Given a set of requirements, e.g. a password rules string (#19), but no other options, generate an appropriately strong but user-friendly password.

The API will be able to select from all available generators depending on the complexity of the requirements.

As a Go module is now defined, the README file must be updated to remove outdated information that tells to use govendor.

See https://pkg.go.dev/go.1password.io/spg/cmd/opgen : no package documentation that tells how to use the program.

The wordlist generator should be able to produce passwords with multiple "chunks" (words or syllables) between each separator.

It should be possible to randomly replace a single character at the beginning or end of a syllable with a digit, similar to the existing capitalization schemes.

• randomInt32() gets 8 bytes of random for a 32 bit int.

  spg/util.go

  Line 44 in 5a36bf7

  b := make([]byte, 8)

• int31n() gets a random uint32 [0, 2**32). When n is not a power of 2, max is at most 2**31-2. This has a >25% to <50% vs a >50% to <100% chance of success each loop. To fix this mask the random v := randomInt32() & math.MaxInt32.

• spg/util.go

  Lines 82 to 95 in 5a36bf7

  	func int31n(n uint32) uint32 {
  	if n <= 0 {
  	panic("invalid argument to int31n")
  	}
  	if n&(n-1) == 0 { // n is power of two, can mask
  	return randomInt32() & (n - 1)
  	}
  	max := uint32((1 << 31) - 1 - (1<<31)%uint32(n))
  	v := randomInt32()
  	for v > max {
  	v = randomInt32()
  	}
  	return v % n
  	}

  if int31n() is called with n > 2**31 it is not uniform. This bug was caused by switching n from int32 to uint32. Switch n back, do if int32(n) <= 0 { panic..., or rename to uint32n() and fix max (see https://github.com/Sc00bz/ModRandom/blob/a2cd9247a0dcb0183ec6305574b5696f51186540/csprng-cpp/csprng.cpp#L259-L284).

Many sites which require at least one symbol also require at least one digit. We can meet this requirement in an elegant and user-friendly way by adding a separator function to the wordlist generator which selects from digits and symbols.

Sample passwords might look like:

Digh@down2booy8thuf
Rak_kac1skop.juth

Care must be taken to not generate separators which are all symbols or all digits. A password with n "chunks" where n > 2 should have at least one symbol and at least one digit.

Currently, our default is symbol set is "!#%)*+,-.:=>?@]^_}~". We should reduce that dramatically to those things that are going to be most widely accepted.

Note that in the past, @robyoder made recommendations along these lines, as has @mitchchn. @dteare has expressed interest.

In broader terms, I did try to encourage a broader open project to build upon work that has been going on.

Related issue #5

After merging #6 we have the following

func randomUint32n(n uint32) uint32 {
	if n <= 1 {
		return 0
	}

which seems wrong to me (and @Sc00bz). 0 is a possible return value when randomUint32n() is called with sane values (such as 1). But when n < 1, we are doing the equivalent of division by zero.

Because this isn't an exported function, we have some freedom here.

1. We can keep the convenient current behavior, even if it is semantically peculiar as long as we are careful not to rely on it.
2. We can panic. This is annoying for something that is called as a library, but there are times when you do want libraries to panic
3. We can report an error. That is make this return both an int and an error state. This is annoying because it would complicate all of the places it is called.

I can be persuaded to go with any of those.

/cc @Sc00bz @robyoder @mitchchn

We like Apple's syllable password generator, which produces 20-char passwords like wyvve4-jixzyH-rivkej. We should add a new recipe type that can produce passwords like that given a character length.

Right now, our word list generator only supports a word count, and since the words are different sizes, there is no guarantee about the actual length of the passphrase, but the entropy is guaranteed. With syllables that are all the same size (#17), we can be more creative in how we combine them (#18) and can generate a syllable password given any requested character length.

There are other things we may want to do for syllable passwords that we wouldn't want to do for word list passwords, like insert a random digit or symbol (#16), that would cause these two use cases to further diverge.

We should be able to produce a recipe from a password rules string. Both the character and wordlist generators could support this, returning an error if the supplied requirements are outside the constraints of the generator.

I see a branch release/v0.2.0 that indicates that a release process is in progress.

@jpgoldberg Could you create a real tag v0.2.0 for a true release that the Go toolchain could see?

https://pkg.go.dev/go.1password.io/spg?tab=versions

$ git tag -a v0.2.0
$ git push --tags

It appears that adding "ambiguous" to the allow flag in the command-line has no effect.

$ opgen characters -allow=uppercase,lowercase,digits,ambiguous -length=20 -entropy
115.63
$ opgen characters -allow=uppercase,lowercase,digits -length=20 -entropy
115.63

And we can see that with "ambiguous" we don't get any ambiguous characters

$ for i in {1..100}; do opgen characters -allow=uppercase,lowercase,digits,ambiguous -length=50 ; done | grep '[1I05Sl]'
$

So no ambiguous characters appeared in 100 50 character passwords for which "ambiguous" was listed as allowed.

Note that this appears to be a problem with the CLI only.

It is much easier to work with syllables of a regular length, e.g. 3 characters each.

@Sc00bz's fix #8, fixes an off by one bug in the use of the CSAll and CSRandom capitalization schemes.

I've started adding tests for this. And the current code is, indeed, failing a test of CSAll.

--- FAIL: TestWLCapAll (0.00s)
    wordlist_test.go:294: "pondered Dreary Many While Once" doesn't match ^(?:\p{Lu}\pL+)\Q \E(?:(?:\p{Lu}\pL+)\Q \E){4}(?:\p{Lu}\pL+)$
    wordlist_test.go:299: 1 lowercase words in "pondered Dreary Many While Once". Expected 0
    wordlist_test.go:303: 4 uppercase words in "pondered Dreary Many While Once". Expected 5

A test for CSRandom is statistical in nature, so may have to wait.

$ go run go.1password.io/spg/cmd/[email protected]
Usage of /var/folders/7b/5rfj3bgs3tj34c6f2jy8h39w0000gn/T/go-build4052941408/b001/exe/opgen:
$ go run go.1password.io/spg/cmd/[email protected] -help
Usage of /var/folders/7b/5rfj3bgs3tj34c6f2jy8h39w0000gn/T/go-build4052941408/b001/exe/opgen:
$ go run go.1password.io/spg/cmd/[email protected] help

opgen characters [--length=<n>] [--allow=<characterclasses>]
				[--exclude=<characterclasses>] [--require=<characterclasses>]
				[--entropy]

	--length    generate a password <n> characters in length (default: 20)
	--allow     allow characters from <characterclasses> (default: all)
	--exclude   exclude all characters from <characterclasses> regardless of
					other settings (default: ambiguous)
	--require   require at least one character from <characterclasses>
					(default: none)
	--entropy   show the entropy of the password recipe

	<characterclasses>: uppercase, lowercase, digits, symbols, ambiguous

opgen words [--list=<wordlist> | --file=<wordlistfile>] [--size=<n>]
				[--separator=<separatorclass>] [--capitalize=<scheme>]
				[--entropy]

	--list         use built-in <wordlist> (default: words)
	--file         use a wordlist file at the specified path
	--size         generate a password with <n> elements (default: 4)
	--separator    separate components with <separatorclass> (default: hyphen)
	--capitalize   capitalize password according to <scheme> (default: none)
	--entropy      show the entropy of the password recipe

	<wordlist>: words, syllables
	<separatorclass>: hyphen, space, comma, period, underscore, digit, none
	capitalization <scheme>: none, first, all, random, one
	
exit status 2

Expected behavior: running the program without any argument or with any argument starting with '-' should show the full usage.