dictu-lang · briandowns · Aug 29, 2023 · Aug 29, 2023 · Aug 29, 2023
diff --git a/pass/README.md b/pass/README.md
@@ -0,0 +1,81 @@
+# pass
+
+passlib is a simple module providing functionality to:
+
+* Generate passwords
+* Validate if a password is secure
+* Hash passwords
+* Salt passwords
+
+## Exampless
+
+Import the module:
+
+```cs
+from "pass.du" import Pass;
+```
+
+Create a new Instance:
+
+```cs
+const pass = Password();
+```
+
+Generate a 24 character passsword:
+
+```cs
+pass.generate(24);
+```
+
+Generate a 24 character secure password:
+
+```cs
+pass.generate(24, true);
+```
+
+Retrieve the password:
+
+```cs
+const password = pass.get();
+```
+
+Setup an instance with a given password:
+
+```cs
+pass.set("Asdfasdfasdfasdf1!");
+```
+
+Check if the password is secure:
+
+*Note*: This module defines a "secure" password by having:
+
+1. Minimum of 12 characters
+2. At least 1 upper case character
+3. At least 1 lower case character
+4. At lease 1 special character
+
+```cs
+pass.isSecure().match(
+    def(result) => {
+        print("secure!");
+    },
+    def(error) => {
+        print(error);
+    }
+);
+```
+
+Get a hash of the password:
+
+*Note*: only SHA256 and bcrypt currently supported.
+
+```cs
+pass.hash(pass.sha256).unwrap();
+pass.hash(pass.bcrypt).unwrap();
+```
+
+Salt a password. Returns a dictionary containing the salt string itself as well as the hash of the salt and password.
+
+```cs
+const res = pass.salt();
+```
diff --git a/pass/pass.du b/pass/pass.du
@@ -0,0 +1,167 @@
+import
+    Hashlib,
+    Random,
+    System;
+
+
+const
+    lowerCaseChars = "abcdefghijklmnopqrstuvwxyz",
+    upperCaseChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ",  
+    numberChars = "0123456789",
+    specialChars = "!@#$%^&*()-_=+,.?/:;{}[]~",
+    characters = upperCaseChars + lowerCaseChars + numberChars + specialChars;
+
+const wordsFile = "/usr/share/dict/words";
+
+class Password {
+    const sha256 = "sha256";
+    const bcrypt = "bcrypt";
+
+    private password;
+
+    init() {
+        this.password = "";
+    }
+
+    // get returns the configured password.
+    get() {
+        return this.password;
+    }
+
+    // set sets the given password.
+    set(password) {
+        this.password = password;
+    }
+
+    // generate will generate a new password.
+    generate(length, ...secure) {
+        for (var i = 0; i < length; i += 1) {
+            this.password += characters[Random.range(0, characters.len()-1)];
+        }
+
+        if (secure) {
+            if (not this.isSecure()) {
+                this.generate(length, true);
+            }
+        }
+
+        return Success(nil);
+    }
+
+    // hash hashes the configured password using the given 
+    // hash algorithm.
+    hash(algorithm) {
+        switch (algorithm.lower()) {
+            case "sha256":
+                return Success(Hashlib.sha256(this.password));
+            case "bcrypt":
+                return Success(Hashlib.bcrypt(this.password));
+            default:
+                return Error("unknown hash algorithm");
+        }
+    }
+
+    // isSecure checks if the password is "secure".
+    isSecure() {
+        if (this.password.len() < 12) {
+            return Error("password less than 12 characters");
+        }
+
+        if (not this.hasNumber()) {
+            return Error("missing number character");
+        }
+
+        if (not this.hasUpper()) {
+            return Error("missing uppper case character");
+        }
+
+        if (not this.hasLower()) {
+            return Error("missing uppper case character");
+        }
+
+        if (not this.hasSpecialChar()) {
+            return Error("missing special character");
+        }
+
+        return Success(nil);
+    }
+
+    // hasNumber checks to see if the password has a numerical
+    // character.
+    hasNumber() {
+        for (var i = 0; i < this.password.len(); i += 1) {
+            const res = this.password[i].toNumber().match(
+                def (result) => {return true;},
+                def (error) => {return false;}
+            );
+            if (res) {
+                return res;
+            }
+        }
+
+        return false;
+    }
+
+    // hasUpper checks to see if the password has a upper
+    // case letter.
+    hasUpper() {
+        for (var i = 0; i < this.password.len(); i += 1) {
+            if (upperCaseChars.contains(this.password[i])) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    // hasLower checks to see if the password has a lower
+    // case letter.
+    hasLower() {
+        for (var i = 0; i < this.password.len(); i += 1) {
+            if (lowerCaseChars.contains(this.password[i])) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    // hasSpecialChar checks to see if the password has a 
+    // special character.
+    hasSpecialChar() {
+        for (var i = 0; i < this.password.len(); i += 1) {
+            if (specialChars.contains(this.password[i])) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    // isDictionaryWord checks the system dictionary for the password.
+    private isDictionaryWord() {
+        with(wordsFile, "r") {
+            var word;
+
+            while((word = file.readLine()) != nil) {
+                if (word == this.password) {
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    // salt salts the configured password and returns a dictionary
+    // containing the salt and the hash of the password and salt.
+    salt() {
+        var salt = "";
+
+        for (var i = 0; i < 64; i += 1) {
+            salt += characters[Random.range(0, characters.len()-1)];
+        }
+
+        return {"salt": salt, "hash": Hashlib.sha256(salt + this.password)};
+    }
+}