~mikini/hometools

ref: da42685449e49281b1a5c05c2946c38f325a9202 hometools/mosquitto_passwd.php -rwxr-xr-x 1.3 KiB
da426854 — Mikkel Kirkgaard Nielsen Cleanup to aid usage on cmd line and in scripts 3 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#! /usr/bin/php
<?php

// Create a line with obfuscated credentials meant to be used in a file given to
// Mosquitto MQTT broker's password_file option (mosquitto.conf(5),
// https://mosquitto.org/man/mosquitto-conf-5.html) and thus compatible with the
// mosquitto_passwd utility (mosquitto_passwd(1),
// https://mosquitto.org/man/mosquitto_passwd-1.html).

// Based on a question & thread in the Mosquitto mailing list, see blog post;
// https://mikini.dk/2017/01/generating-passwords-for-mosquitto-mqtt-broker-using-php

if ($argc >= 3) {
    fwrite(STDERR, "Add the obfuscated line below to Mosquitto's password file to authenticate with the provided credentials:\n\n");
    fwrite(STDOUT, mosquitto_password($argv[1], $argv[2])."\n");
    exit(0);
}
else {
    fwrite(STDERR, "ERROR: Supply username and password as arguments: " . $argv[0] . " <username> <password>\n");
    exit(1);
}

function mosquitto_password($username, $password) {
    $salt_base64 = base64_encode(openssl_random_pseudo_bytes(12));
//    $salt_base64="mfJ0Eq3rIDLKG33r"; // example salt used in blog post
    $salt = base64_decode($salt_base64);
    $hash = hash("sha512", $password . $salt, true);
    $hash_base64 = base64_encode($hash);
    return($username.":$6$".$salt_base64."$".$hash_base64);
}
?>