Version: 0.2

Type: Full Script

Category: Other

License: GNU General Public License

Description: php Passphrase Generator. Many encryption programs require passphrases for successful encryption. Most users do not choose strong enough passphrases (so they program cannot provide a strong encryption). phpPPG generates passphrases for you. You can modify the amount of characters being used in a single passphrase, the amount of passphrases to generate in one shot and the characterset to use. Working example: http://www.madsekci.net/phpPPG/



<?PHP
/************************************************************************************************************

$Id: phpPPG.php,v 0.2 2003/06/03 01:27:10 tom Exp $

PHP Passphrase Generator
========================
This tool was designed to make passphrase generation for encryption 
programs easy. Most encryption tools require a passphrase to provide
encryption. Though I've seen many users around who do not choose strong
passphrases to ensure strong encryption.

phpPPG renders a passphrase for you. You can specify the length of the 
passphrase, the amount of passphrases to create in a single time and 
the characterset that's being used to generate the passphrases.

You can always obtain the latest version by going to:
http://www.madsekci.net/phpPPG/

HISTORY
=======
v0.2  -  03 June 2003  -  Fix: frmAmount wasn't validated
v0.1  -  02 June 2003  -  Initial release

REQUIREMENTS
============
- webserver with PHP support
- This tool / page


Copyright (c) 2003, Tom Claessens (tom@madsekci.net). All rights reserved.


LICENSE 

Redistribution and use in source and binary forms, with or without modification, are permitted provided 
that the following conditions are met: 

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the 
   following disclaimer. 
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and 
   the following disclaimer in the documentation and/or other materials provided with the distribution. 
3. The name of the author may not be used to endorse or promote products derived from this software 
   without specific prior written permission. 

THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 
USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 
IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 

************************************************************************************************************/
// basic configuration
$defaultChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$title = 'phpPPG (php Passphrase Generator)';
$version = '0.2';

// highlight the source code
function highlight($php)
{
    ob_start();
    @highlight_string($php);
    $code = ob_get_contents();
    ob_end_clean();
    
    return $code;
}

// user request a peak into our source..
if ($_GET['source'] == 'show') {
    $script = $_SERVER["SCRIPT_FILENAME"];
    $fp = fopen($script, "r");
    $contents = fread($fp, filesize($script));
    fclose($fp);
    $contents = highlight($contents); 
    echo nl2br($contents);
    exit;
}

// we have to seed the random number generator
mt_srand((double)microtime()*1000000*getmypid());

// rand_passphrase($chars, $length()
// generates the random passphrases
// $chars is the set of characters to use
// $length is the specified length of each passphrase ($length amount of characters)
function rand_passphrase($txtChars, $txtLength)
{
    $txtPassphrase = '';
    while (strlen($txtPassphrase) < $txtLength)
        $txtPassphrase .= substr($txtChars, (mt_rand()%strlen($txtChars)), 1);
    return $txtPassphrase;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type="text/css">
BODY { background-color: #FFFFFF; }
TD.field { vertical-align: top; }
INPUT { font-family: tahoma, arial; font-weight: bold; font-size: 12px; color: #000000; background-color: #CCCCCC; border: 1px solid #000000; }
.info { text-align: justify; width: 600px; }
.generation { width: 700px; border: 0px; padding: 3px; }
.title { font-family: tahoma, arial; font-weight: bold; font-size: 14px; color: #FF6600; }
.text { font-family: tahoma, arial; font-size: 12px; color: #000000; }
.textB { font-family: tahoma, arial; font-weight: bold; font-size: 12px; color: #000000; }
.notice { font-family: tahoma, arial; font-size: 11px; color: #999999; }
.error { font-family: tahoma, arial; font-weight: bold; font-size: 12px; color: #FF0000; }
a { text-decoration: none; font-family: tahoma, arial; font-size: 11px; color: #3366CC; }
a:hover { text-decoration: none; font-family: tahoma, arial; font-size: 11px; color: #FF6600; }
</style>
<title><?php echo $title." v".$version; ?></title>
</head>

<body>
<p><span class="title"><?php echo $title." v".$version; ?></span></p>
<p>
<div class="info">
<span class="text">
This tool was designed to make passphrase generation for encryption 
programs easy. Most encryption tools require a passphrase to provide
encryption. Though I've seen many users around who do not choose strong
passphrases to ensure strong encryption.<br /><br />
phpPPG renders a passphrase for you. You can specify the length of the 
passphrase, the amount of passphrases to create in a single time and 
the characterset that's being used to generate the passphrases.
</span>
</div>
</p>
<p>
<form method="post" action="index.php">
<table class="generation">
<tr>
<td class="field"><span class="textB">length of passphrase(s):</span></td>
<td><input maxlength="2" name="frmLength" size="1" title="The length (amount of characters) of the passphrase(s)" value="<?PHP echo $_POST['frmLength']; ?>" /><br /><span class="notice">(max. length set to 40)</span></td>
</tr>
<tr>
<td class="field"><span class="textB">number of passphrases:</span></td>
<td><input maxlength="2" name="frmAmount" size="1" title="Amount of passphrases to generate" value="<?PHP echo $_POST['frmAmount']; ?>" /><br /><span class="notice">(max. amount set to 50)</span></td>
</tr>
<tr>
<td class="field"><span class="textB">characterset to use:</span></td>
<td><input maxlength="80" name="frmChars" size="78" title="The charset used to generate the passphrases" value="<?PHP if ($_POST['frmChars'] != '') echo $_POST['frmChars']; else echo $defaultChars; ?>" /><br /><span class="notice">(max. characters set to 80)</span></td>
</tr>
<tr>
<td colspan="2"><input name="frmGenerate" title="Generate the passphrases" type="submit" value="Generate!" /></td>
</tr>
</table>
</form>
</p>
<p>
<?PHP
// process a generate request
if ($_POST['frmGenerate']) {
    $txtChars = strip_tags($_POST['frmChars']);
    // if $txtChars is empty, use the default set
    if ($txtChars == '') $txtChars = $defaultChars;
    // check if the specified length is a numeric value (and does not exceed 40 characters
    if ((is_numeric($_POST['frmLength'])) && ($_POST['frmLength'] < 41)) {
        // everything is looking good .. just one last check
        if ((is_numeric($_POST['frmAmount'])) && ($_POST['frmAmount'] < 51)) {
            // ok .. all checks were positive, so generate the passphrases
            for ($i = 1; $i < $_POST['frmAmount'] + 1; $i++) {
                $intLength = $_POST['frmLength'];
                $txtPassphrase = rand_passphrase($txtChars, $intLength);
                // print the passphrases
                echo "<span class=\"text\">".$i.": ".$txtPassphrase."</span>\n<br />";
            }
        } else {
            echo "<span class=\"error\">".
                 "You can only generate 50 passphrases at a time<br />\n".
                 "</span>";
        }
    } else {
        // the length value was not a numeric value or it was higher than 40
            echo "<span class=\"error\">".
                 "The password length needs to be: <br />\n".
                 "- a numeric value<br />\n".
                 "- under 40 characters of length<br /><br />\n".
                 "</span>";
    }
}
?>
</p>
<p><span class="notice">&copy; 2003 Tom Claessens<br /><a href="mailto:tom@madsekci.net">contact</a> | <a href="?source=show">show source</a></span></p>
</body>
</html>