#!/usr/bin/perl # # singlepass 3.2 # # Copyright 2012-2025 # Paul E. Jones # All Rights Reserved # # This script will generate PINs and passwords given a Single Pass password # and a Service Name. You can pass your password or service name in # via the command-line like this (the brackets indicate the parameter # is optional): # # singlepass [-o ] -p -s # # If any required parameter is not provided, then you will be prompted. # use strict; use utf8; use Getopt::Long; use IO::Prompt; use Digest::SHA qw(hmac_sha256 sha256); sub usage() { print "usage: singlepass [-o ] -p -s \n"; } # # ComputeIndexedHash # # This function will return a string of characters indexed from the # character array "index_chars" given the input string and character set # length. Note the character set length must not be greater than # the length of the index_chars array (62). # sub ComputeIndexedHash { my ($input_string, $char_set_length) = @_; my ($indexed_hash, $digest); my @index_chars = ( '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z' ); if ($char_set_length < 1 || $char_set_length > $#index_chars+1) { die "ComputeIndexedHash() given invalid length: $char_set_length\n"; } # Get the SHA-256 hash of the input string $digest = sha256($input_string); # Produce a 16-character hashed index using the hash bytes $indexed_hash = ""; for(my $i=0; $i < 16; $i++) { my $j = unpack("C", substr($digest, $i, 1)); $indexed_hash .= $index_chars[$j % $char_set_length]; } return $indexed_hash; } # # MAIN # { my ($output_type, $single_password, $service_name, $service_password, $service_pin, $help); # Ensure we input UTF-8 binmode(STDIN, ":encoding(UTF-8)"); # Check for command-line parameters GetOptions("password|p=s" => \$single_password, "service|s=s" => \$service_name, "output|o=s" => \$output_type, "help|\?" => \$help) or die("Invalid command line arguments\n"); if ($help) { usage(); exit(0); } if (length($output_type) > 0 && ($output_type ne "password" && $output_type ne "pin")) { die "Invalid output type\n"; } # Prompt for password and service name if not provided if (length($single_password) == 0) { $single_password = prompt("Single Password: ", -e => "*"); } else { utf8::decode($single_password); } if (length($service_name) == 0) { $service_name = prompt("Service Name: "); } else { utf8::decode($service_name); } # Check for a valid password and service name if ((length($single_password) == 0) || (length($service_name) == 0)) { die "Invalid input provided\n"; } # Compute the service password my $password_input = $single_password . ":" . $service_name; utf8::encode($password_input); $service_password = ComputeIndexedHash($password_input, 62); # Compute the service PIN my $pin_input = $single_password . ":PIN:" . $service_name; utf8::encode($pin_input); $service_pin = substr(ComputeIndexedHash($pin_input, 10), 0, 6); # Show the results if (length($output_type) > 0) { if ($output_type eq "password") { print "$service_password"; } else { print "$service_pin"; } } else { print "Service Password: $service_password\n"; print " Service PIN: $service_pin\n"; } }