From ef877f0012d438e6e89e63c53beff67e484fc15e Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Tue, 7 Feb 2023 11:42:19 +0100
Subject: [PATCH] password tool

---
 tools/.gitignore       |  1 +
 tools/genpw.py         | 36 ++++++++++++++++++++++++++++++++++++
 tools/requirements.txt |  1 +
 3 files changed, 38 insertions(+)
 create mode 100644 tools/.gitignore
 create mode 100755 tools/genpw.py
 create mode 100644 tools/requirements.txt

diff --git a/tools/.gitignore b/tools/.gitignore
new file mode 100644
index 0000000..0cafc1c
--- /dev/null
+++ b/tools/.gitignore
@@ -0,0 +1 @@
+.venv/
\ No newline at end of file
diff --git a/tools/genpw.py b/tools/genpw.py
new file mode 100755
index 0000000..42df04c
--- /dev/null
+++ b/tools/genpw.py
@@ -0,0 +1,36 @@
+
+from pbkdf2 import PBKDF2
+from hashlib import sha512
+from base64 import b64encode
+import argparse
+import secrets
+import string
+
+
+parser = argparse.ArgumentParser(description='genpw')
+parser.add_argument('--length', '-l',
+                    help='Length of auto-generated password', 
+                    required=False)
+parser.add_argument('--password', '-p',
+                    help='Password', 
+                    required=False)
+
+args = parser.parse_args()
+length = args.length
+password = args.password
+
+alphabet = string.ascii_letters + string.digits
+iterations = 100000
+
+if (not password):
+    if (not length):
+        raise Exception("Either length or password must be given")
+    password = ''.join(secrets.choice(alphabet) for i in range(int(length)))
+
+salt = secrets.token_bytes(16)
+hash = b64encode(PBKDF2(password, salt, iterations=iterations, digestmodule=sha512).read(64)).decode()
+
+salt_b64 = b64encode(salt).decode()
+
+print(f"{password=}")
+print(f"PBKDF2$sha512${iterations}${salt_b64}${hash}")
diff --git a/tools/requirements.txt b/tools/requirements.txt
new file mode 100644
index 0000000..1566a00
--- /dev/null
+++ b/tools/requirements.txt
@@ -0,0 +1 @@
+pbkdf2==1.3