Package com.Ostermiller.util

Class RandPass

java.lang.Object
com.Ostermiller.util.RandPass
public class RandPass extends Object
Generates a random String using a cryptographically secure random number generator.

The alphabet (characters used in the passwords generated) may be specified, and the random number generator can be externally supplied.

Care should be taken when using methods that limit the types of passwords may be generated. Using an alphabet that is too small, using passwords that are too short, requiring too many of a certain type of character, or not allowing repetition, may decrease security.

More information about this class is available from ostermiller.org.

Since:
ostermillerutils 1.00.00
Author:
Stephen Ostermiller https://ostermiller.org/contact.pl?regarding=Java+Utilities

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final char[]
    LETTERS_ALPHABET
    Alphabet consisting of upper and lower case letters A-Z.
    static final char[]
    LOWERCASE_LETTERS_ALPHABET
    Alphabet consisting of the lower case letters A-Z.
    static final char[]
    LOWERCASE_LETTERS_AND_NUMBERS_ALPHABET
    Alphabet consisting of the lower case letters A-Z and the digits 0-9.
    static final char[]
    NONCONFUSING_ALPHABET
    Alphabet consisting of upper and lower case letters A-Z and the digits 0-9 but with characters that are often mistaken for each other when typed removed.
    static final char[]
    NUMBERS_AND_LETTERS_ALPHABET
    Alphabet consisting of upper and lower case letters A-Z and the digits 0-9.
    static final char[]
    PRINTABLE_ALPHABET
    Alphabet consisting of all the printable ASCII characters.
    static final char[]
    SYMBOLS_ALPHABET
    Alphabet consisting of all the printable ASCII symbols.
    static final char[]
    UPPERCASE_LETTERS_ALPHABET
    Alphabet consisting of the upper letters A-Z.
    static final String
    version
    Version number of this program

  • Constructor Summary

    Constructors
    Constructor
    Description
    RandPass()
    Create a new random password generator with the default secure random number generator and default NONCONFUSING alphabet for all characters.
    RandPass(char[] alphabet)
    Create a new random password generator with the default secure random number generator and given alphabet for all characters.
    RandPass(SecureRandom rand)
    Create a new random password generator with the given secure random number generator and default NONCONFUSING alphabet for all characters.
    RandPass(SecureRandom rand, char[] alphabet)
    Create a new random password generator with the given secure random number generator and given alphabet for all characters.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addRequirement(char[] alphabet, int num)
    Require that a certain number of characters from an alphabet be present in generated passwords.
    void
    addVerifier(PasswordVerifier verifier)
    Add a class that will verify passwords.
    String
    getPass()
    Generate a random password of the default length (8).
    String
    getPass(int length)
    Generate a random password of the given length.
    char[]
    getPassChars()
    Generate a random password of the default length (8).
    char[]
    getPassChars(char[] pass)
    Fill the given buffer with random characters.
    char[]
    getPassChars(int length)
    Generate a random password of the given length.
    static void
    main(String[] args)
    Generate a random passwords.
    void
    setAlphabet(char[] alphabet)
    Set the alphabet used by this random password generator.
    void
    setFirstAlphabet(char[] alphabet)
    Set the alphabet used by this random password generator for the first character of passwords.
    void
    setLastAlphabet(char[] alphabet)
    Set the alphabet used by this random password generator for the last character of passwords.
    void
    setMaxRepetition(int rep)
    Set the maximum number of characters that may appear in sequence more than once in a password.
    void
    setRandomGenerator(SecureRandom rand)
    Set the random number generator used by this random password generator.

    Methods inherited from class java.lang.Object

    equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • version

      public static final String version
      Version number of this program
      Since:
      ostermillerutils 1.00.00
      See Also:

    • NUMBERS_AND_LETTERS_ALPHABET

      public static final char[] NUMBERS_AND_LETTERS_ALPHABET
      Alphabet consisting of upper and lower case letters A-Z and the digits 0-9.
      Since:
      ostermillerutils 1.00.00

    • SYMBOLS_ALPHABET

      public static final char[] SYMBOLS_ALPHABET
      Alphabet consisting of all the printable ASCII symbols.
      Since:
      ostermillerutils 1.00.00

    • PRINTABLE_ALPHABET

      public static final char[] PRINTABLE_ALPHABET
      Alphabet consisting of all the printable ASCII characters.
      Since:
      ostermillerutils 1.00.00

    • LOWERCASE_LETTERS_ALPHABET

      public static final char[] LOWERCASE_LETTERS_ALPHABET
      Alphabet consisting of the lower case letters A-Z.
      Since:
      ostermillerutils 1.00.00

    • LOWERCASE_LETTERS_AND_NUMBERS_ALPHABET

      public static final char[] LOWERCASE_LETTERS_AND_NUMBERS_ALPHABET
      Alphabet consisting of the lower case letters A-Z and the digits 0-9.
      Since:
      ostermillerutils 1.00.00

    • LETTERS_ALPHABET

      public static final char[] LETTERS_ALPHABET
      Alphabet consisting of upper and lower case letters A-Z.
      Since:
      ostermillerutils 1.00.00

    • UPPERCASE_LETTERS_ALPHABET

      public static final char[] UPPERCASE_LETTERS_ALPHABET
      Alphabet consisting of the upper letters A-Z.
      Since:
      ostermillerutils 1.00.00

    • NONCONFUSING_ALPHABET

      public static final char[] NONCONFUSING_ALPHABET
      Alphabet consisting of upper and lower case letters A-Z and the digits 0-9 but with characters that are often mistaken for each other when typed removed. (I,L,O,U,V,i,l,o,u,v,0,1)
      Since:
      ostermillerutils 1.00.00

  • Constructor Details

    • RandPass

      public RandPass()
      Create a new random password generator with the default secure random number generator and default NONCONFUSING alphabet for all characters.
      Since:
      ostermillerutils 1.00.00

    • RandPass

      public RandPass(SecureRandom rand)
      Create a new random password generator with the given secure random number generator and default NONCONFUSING alphabet for all characters.
      Parameters:
      rand - Secure random number generator to use when generating passwords.
      Since:
      ostermillerutils 1.00.00

    • RandPass

      public RandPass(char[] alphabet)
      Create a new random password generator with the default secure random number generator and given alphabet for all characters.
      Parameters:
      alphabet - Characters allowed in generated passwords.
      Since:
      ostermillerutils 1.00.00

    • RandPass

      public RandPass(SecureRandom rand, char[] alphabet)
      Create a new random password generator with the given secure random number generator and given alphabet for all characters.
      Parameters:
      rand - Secure random number generator to use when generating passwords.
      alphabet - Characters allowed in generated passwords.
      Since:
      ostermillerutils 1.00.00

  • Method Details

    • main

      public static void main(String[] args) throws Exception
      Generate a random passwords. Run with --help argument for more information.
      Parameters:
      args - Command line arguments.
      Throws:
      Exception - errors
      Since:
      ostermillerutils 1.00.00

    • addRequirement

      public void addRequirement(char[] alphabet, int num)
      Require that a certain number of characters from an alphabet be present in generated passwords.
      Parameters:
      alphabet - set of letters that must be present
      num - number of letters from the alphabet that must be present.
      Since:
      ostermillerutils 1.00.00

    • setAlphabet

      public void setAlphabet(char[] alphabet)
      Set the alphabet used by this random password generator.
      Parameters:
      alphabet - Characters allowed in generated passwords.
      Throws:
      NullPointerException - if the alphabet is null.
      ArrayIndexOutOfBoundsException - if the alphabet has no elements.
      Since:
      ostermillerutils 1.00.00

    • setRandomGenerator

      public void setRandomGenerator(SecureRandom rand)
      Set the random number generator used by this random password generator.
      Parameters:
      rand - Secure random number generator to use when generating passwords.
      Since:
      ostermillerutils 1.00.00

    • setFirstAlphabet

      public void setFirstAlphabet(char[] alphabet)
      Set the alphabet used by this random password generator for the first character of passwords.

      If the alphabet for the first character is set to null or has no elements, the main alphabet will be used for the first character.

      Parameters:
      alphabet - Characters allowed for the first character of the passwords.
      Since:
      ostermillerutils 1.00.00

    • setLastAlphabet

      public void setLastAlphabet(char[] alphabet)
      Set the alphabet used by this random password generator for the last character of passwords.

      If the alphabet for the last character is set to null or has no elements, the main alphabet will be used for the last character.

      Parameters:
      alphabet - Characters allowed for the last character of the passwords.
      Since:
      ostermillerutils 1.00.00

    • setMaxRepetition

      public void setMaxRepetition(int rep)
      Set the maximum number of characters that may appear in sequence more than once in a password. Your alphabet must be large enough to handle this option. If your alphabet is {'a', 'b'} and you want 8 character passwords in which no character appears twice (repetition 1) you are out of luck. In such instances your request for no repetition will be ignored.

      For example setRepetition(3) will allow a password ababab but not allow abcabc.

      Using this method can greatly reduce the pool of passwords that are generated. For example if only one repetition is allowed then the pool of passwords is the permutation of the alphabet rather than the combination.

      Parameters:
      rep - Maximum character repetition.
      Since:
      ostermillerutils 1.00.00

    • getPassChars

      public char[] getPassChars(char[] pass)
      Fill the given buffer with random characters.

      Using this method, the password character array can easily be reused for efficiency, or overwritten with new random characters for security.

      NOTE: If it is possible for a hacker to examine memory to find passwords, the password should be overwritten in memory as soon as possible after i is no longer in use.

      Parameters:
      pass - buffer that will hold the password.
      Returns:
      the buffer, filled with random characters.
      Since:
      ostermillerutils 1.00.00

    • addVerifier

      public void addVerifier(PasswordVerifier verifier)
      Add a class that will verify passwords. No password will be returned unless all verifiers approve of it.
      Parameters:
      verifier - class that performs verification of password.
      Since:
      ostermillerutils 1.00.00

    • getPassChars

      public char[] getPassChars(int length)
      Generate a random password of the given length.

      NOTE: If it is possible for a hacker to examine memory to find passwords, the password should be overwritten in memory as soon as possible after i is no longer in use.

      Parameters:
      length - The desired length of the generated password.
      Returns:
      a random password
      Since:
      ostermillerutils 1.00.00

    • getPassChars

      public char[] getPassChars()
      Generate a random password of the default length (8).

      NOTE: If it is possible for a hacker to examine memory to find passwords, the password should be overwritten in memory as soon as possible after i is no longer in use.

      Returns:
      a random password
      Since:
      ostermillerutils 1.00.00

    • getPass

      public String getPass(int length)
      Generate a random password of the given length.

      NOTE: Strings can not be modified. If it is possible for a hacker to examine memory to find passwords, getPassChars() should be used so that the password can be zeroed out of memory when no longer in use.

      Parameters:
      length - The desired length of the generated password.
      Returns:
      a random password
      Since:
      ostermillerutils 1.00.00
      See Also:

    • getPass

      public String getPass()
      Generate a random password of the default length (8).

      NOTE: Strings can not be modified. If it is possible for a hacker to examine memory to find passwords, getPassChars() should be used so that the password can be zeroed out of memory when no longer in use.

      Returns:
      a random password
      Since:
      ostermillerutils 1.00.00
      See Also: