: While
rand()is a pseudorandom generator, it lacks cryptographic robustness, making it predictable and vulnerable. In contrast,RAND_bytes()ensures generated values are secure and unpredictable. - Increased Entropy: Using
RAND_bytes()greatly enhances the randomness of the generated passwords, significantly reducing risks from brute force or dictionary attacks.
- Cryptographic Security: While
- Introducing Command-Line Flags for Customization: Adding customization options through command-line flags will improve usability:
- Include or Exclude Symbols: Users can now choose whether to include special characters. The generator defaults to including symbols but can be adjusted with a simple flag.
- Password Length: Another flag allows users to specify the desired password length, catering to various security needs.
Here’s the final version of the program:
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include <getopt.h>
#include <openssl/rand.h>
const char *defaultCharSet = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!@#$%^&*()-_=+[]{};:,.<>?/\\|";
const char *noSymbolsCharSet = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
int passwordLength = 16;
int useSymbols = 1;
void parseArgs(int argc, char **argv) {
int c;
while (1) {
static struct option long_options[] = {
{"length", required_argument, 0, 'l'},
{"no-symbols", no_argument, 0, 'n'},
{0, 0, 0, 0}
};
c = getopt_long(argc, argv, "l:n", long_options, NULL);
if (c == -1) break;
switch (c) {
case 'l':
passwordLength = atoi(optarg);
break;
case 'n':
useSymbols = 0;
break;
default:
printf("Invalid option %c\n", c);
exit(1);
}
}
}
int main(int argc, char **argv) {
parseArgs(argc, argv);
const char *charSet = useSymbols ? defaultCharSet : noSymbolsCharSet;
// Generate the password
for (int i = 0; i < passwordLength; ++i) {
unsigned char randomByte;
RAND_bytes(&randomByte, sizeof(randomByte));
int randomIndex = randomByte % (int)strlen(charSet);
printf("%c", charSet[randomIndex]);
}
printf("\n");
return 0;
}
In order for to compile the program just run the following command
gcc -o test_password_generator test_password_generator.c -lssl -lcryptoYou have to have libssl-dev installed - you can install it with the following command
sudo apt-get install libssl-devThen you can run the program with --length and --no-symbols flags
Now we have a secure password generator that meets our goals. Let’s keep refining and enhancing it!