Mirror of forum.nim-lang.org

6843 :: My First Program With Nim! It's a Password Generator!

• nhuman (orginal) [2020-09-20T18:38:07+02:00] view original

  I've been learning Nim for a week and I finally was able to do something out of it, and I did a password generator written in nim using EFF DiceWare! Any help is appreciated to clean up the code mess and fix bugs. The GH Repo for it is: https://github.com/nyan-64/PassGen

---

• Yardanico (orginal) [2020-09-20T19:15:59+02:00] view original

  Hey! It looks quite cool, but I've noticed that there's a lot of repetition, and I rewrote the password generation logic to be simpler:

  import strutils
  import random
  
  randomize()
  
  echo "Welcome To Nim PassGen v0.3"
  echo "  "
  # Loads the whole password dictionary in memory
  var diceware = readFile("diceware.txt").splitLines()
  
  echo "Generating Your Password..."
  var lines: seq[string]
  
  for x in 1 .. 5:
      var line = rand(1 .. 7776)
      lines.add diceware[line]
  
  var passnum = rand(1 .. 1000)
  let password = lines[0].toUpperAscii & lines[1 .. ^1].join("") & $passnum
  
  echo "DONE!"
  echo "Your Password is ", password
  writeFile("passwd.dat", password)
  Run

  The problem with your original code is that setPosition sets the position by character, not by line, so your first word won't be complete. I fixed it the simplest way - reading the whole file by in memory and splitting by lines to then get the actual random lines. Of course it's not the most efficient since you load the whole file in memory (a more efficient but a bit more verbose way would be to generate all 5 line numbers and then use the lines iterator to get them without loading the whole file in memory)

  If you don't understand something from the code above - feel free to comment.

---

• mratsim (orginal) [2020-09-20T19:24:03+02:00] view original

  Congrats on your first program!

  Important note, you are using random from Nim standard library, it is NOT a CSPRNG (Cryptographically-Secure Random Number Generator).

  You should instead use nimcrypto randomBytes https://github.com/cheatfate/nimcrypto/blob/a065c174/nimcrypto/sysrand.nim#L284-L289 or nim-BearSSL BrHmacDrbgContext (declaration https://github.com/status-im/nim-bearssl/blob/ba5f4687/bearssl/decls.nim#L3665-L3701, usage https://github.com/status-im/nim-eth/blob/484fbcab/eth/keys.nim#L54-L73)

---

• nhuman (orginal) [2020-09-20T19:39:34+02:00] view original

  thanks for helping me(I'm too dumb), I just didn't get lines[1 .. ^1].join("") & $passnum part

---

• Yardanico (orginal) [2020-09-20T19:43:26+02:00] view original

  Well, lines[0] means "get the first element from the lines seq", lines[1 .. ^1] means "get elements from the first until last element" - that's nim slices, see https://nim-lang.org/docs/tut1.html#advanced-types-slices . join("") after that means - join all elements from that slice with "" (empty string) between them, so you'll get a single string from 5 different strings in a seq.

  & $passnum means - concatenate the left side of the & operator with $passnum (which is - get string of the passnum int)

---

• VP8M8 (orginal) [2020-09-23T07:21:09+02:00] view original

  What's the reason why nimcrypto's sysrand isn't part of the standard library? It seems like a good candidate.

---

• Araq (orginal) [2020-09-23T13:39:57+02:00] view original

  The stdlib cannot keep up with crypto, or anything else for that matter. :-)

---

• mratsim (orginal) [2020-09-23T14:03:55+02:00] view original

  The stdlib cannot keep up with crypto

  Anything less than 10 years old is viewed with suspicion and then you need some extra years to standardize.

---