2 * Copyright (c) 2007, Cameron Rich
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
9 * * Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above copyright notice,
12 * this list of conditions and the following disclaimer in the documentation
13 * and/or other materials provided with the distribution.
14 * * Neither the name of the axTLS project nor the names of its contributors
15 * may be used to endorse or promote products derived from this software
16 * without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38 void base64_encode(const uint8_t *in, size_t inlen, char *out, size_t outlen)
40 static const char b64str[64] =
41 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
43 while (inlen && outlen)
45 *out++ = b64str[(in[0] >> 2) & 0x3f];
49 *out++ = b64str[((in[0] << 4)
50 + (--inlen ? in[1] >> 4 : 0)) & 0x3f];
54 ? b64str[((in[1] << 2)
55 + (--inlen ? in[2] >> 6 : 0))
60 *out++ = inlen ? b64str[in[2] & 0x3f] : '=';
73 static void usage(void)
75 fprintf(stderr,"Usage: htpasswd username\n");
80 static char * getpass(const char *prompt)
85 printf(prompt); TTY_FLUSH();
87 fp = fopen("/dev/tty", "w");
90 printf("null\n"); TTY_FLUSH();
95 fgets(buf, sizeof(buf), fp);
96 while (buf[strlen(buf)-1] < ' ')
97 buf[strlen(buf)-1] = '\0';
105 int main(int argc, char *argv[])
108 uint8_t md5_salt[MD5_SIZE], md5_pass[MD5_SIZE];
109 char b64_salt[MD5_SIZE+10], b64_pass[MD5_SIZE+10];
115 pw = strdup(getpass("New password:"));
116 if (strcmp(pw, getpass("Re-type new password:")) != 0)
118 fprintf(stderr, "They don't match, sorry.\n" );
122 RNG_initialize((uint8_t *)pw, sizeof(pw));
123 get_random(MD5_SIZE, md5_salt);
125 base64_encode(md5_salt, MD5_SIZE, b64_salt, sizeof(b64_salt));
128 MD5_Update(&ctx, md5_salt, MD5_SIZE);
129 MD5_Update(&ctx, (uint8_t *)pw, strlen(pw));
130 MD5_Final(md5_pass, &ctx);
131 base64_encode(md5_pass, MD5_SIZE, b64_pass, sizeof(b64_pass));
133 printf("Add the following to your '.htpasswd' file\n");
134 printf("%s:%s$%s\n", argv[1], b64_salt, b64_pass);