/certificate scep-server otp print
# PASSWORD EXPIRES USED
0 677d57c658119f4f8804 0s no
1 bd4a331ef703af86d1ac 0s no
2 7bcc23c0b21d3628154b 0s no
3 9004db9d316482e341a4 0s no
4 3347c7c2465cd6696fc4 0s no
5 cfeb7c719712b1fda4cd 0s no
:put [pick ([/certificate scep-server otp generate minutes-valid=1 as-value]->"password") 0 8]
{
:local hash ([/certificate scep-server otp generate minutes-valid=0 as-value]->"password");
/certificate scep-server otp remove [:find $hash];
:local pwd [:pick $hash 0 8];
:put $pwd;
}
# generate password:
{
:set $pwdLength 10;
# From this string the password is formed.
:set $pwdComposedOff "!&()*+/0123456789:;<=>@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]abcdefghijklmnopqrstuvwxyz{}";
:set $pwdLoops ((255 + [:len $pwdComposedOff]) / [:len $pwdComposedOff]);
:for i from=1 to=$pwdLoops do={:set $multipliedString "$multipliedString$pwdComposedOff";};
/certificate scep-server otp
# Generate enoug times hash to have enough characters for the password (x2).
:for i from=1 to=((10 + ($pwdLength-1)) / 10) do={:set $hash "$hash$([generate minutes-valid=0 as-value]->"password")";};
# Group them each time in pairs. Substracting 1 because i starts a zero.
:for i from=0 to=(($pwdLength * 2)-1) step=2 do={ \
:set $hex "0x$[:pick $hash $i ($i+2)]";
:set $pwdString "$pwdString$[:pick $multipliedString ($hex-1) ($hex)]";
};
:put "Generated password: $pwdString; with a length of $pwdLength";
/}
# generate password:
{
:set $pwdLength 5
# From this string the password is formed.
:set $pwdComposedOff "!&()*+/0123456789:;<=>@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]abcdefghijklmnopqrstuvwxyz{}"
:set $pwdLoops ((255 + [:len $pwdComposedOff]) / [:len $pwdComposedOff])
:for i from=1 to=$pwdLoops do={
:set $multipliedString "$multipliedString$pwdComposedOff"
}
/certificate scep-server otp
# Generate enoug times hash to have enough characters for the password (x2).
:for i from=1 to=((10 + ($pwdLength-1)) / 10) do={
:set $hash "$hash$([generate minutes-valid=0 as-value]->"password")"
}
# Group them each time in pairs. Substracting 1 because i starts a zero.
:for i from=0 to=(($pwdLength * 2)-1) step=2 do={
:set $hex "0x$[:pick $hash $i ($i+2)]"
:set $pwdString "$pwdString$[:pick $multipliedString ($hex-1) ($hex)]"
}
:put "Generated password: \"$pwdString\" with a length of $pwdLength"
}
Code has become outdated and is removed
Code has become outdated and is removed.
# generate password and it locally stored (function and variables)
{
:local genpassword do={ \
:local arrayString [:toarray ""];
# Sets the length of the password
:if ([:typeof [:tonum $1]]="nil") do={:set $pwdLength 10} else={:set $pwdLength $1}
# When no length is stated shift the parameters to their expected place when stated
:if ([:typeof [:tonum $1]]="nil") do={:set $4 $3; :set $3 $2; :set $2 $1; :set $1}
# From these strings the password is formed. They are stored in a array.
:set ($arrayString->"default") "!&()*+/0123456789:;<=>@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]abcdefghijklmnopqrstuvwxyz{}"
:set ($arrayString->"letters") "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
:set ($arrayString->"pin") "0123456789" ; :set ($arrayString->"numbers") "0123456789"
:set ($arrayString->"special") "!&()*+/:;<=>@[]{}"
:set ($arrayString->"mixed") "67KODNoI10H>4c:b29RdG{kreA<yBtJWwfvzZUFPs;@gjEV&8n}C5hMSx(TQ3!mi/]aLul*+pX[=Yq)"
:set ($arrayString->"mixedletters") "ogcxNhEwfMDeJAbUuQYZmITCBXLjVWdlFrtsPzqOKGHvySRikpna";
:set ($arrayString->"mixednumbers") "8923176504" ; :set ($arrayString->"mixednumbers") "8923176504"
:set ($arrayString->"mixedspecial") "[]*/{+};!>:=<(@)&"
# Select the string(s) used to generate the password from. If no string provided select the first in array.
:if ([:typeof $2] ~ "(nothing|nil)") do={ \
:set $pwdComposedOf (get [$arrayString as-value]->"default"); } \
else={ \
:foreach labelName in={$2;$3;$4} do={:set $pwdComposedOf "$pwdComposedOf$(get [$arrayString as-value]->$labelName)"}
# Check if the parameters are matching the key(s) of the array. $compareLabel is adaptive to the number of strings.
:foreach label,dummy in=$arrayString do={:if ($label ~ "(mixed)") do={} else={:set $compareLabel "$compareLabel$label|"}}
:set $compareLabel "$[:pick $compareLabel 0 ([:len $compareLabel]-1)]"; :set $compareLabel "($compareLabel)"
:foreach varname in={"$2"; "$3"; "$4"} do={:if ($varname ~ $compareLabel || [:typeof $varname]~"(nothing|nil)") do={} else={:set $pwdComposedOf ""}}
}; # if ([typeof $2]....
# Only generate a password when there is a string present in $pwdComposedOf. Else throw an on-error. It not a perfect check.
:if ([:len $pwdComposedOf] > 0) do={ \
# Change to the OTP generator page.
/certificate scep-server otp
# Generate enough times hash to have enough characters to fit the password (x2).
:for i from=1 to=(($pwdLength + 9) / 10) do={:set $hash "$hash$([generate minutes-valid=0 as-value]->"password")"}
# Group them each time in pairs. Substracting 1 because it starts a zero.
:for i from=0 to=(($pwdLength * 2)-1) step=2 do={ \
:set $hex "0x$[:pick $hash $i ($i+2)]"
:set $hex (($hex * 1000000000) / (255000000000 / ([:len $pwdComposedOf]))); # Times 1000000000 to increase calculating accuracy. @no-decimals
:set $pwdString "$pwdString$[:pick $pwdComposedOf ($hex) ($hex+1)]"
}; # for i
:put "Generated password: $pwdString with a length of $pwdLength"
:set $pwdString; # clears generated password from memory.
:do {:for i from=0 to=60 do={remove numbers=$i}} on-error={}
} \
else={ \
:foreach label,dummy in=$arrayString do={:set $parameters "$parameters$label, "}
:set $parameters [:pick $parameters 0 ([:len $parameters]-2)]
:error "\r\nInvalid parameter(s) used. No password generated. Valid parameters are:\r\n$parameters" }
}; # :local genpassword (function)
$genpassword 10 default
}
:set ($arrayString->"mixedpin") "8923176504" ; :set ($arrayString->"mixednumbers") "8923176504"
Thanks, I think I will do away with static mixed and replace that by dynamic mixing on each call only for the type actually used.Should line 17 be like this?("mixednumbers" -> "mixedpin")Code: Select all:set ($arrayString->"mixedpin") "8923176504" ; :set ($arrayString->"mixednumbers") "8923176504"
:local createOTPHash [/certificate scep-server otp; ([generate minutes-valid=0 as-value]->"password") [:foreach i in=[find -1] do={:set $lastHash $i}; :do {remove $lastHash} on-error={}]];