/*
 * Copyright (c) 2003 Gianni Tedesco <gianni at scaramanga dot co dot uk>
 * This program is free software; Distributed under the terms of the GNU GPL v2.
 *
 * TODO:
 *  o Don't discard quite so much entropy
 *  o Configurable character set for output
 *  o Calculate actual entropy in password
 *
 * ChangeLog:
 *  2003-10-28
 *   o Use /dev/random
 *   o Fix bugs regarding number of random characters read
 *   o Fix bug in length randomization
 *   o Fix signedness bug in length calculation
 *   o Check result of read system call
 *   o Check for '\0' in passwords
 */

#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
#include <ctype.h>

/* File to read entropy from */
#define RANDOM_DEV "/dev/random"

/* Minimum length of password */
#define MIN_LEN 10

/* Maximum variation on the length  */
#define MAX_RAND 10

#define HACK_DETECTION 1024

/* Input buffer */
static char buf[1024];

/* Output buffer */
static char buf2[MAX_RAND+MIN_LEN+1];

int main (int argc, char **argv)
{
	int fd;
	int ret;
	int i;
	int c=0;
	int trys=0;
	unsigned int r;
	
	if ( (fd=open(RANDOM_DEV, O_RDONLY))<0 ) {
		perror("open()");
		return 1;
	}

again:
	if ( trys++ > HACK_DETECTION ) {
		fprintf(stderr, "Someone if fucking with your entropy "
				"source dude\n");
		return 1;
	}

	/* Read some entropy */
	ret=read(fd, buf, sizeof(buf));
	if ( ret < 0 ) {
		perror("read()");
		close(fd);
		return 1;
	}

	/* Pull out the usable characters, save 1 byte for length
	 * randomization
	 */
	for(i=0; c < sizeof(buf2) && i < (ret-1); i++)
	{
		if ( buf[i] && isprint(buf[i]) && !isspace(buf[i]))
			buf2[c++]=buf[i];
	}

	/* Make sure we got enough */
	if ( c < MIN_LEN )
		goto again;

	/* Modulate the length at most MAX_RAND above MIN_LEN */
	buf2[sizeof(buf2)-1] = '\0';
	r = (unsigned char)buf[ret-1] % MAX_RAND;
	r += MIN_LEN;
	buf2[r] = '\0';

	/* Print the motherfucker */
	printf("%s\n", buf2);
	
	close(fd);
	return 0;
}