[Toybox] [New Toy] pwgen

Mon Dec 7 22:40:00 PST 2020

On Mon, Dec 7, 2020 at 9:07 PM Rob Landley <rob at landley.net> wrote:

> On 12/7/20 10:52 PM, Rob Landley wrote:
> > Hmmm, this is producing a LOT more capital letters than the other
> version, which
> > also falls under "human readable affordance". let's see... Top bit of
> entropy
> > per byte isn't really used, so I'll squelch capitals when it's set.
> (That should
> > make 1/4 of letters capital.)
> ...
> > That's still a very different character distribution. He's squelching
> more
> > capitals than I am, and at least half the punctuation...
>
> Forgot to mention I used the same high bit squelch trick to suppress half
> the
> punctuation. The result still has more punctuation on average yet isn't
> guaranteed to have punctuation in EACH generated password, but...
>
> > Which is... eh? Close enough?
>
> Checked in the cleanup, and promoted it to toys/other.
>
> I note that -s isn't hooked up to anything. Maybe I should make it disable
> the
> two squelches? Yeah, I'll do that...
>

i think that the toybox implementation is effectively "always -s" because
it's just using random characters, and not doing the "pronounceable" bit.
try reading out your own example:

$ pwgen -y
Eegae:B9 pee3Boh{ Hie~j3Lu aew)a3Jo zae'Cho5 quah!Ph5 EJa(X5Ee zui7Aez)
Too2Ed)o kap.ae4L ahj$i8Se Aile-ch4 nah+w3Ea wa"Zo9ea Shu4dae+ tuNg]u7e
giY!oc9o duG5eiz- sahc7eS* ooPi at z0e eX7nei_d iV/ae1se eiQu4om^ Ni>pig1o

and then try to read the toybox ones out instead:

$ toybox pwgen -y
p:Q1$h=C h6W`ieZ< Q`o!b|+) 1apBp}nT er at 7mKgi waAqC[7i v<y\:jzt [#o=Nw7w
tx1^1Uo[ o`B]y84{ wjdsl>%n R=<h[*0" #m*+(z!( qbZf,3h) fs&oc1C0 `?#-sstC
r`mR{ht{ i%g'FA$> ofy=#t}7 rCRWEmlq 7A;/`|}= rvqv|swe wT\z-(sw ,Cr*y6c.

i suspect the real thing is meant to be something more like
https://nvlpubs.nist.gov/nistpubs/Legacy/FIPS/fipspub181.pdf ?

the interesting bit seems to be:

/*
* Generate next unit to password, making sure that it follows
* these rules:
* 1. Each syllable must contain exactly 1 or 2 consecutive
* vowels, where y is considered a vowel.
* 2. Syllable end is determined as follows:
* a. Vowel is generated and previous unit is a
* consonant and syllable already has a vowel. In
* this case, new syllable is started and already
* contains a vowel.
* b. A pair determined to be a "break' pair is encountered.
* In this case new syllable is started with second unit
* of this pair.
* c. End of password is encountered.
* d. "begin" pair is encountered legally. New syllable is
* started with this pair.
* e. "end" pair is legally encountered. New syllable has
* nothing yet.
* 3. Try generating another unit if:
* a. third consecutive vowel and not y.
* b. "break" pair generated but no vowel yet in current
* or previous 2 units are "not_end .
* c. "begin" pair generated but no vowel in syllable
* preceding begin pair, or both previous 2 pairs are
* designated "not_end".
* d. "end" pair generated but no vowel in current syllable
* or in "end" pair.
* e. "not_begin" pair generated but new syllable must
* begin (because previous syllable ended as defined in
* 2 above).
* f. vowel is generated and 2a is satisfied, but no syllable
* break is possible in previous 3 pairs.
* g. Second and third units of syllable must begin, and
* first unit is "altemate_vowel".
*/

And yes, I should rename janice[]. When I'm tired all the names I choose for
> things tend to be pop culture references, I.E. my first answer to the
> question
> raised by its name, ala what should I call the ps -o fields? "struct
> strawberry". In this case the question was "which rand" since "int rand;"
> was
> already the index into the buffer of random numbers returned by
> xgetrandom()
> when I yanked toybuf out from under it to construct the password into, so I
> needed a new buffer to hold random data and the obvious answer was the
> star trek
> character. (Could have gone with the old NSA front corporation but... no.)
>
> The question I SHOULD be answering for these names is "what will be
> easiest for
> other people to understand", and I usually go back and replace them later.
>
> And yes sizeof(janice) was an issue because more system calls is bad (it's
> slow
> and I'm never 100% sure there isn't some ptrace exploit for some subtle
> side
> channel attack or data exfiltration or something), but draining the entropy
> buffer more than necessary is bad. So I compromised at twice the default
> password size, not _entirely_ arbitrarily because I vaguely remembered
> something
> about the internal kernel hash plumbing that implements /dev/urandom
> working in
> block sizes bigger than 64 bits (8 bytes), so the kernel's doing the work
> to
> prepare at least much buffer each time even when it mixes those bits back
> in
> because it didn't send them to userspace. (I'm using urandom which doesn't
> do
> the "we're out of REAL entropy, block until more comes in" accounting, but
> it's
> still not a good idea to waste it. I _could_ look up what the current hash
> granularity is for whatever they've redone the plumbing to this year, but
> it
> would only change again and being asked for one 8 character password is
> just
> enough of a common case (pwgen -1) that fetching twice that much seemed
> the most
> I could excuse anyway. Hand wave, hand wave, jazzhands.)
>
> Rob
> _______________________________________________
> Toybox mailing list
> Toybox at lists.landley.net
> http://lists.landley.net/listinfo.cgi/toybox-landley.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20201207/a2dd8101/attachment-0001.htm>