#!/usr/bin/perl -w
# gepikt from <http://www.openldap.org/lists/openldap-software/200203/msg00527.html>
# by alain rykaert - sep2010

# crypt1, crypt2, md5, smd5, sha, ssha
my $password_format = "ssha";

use strict;

my ($password,$encpass);

die "\n. usage: $0 password format\n\n" if ! $ARGV[0];
$password = $ARGV[0];
$password_format = $ARGV[1];

$encpass = &encrypt_password($password);
if ($encpass) { print "$encpass\n"; }
else { print "! error: blank encpass return!?\n"; }

sub encrypt_password {
        my $pass=$_[0];
        my ($cryptdpass);
        $password_format = 'crypt1' if ! $password_format;
	$password_format = lc($password_format);
        if ($password_format eq 'crypt1') { $cryptdpass = &password_crypt1($pass); }
        elsif ($password_format eq 'crypt2') { $cryptdpass = &password_crypt2($pass); }
        elsif ($password_format eq 'md5') { $cryptdpass = &password_md5($pass); }
        elsif ($password_format eq 'smd5') { $cryptdpass = &password_smd5($pass); }
        elsif ($password_format eq 'sha') { $cryptdpass = &password_sha($pass); }
        elsif ($password_format eq 'ssha') { $cryptdpass = &password_ssha($pass); }
        return($cryptdpass);
}

sub password_crypt1 {
        my $pass=$_[0];
        my ($cryptdpass,$salt);
        $salt = &get_salt;
        $cryptdpass = '{CRYPT}' . crypt($pass,$salt);
        return($cryptdpass);
}

sub password_crypt2 {
        my $pass=$_[0];
        use Crypt::PasswdMD5;
        my ($cryptdpass,$salt);
        $salt = &get_salt;
        $cryptdpass = '{MD5}' . unix_md5_crypt($pass,$salt);
        return($cryptdpass);
}

sub password_md5 {
        my $pass=$_[0];
        use Digest::MD5;
        use MIME::Base64;
        my ($hashedPasswd);
        my $ctx = Digest::MD5->new;
        $ctx->add($pass);
        $hashedPasswd = '{MD5}' . encode_base64($ctx->digest,'');
        return($hashedPasswd);
}

sub password_smd5 {
        my $pass=$_[0];
        use Digest::MD5;
        use MIME::Base64;
        my ($hashedPasswd,$salt);
        $salt = &get_salt;
        my $ctx = Digest::MD5->new;
        $ctx->add($pass);
        $ctx->add($salt);
        $hashedPasswd = '{SMD5}' . encode_base64($ctx->digest . $salt,'');
        return($hashedPasswd);
}

sub password_sha {
        my $pass=$_[0];
        use Digest::SHA1;
        use MIME::Base64;
        my ($hashedPasswd);
        my $ctx = Digest::SHA1->new;
        $ctx->add($pass);
        $hashedPasswd = '{SHA}' . encode_base64($ctx->digest,'');
        return($hashedPasswd);
}

sub password_ssha {
        my $pass=$_[0];
        use Digest::SHA1;
        use MIME::Base64;
        my ($hashedPasswd,$salt);
        $salt = &get_salt8;
        my $ctx = Digest::SHA1->new;
        $ctx->add($pass);
        $ctx->add($salt);
        $hashedPasswd = '{SSHA}' . encode_base64($ctx->digest . $salt,'');
        return($hashedPasswd);
}

sub get_salt {
        my $rands = substr(time(),-4);
        my $salt = ('a'..'z')[int(($rands/100)%26)];
        $salt .= ('a'..'z')[int(($rands%100)%26)];
        return($salt);
}

sub get_salt8 {
        my $salt = join '', ('a'..'z')[rand 26,rand 26,rand 26,rand 26,rand 26,rand 26,rand 26,rand 26];
        return($salt);
}