com.Ostermiller.util

Class RandPass

java.lang.Object

com.Ostermiller.util.RandPass

public class RandPass
extends java.lang.Object

Generates a random String using a cryptographically secure random number generator.

The alphabet (characters used in the passwords generated) may be specified, and the random number generator can be externally supplied.

Care should be taken when using methods that limit the types of passwords may be generated. Using an alphabet that is too small, using passwords that are too short, requiring too many of a certain type of character, or not allowing repetition, may decrease security.

More information about this class is available from ostermiller.org.

Since:

ostermillerutils 1.00.00

Field Summary

Fields

Modifier and Type	Field and Description
protected char[]	alphabet Set of characters which may be used in the generated passwords.
protected char[]	firstAlphabet Set of characters which may be used for the first character in the generated passwords.
protected static java.util.ResourceBundle	labels Locale specific strings displayed to the user.
protected char[]	lastAlphabet Set of characters which may be used for the last character in the generated passwords.
static char[]	LETTERS_ALPHABET Alphabet consisting of upper and lower case letters A-Z.
static char[]	LOWERCASE_LETTERS_ALPHABET Alphabet consisting of the lower case letters A-Z.
static char[]	LOWERCASE_LETTERS_AND_NUMBERS_ALPHABET Alphabet consisting of the lower case letters A-Z and the digits 0-9.
static char[]	NONCONFUSING_ALPHABET Alphabet consisting of upper and lower case letters A-Z and the digits 0-9 but with characters that are often mistaken for each other when typed removed.
static char[]	NUMBERS_AND_LETTERS_ALPHABET Alphabet consisting of upper and lower case letters A-Z and the digits 0-9.
static char[]	PRINTABLE_ALPHABET Alphabet consisting of all the printable ASCII characters.
protected java.security.SecureRandom	rand Random number generator used.
protected int	repetition One less than the maximum number of repeated characters that are allowed in a password.
static char[]	SYMBOLS_ALPHABET Alphabet consisting of all the printable ASCII symbols.
static char[]	UPPERCASE_LETTERS_ALPHABET Alphabet consisting of the upper letters A-Z.
static java.lang.String	version Version number of this program

Constructor Summary

Constructors

Constructor and Description
RandPass() Create a new random password generator with the default secure random number generator and default NONCONFUSING alphabet for all characters.
RandPass(char[] alphabet) Create a new random password generator with the default secure random number generator and given alphabet for all characters.
RandPass(java.security.SecureRandom rand) Create a new random password generator with the given secure random number generator and default NONCONFUSING alphabet for all characters.
RandPass(java.security.SecureRandom rand, char[] alphabet) Create a new random password generator with the given secure random number generator and given alphabet for all characters.

Method Summary

Modifier and Type	Method and Description
void	addRequirement(char[] alphabet, int num) Require that a certain number of characters from an alphabet be present in generated passwords.
void	addVerifier(PasswordVerifier verifier) Add a class that will verify passwords.
java.lang.String	getPass() Generate a random password of the default length (8).
java.lang.String	getPass(int length) Generate a random password of the given length.
char[]	getPassChars() Generate a random password of the default length (8).
char[]	getPassChars(char[] pass) Fill the given buffer with random characters.
char[]	getPassChars(int length) Generate a random password of the given length.
static void	main(java.lang.String[] args) Generate a random passwords.
void	setAlphabet(char[] alphabet) Set the alphabet used by this random password generator.
void	setFirstAlphabet(char[] alphabet) Set the alphabet used by this random password generator for the first character of passwords.
void	setLastAlphabet(char[] alphabet) Set the alphabet used by this random password generator for the last character of passwords.
void	setMaxRepetition(int rep) Set the maximum number of characters that may appear in sequence more than once in a password.
void	setRandomGenerator(java.security.SecureRandom rand) Set the random number generator used by this random password generator.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

version

public static final java.lang.String version

Version number of this program

Since:

ostermillerutils 1.00.00

See Also:

Constant Field Values

labels

protected static java.util.ResourceBundle labels

Locale specific strings displayed to the user.

Since:

ostermillerutils 1.00.00

NUMBERS_AND_LETTERS_ALPHABET

public static final char[] NUMBERS_AND_LETTERS_ALPHABET

Alphabet consisting of upper and lower case letters A-Z and the digits 0-9.

Since:

ostermillerutils 1.00.00

SYMBOLS_ALPHABET

public static final char[] SYMBOLS_ALPHABET

Alphabet consisting of all the printable ASCII symbols.

Since:

ostermillerutils 1.00.00

PRINTABLE_ALPHABET

public static final char[] PRINTABLE_ALPHABET

Alphabet consisting of all the printable ASCII characters.

Since:

ostermillerutils 1.00.00

LOWERCASE_LETTERS_ALPHABET

public static final char[] LOWERCASE_LETTERS_ALPHABET

Alphabet consisting of the lower case letters A-Z.

Since:

ostermillerutils 1.00.00

LOWERCASE_LETTERS_AND_NUMBERS_ALPHABET

public static final char[] LOWERCASE_LETTERS_AND_NUMBERS_ALPHABET

Alphabet consisting of the lower case letters A-Z and the digits 0-9.

Since:

ostermillerutils 1.00.00

LETTERS_ALPHABET

public static final char[] LETTERS_ALPHABET

Alphabet consisting of upper and lower case letters A-Z.

Since:

ostermillerutils 1.00.00

UPPERCASE_LETTERS_ALPHABET

public static final char[] UPPERCASE_LETTERS_ALPHABET

Alphabet consisting of the upper letters A-Z.

Since:

ostermillerutils 1.00.00

NONCONFUSING_ALPHABET

public static final char[] NONCONFUSING_ALPHABET

Alphabet consisting of upper and lower case letters A-Z and the digits 0-9 but with characters that are often mistaken for each other when typed removed. (I,L,O,U,V,i,l,o,u,v,0,1)

Since:

ostermillerutils 1.00.00

rand

protected java.security.SecureRandom rand

Random number generator used.

Since:

ostermillerutils 1.00.00

repetition

protected int repetition

One less than the maximum number of repeated characters that are allowed in a password. Set to -1 to disable this feature.

Since:

ostermillerutils 1.00.00

alphabet

protected char[] alphabet

Set of characters which may be used in the generated passwords.

This value may not be null or have no elements.

Since:

ostermillerutils 1.00.00

firstAlphabet

protected char[] firstAlphabet

Set of characters which may be used for the first character in the generated passwords.

This value may be null but it must have at least one element otherwise.

Since:

ostermillerutils 1.00.00

lastAlphabet

protected char[] lastAlphabet

Set of characters which may be used for the last character in the generated passwords.

This value may be null but it must have at least one element otherwise.

Since:

ostermillerutils 1.00.00

Constructor Detail

RandPass

public RandPass()

Create a new random password generator with the default secure random number generator and default NONCONFUSING alphabet for all characters.

Since:

ostermillerutils 1.00.00

RandPass

public RandPass(java.security.SecureRandom rand)

Create a new random password generator with the given secure random number generator and default NONCONFUSING alphabet for all characters.

Parameters:

rand - Secure random number generator to use when generating passwords.

Since:

ostermillerutils 1.00.00

RandPass

public RandPass(char[] alphabet)

Create a new random password generator with the default secure random number generator and given alphabet for all characters.

Parameters:

alphabet - Characters allowed in generated passwords.

Since:

ostermillerutils 1.00.00

RandPass

public RandPass(java.security.SecureRandom rand,
                char[] alphabet)

Create a new random password generator with the given secure random number generator and given alphabet for all characters.

Parameters:

rand - Secure random number generator to use when generating passwords.

alphabet - Characters allowed in generated passwords.

Since:

ostermillerutils 1.00.00

Method Detail

main

public static void main(java.lang.String[] args)
                 throws java.lang.Exception

Generate a random passwords. Run with --help argument for more information.

Parameters:

args - Command line arguments.

Throws:

java.lang.Exception - errors

Since:

ostermillerutils 1.00.00

addRequirement

public void addRequirement(char[] alphabet,
                           int num)

Require that a certain number of characters from an alphabet be present in generated passwords.

Parameters:

alphabet - set of letters that must be present

num - number of letters from the alphabet that must be present.

Since:

ostermillerutils 1.00.00

setAlphabet

public void setAlphabet(char[] alphabet)

Set the alphabet used by this random password generator.

Parameters:

alphabet - Characters allowed in generated passwords.

Throws:

java.lang.NullPointerException - if the alphabet is null.

java.lang.ArrayIndexOutOfBoundsException - if the alphabet has no elements.

Since:

ostermillerutils 1.00.00

setRandomGenerator

public void setRandomGenerator(java.security.SecureRandom rand)

Set the random number generator used by this random password generator.

Parameters:

rand - Secure random number generator to use when generating passwords.

Since:

ostermillerutils 1.00.00

setFirstAlphabet

public void setFirstAlphabet(char[] alphabet)

Set the alphabet used by this random password generator for the first character of passwords.

If the alphabet for the first character is set to null or has no elements, the main alphabet will be used for the first character.

Parameters:

alphabet - Characters allowed for the first character of the passwords.

Since:

ostermillerutils 1.00.00

setLastAlphabet

public void setLastAlphabet(char[] alphabet)

Set the alphabet used by this random password generator for the last character of passwords.

If the alphabet for the last character is set to null or has no elements, the main alphabet will be used for the last character.

Parameters:

alphabet - Characters allowed for the last character of the passwords.

Since:

ostermillerutils 1.00.00

setMaxRepetition

public void setMaxRepetition(int rep)

Set the maximum number of characters that may appear in sequence more than once in a password. Your alphabet must be large enough to handle this option. If your alphabet is {'a', 'b'} and you want 8 character passwords in which no character appears twice (repetition 1) you are out of luck. In such instances your request for no repetition will be ignored.

For example setRepetition(3) will allow a password ababab but not allow abcabc.

Using this method can greatly reduce the pool of passwords that are generated. For example if only one repetition is allowed then the pool of passwords is the permutation of the alphabet rather than the combination.

Parameters:

rep - Maximum character repetition.

Since:

ostermillerutils 1.00.00

getPassChars

public char[] getPassChars(char[] pass)

Fill the given buffer with random characters.

Using this method, the password character array can easily be reused for efficiency, or overwritten with new random characters for security.

NOTE: If it is possible for a hacker to examine memory to find passwords, the password should be overwritten in memory as soon as possible after i is no longer in use.

Parameters:

pass - buffer that will hold the password.

Returns:

the buffer, filled with random characters.

Since:

ostermillerutils 1.00.00

addVerifier

public void addVerifier(PasswordVerifier verifier)

Add a class that will verify passwords. No password will be returned unless all verifiers approve of it.

Parameters:

verifier - class that performs verification of password.

Since:

ostermillerutils 1.00.00

getPassChars

public char[] getPassChars(int length)

Generate a random password of the given length.

NOTE: If it is possible for a hacker to examine memory to find passwords, the password should be overwritten in memory as soon as possible after i is no longer in use.

Parameters:

length - The desired length of the generated password.

Returns:

a random password

Since:

ostermillerutils 1.00.00

getPassChars

public char[] getPassChars()

Generate a random password of the default length (8).

NOTE: If it is possible for a hacker to examine memory to find passwords, the password should be overwritten in memory as soon as possible after i is no longer in use.

Returns:

a random password

Since:

ostermillerutils 1.00.00

getPass

public java.lang.String getPass(int length)

Generate a random password of the given length.

NOTE: Strings can not be modified. If it is possible for a hacker to examine memory to find passwords, getPassChars() should be used so that the password can be zeroed out of memory when no longer in use.

Parameters:

length - The desired length of the generated password.

Returns:

a random password

Since:

ostermillerutils 1.00.00

See Also:

getPassChars(int)

getPass

public java.lang.String getPass()

Generate a random password of the default length (8).

NOTE: Strings can not be modified. If it is possible for a hacker to examine memory to find passwords, getPassChars() should be used so that the password can be zeroed out of memory when no longer in use.

Returns:

a random password

Since:

ostermillerutils 1.00.00

See Also:

getPassChars()