From b39b7cafaa517f288b0c5b7ed4007a5627e79212 Mon Sep 17 00:00:00 2001
From: LoRd_MuldeR <mulder2@gmx.de>
Date: Tue, 8 Feb 2022 22:53:02 +0100
Subject: [PATCH] Small improvement to the password generator.

---
 frontend/src/main.c  |  2 +-
 frontend/src/pwgen.c | 62 +++++++++++++++++++++++++++++++++++++-------
 2 files changed, 54 insertions(+), 10 deletions(-)

diff --git a/frontend/src/main.c b/frontend/src/main.c
index a781d9f..e184d7d 100644
--- a/frontend/src/main.c
+++ b/frontend/src/main.c
@@ -158,7 +158,7 @@ int MAIN(const int argc, CHR *const argv[])
 	/* Parse arguments                                       */
 	/* ----------------------------------------------------- */
 
-	if (argc < 1)
+	if ((argc < 1) || (!argv[0]))
 	{
 		FPUTS(T("Error: Argument array is empty. The program was called incorrectly!\n\n"), stderr);
 		goto clean_up;
diff --git a/frontend/src/pwgen.c b/frontend/src/pwgen.c
index 97968c7..ab285bb 100644
--- a/frontend/src/pwgen.c
+++ b/frontend/src/pwgen.c
@@ -21,6 +21,8 @@
 // Constants
 // ==========================================================================
 
+static const size_t MIX_ROUNDS = 97U;
+
 static const char PASSWD_SYMBOLS[] =
 {
 	'!', '#', '$', '%', '&', '(', ')', '*', '+', ',', '-', '.', '/', '0', '1',
@@ -89,6 +91,18 @@ finish:
 // Passphrase generator
 // ==========================================================================
 
+#define NEXT_RANDOM(OUTVAR,LIMIT) do \
+{ \
+	uint64_t _rnd; \
+	if (slunkcrypt_generate_nonce(&_rnd) != SLUNKCRYPT_SUCCESS) \
+	{ \
+		FPUTS(T("Error: Failed to generate next random number!\n\n"), stderr); \
+		goto clean_up; \
+	} \
+	OUTVAR = (size_t) (_rnd % (LIMIT)); \
+} \
+while (0)
+
 int weak_passphrase(const char *str)
 {
 	unsigned int flags = 0U;
@@ -110,26 +124,50 @@ int weak_passphrase(const char *str)
 int generate_passphrase(const size_t length)
 {
 	int result = EXIT_FAILURE;
+	char *buffer = NULL, *passwd_symbols = NULL;
+	size_t i, j, n, m;
 	const size_t passwd_len = BOUND(SLUNKCRYPT_PWDLEN_MIN, length, SLUNKCRYPT_PWDLEN_MAX);
 
-	char *const buffer = (char*) malloc((passwd_len + 1U) * sizeof(char));
-	if (!buffer)
+	if (!(buffer = (char*) malloc((passwd_len + 1U) * sizeof(char))))
 	{
 		FPUTS(T("Error: Failed to allocate memory buffer!\n\n"), stderr);
-		return EXIT_FAILURE;
+		goto clean_up;
+	}
+
+	if (!(passwd_symbols = (char*) malloc(ARRAY_SIZE(PASSWD_SYMBOLS) * sizeof(char))))
+	{
+		FPUTS(T("Error: Failed to allocate memory buffer!\n\n"), stderr);
+		goto clean_up;
+	}
+
+	for (i = 0U; i < ARRAY_SIZE(PASSWD_SYMBOLS); ++i)
+	{
+		NEXT_RANDOM(j, i + 1U);
+		if (j != i)
+		{
+			passwd_symbols[i] = passwd_symbols[j];
+		}
+		passwd_symbols[j] = PASSWD_SYMBOLS[i];
 	}
 
 	do
 	{
-		for (size_t i = 0U; i < passwd_len; ++i)
+		for (n = 0U; n < passwd_len; ++n)
 		{
-			uint64_t value;
-			if (slunkcrypt_generate_nonce(&value) != SLUNKCRYPT_SUCCESS)
+			for (m = 0U; m < MIX_ROUNDS; ++m)
 			{
-				FPUTS(T("Error: Failed to generate next random number!\n\n"), stderr);
-				goto clean_up;
+				for (i = ARRAY_SIZE(PASSWD_SYMBOLS) - 1U; i > 0; --i)
+				{
+					NEXT_RANDOM(j, i + 1U);
+					if (j != i)
+					{
+						const char tmpval = passwd_symbols[i];
+						passwd_symbols[i] = passwd_symbols[j];
+						passwd_symbols[j] = tmpval;
+					}
+				}
 			}
-			buffer[i] = PASSWD_SYMBOLS[value % ARRAY_SIZE(PASSWD_SYMBOLS)];
+			buffer[n] = passwd_symbols[0U];
 		}
 		buffer[passwd_len] = '\0';
 	}
@@ -147,5 +185,11 @@ clean_up:
 		free(buffer);
 	}
 
+	if (passwd_symbols)
+	{
+		slunkcrypt_bzero(passwd_symbols, ARRAY_SIZE(PASSWD_SYMBOLS) * sizeof(char));
+		free(passwd_symbols);
+	}
+
 	return result;
 }