diff --git a/.gitignore b/.gitignore index 781a1495..f5876149 100644 --- a/.gitignore +++ b/.gitignore @@ -42,7 +42,6 @@ _testmain.go # bin nats-server gnatsd -/util/mkpasswd # coverage coverage.out diff --git a/test/auth_test.go b/test/auth_test.go index 4ffaa39f..232ae717 100644 --- a/test/auth_test.go +++ b/test/auth_test.go @@ -169,7 +169,7 @@ func TestPasswordClientGoodConnect(t *testing.T) { // The bcrypt username/password version //////////////////////////////////////////////////////////// -// Generated with util/mkpasswd (Cost 4 because of cost of --race, default is 11) +// Generated with nats server passwd (Cost 4 because of cost of --race, default is 11) const BCRYPT_AUTH_PASS = "IW@$6v(y1(t@fhPDvf!5^%" const BCRYPT_AUTH_HASH = "$2a$04$Q.CgCP2Sl9pkcTXEZHazaeMwPaAkSHk7AI51HkyMt5iJQQyUA4qxq" diff --git a/util/mkpasswd/mkpasswd.go b/util/mkpasswd/mkpasswd.go deleted file mode 100644 index 76e0800c..00000000 --- a/util/mkpasswd/mkpasswd.go +++ /dev/null @@ -1,95 +0,0 @@ -// Copyright 2015-2018 The NATS Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build ignore - -package main - -import ( - "bytes" - "crypto/rand" - "flag" - "fmt" - "log" - "math/big" - "syscall" - - "golang.org/x/crypto/bcrypt" - "golang.org/x/crypto/ssh/terminal" -) - -func usage() { - fmt.Printf("Usage: mkpasswd [-p ] [-c COST] \n") - flag.PrintDefaults() -} - -const ( - // Make sure the password is reasonably long to generate enough entropy. - PasswordLength = 22 - // Common advice from the past couple of years suggests that 10 should be sufficient. - // Up that a little, to 11. Feel free to raise this higher if this value from 2015 is - // no longer appropriate. Min is bcrypt.MinCost, Max is bcrypt.MaxCost. - DefaultCost = 11 -) - -func main() { - var pw = flag.Bool("p", false, "Input password via stdin") - var cost = flag.Int("c", DefaultCost, fmt.Sprintf("The cost weight, range of %d-%d", bcrypt.MinCost, bcrypt.MaxCost)) - - log.SetFlags(0) - flag.Usage = usage - flag.Parse() - - var password string - - if *pw { - fmt.Printf("Enter Password: ") - bytePassword, err := terminal.ReadPassword(int(syscall.Stdin)) - if err != nil { - log.Fatalf("Error reading password: %v\n", err) - } - fmt.Printf("\nReenter Password: ") - bytePassword2, err := terminal.ReadPassword(int(syscall.Stdin)) - if err != nil { - log.Fatalf("Error reading password: %v\n", err) - } - if !bytes.Equal(bytePassword, bytePassword2) { - log.Fatalf("Error, passwords do not match\n") - } - password = string(bytePassword) - fmt.Printf("\n") - } else { - password = genPassword() - fmt.Printf("pass: %s\n", password) - } - - cb, err := bcrypt.GenerateFromPassword([]byte(password), *cost) - if err != nil { - log.Fatalf("Error producing bcrypt hash: %v\n", err) - } - fmt.Printf("bcrypt hash: %s\n", cb) -} - -func genPassword() string { - var ch = []byte("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@$#%^&*()") - b := make([]byte, PasswordLength) - max := big.NewInt(int64(len(ch))) - for i := range b { - ri, err := rand.Int(rand.Reader, max) - if err != nil { - log.Fatalf("Error producing random integer: %v\n", err) - } - b[i] = ch[int(ri.Int64())] - } - return string(b) -}