Generating strong passwords - some sample code

Posted by jmls on 22-Jun-2012 10:50

I've always needed a strong password generator, and eventually decided to write one. I've found a c# version on the net, and converted it for ABL

Sorry, windows only, 10.2B+

It seems to be strong enough and fast enough (1000 generations in .75 seconds)

Comments welome.

/*
Copyright (C) 2012 by Julian Lyndon-Smith (julian+mit@dotr.com)
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS for A PARTICULAR PURPOSE and NONINFRINGEMENT. IN no EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE for ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR otherwise, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
using Progress.Lang.*.
using System.Security.Cryptography.*.
class dotr.hash42.Security.Password: 
  /** Generate a password of length p_Maxsize, with special characters
   * @param size of password required
   * @return password
   */
  method public  char GetUniqueKey(p_maxSize as int):
    return GetUniqueKey(p_maxSize,yes).
  end method.
  /** Generate a password of length p_Maxsize
   * @param size of password required
   * @param use special characters (*%+ etc) 
   * @return password
   */
  method public  char GetUniqueKey(p_maxSize as int,p_Special as logical):
    def var lv_i as int no-undo.
    def var Data   as  "System.Byte[]"         no-undo.
    def var Crypto as RNGCryptoServiceProvider no-undo.
    def var lv_Chars    as char no-undo.
    def var lv_Special  as char no-undo.
    def var lv_Result   as char no-undo.
    def var lv_Byte as int no-undo.
    assign lv_chars   = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
           lv_Special = "!#$%&'()*+,-./:;<=>?@[\]_". 
    assign lv_Chars = lv_Chars + lv_Special when p_Special.
    Data = new "System.Byte[]" (1).
    Crypto = new RNGCryptoServiceProvider().
    Crypto:GetNonZeroBytes(Data).
    Data = new "System.Byte[]" (p_MaxSize).
    Crypto:GetNonZeroBytes(Data).
    do lv_i = 0 to p_maxSize - 1:
      assign lv_Byte   = Data:GetValue(lv_i)
             lv_Result = lv_result + substr(lv_chars, lv_Byte mod length(lv_chars) + 1,1).
    end.
    return lv_Result.
  end method.
end class.

OpenEdge Development - Forum

All Replies

Posted by danielStafford on 23-Jun-2012 07:31

Nice!

My favorite - https://www.grc.com/passwords.htm

This thread is closed