Add helper script to generate crypographically-secure random passphrase

DFW1N · Jun 8, 2024 · 5d4c8b2 · 5d4c8b2
1 parent 5fccd11
commit 5d4c8b2
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 0 deletions.
diff --git a/cmd/crypto.go b/cmd/crypto.go
@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"golang.org/x/crypto/pbkdf2"
 	"io"
+	"math/big"
 	"os"
 	"strings"
 )
@@ -98,3 +99,27 @@ func decryptFile(filename string, passphrase string) (string, error) {
 
 	return "", nil
 }
+
+func GenPassphrase() {
+	min := 24
+	max := 48
+
+	bigN, err := rand.Int(rand.Reader, big.NewInt(int64(max-min+1)))
+	if err != nil {
+		fmt.Println("❌ Unable to generate random integer" + err.Error())
+	}
+
+	n := bigN.Int64() + int64(min)
+
+	const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_=+<>?"
+
+	result := make([]byte, n)
+	for i := range result {
+		randomIndex, err := rand.Int(rand.Reader, big.NewInt(int64(len(charset))))
+		if err != nil {
+			fmt.Println("❌ Unable to generate passphrase" + err.Error())
+		}
+		result[i] = charset[randomIndex.Int64()]
+	}
+	fmt.Println("Passphrase: " + string(result))
+}
diff --git a/cmd/help.go b/cmd/help.go
@@ -34,6 +34,7 @@ func Help() {
 	fmt.Println("  \033[33mretrieve\033[0m    			Pull and Unwrap a secret from base64")
 	fmt.Println("  \033[33mstatus\033[0m      			Checks if Vaultify is still authenticated to Hashicorp Vault.")
 	fmt.Println("  \033[33mconfigure\033[0m      		Configures the Vaultify project, allowing customization of settings such as the Vault address, authentication method, and data paths")
+	fmt.Println("  \033[33mpwgen\033[0m      		        Generate a secure passphrase for use with Vaultify.\n\t\t\t\t\033[31mNOTE\033[0m: If you choose to use the passphrase generated by this command, ensure you store it in a secure location")
 	fmt.Println("  \033[33m-v\033[0m, \033[33m--version\033[0m     		Show the Vaultify version")
 	fmt.Println("  \033[33m-h\033[0m, \033[33m--help\033[0m        		Show this help message")
 }
diff --git a/main.go b/main.go
@@ -86,6 +86,8 @@ func main() {
 				handleDeleteVaultCommand(os.Args[2:])
 				return
 			}
+		case "pwgen":
+			cmd.GenPassphrase()
 		default:
 			fmt.Printf("Unknown command: \033[33m%s\033[0m\n", os.Args[1])
 			fmt.Println("Use \033[33m'vaultify -h'\033[0m for help.")