1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
#! /usr/bin/php
<?php
// Create a line with obfuscated credentials meant to be used in a file given to
// Mosquitto MQTT broker's password_file option (mosquitto.conf(5),
// https://mosquitto.org/man/mosquitto-conf-5.html) and thus compatible with the
// mosquitto_passwd utility (mosquitto_passwd(1),
// https://mosquitto.org/man/mosquitto_passwd-1.html).
// Based on a question & thread in the Mosquitto mailing list, see blog post;
// https://mikini.dk/2017/01/generating-passwords-for-mosquitto-mqtt-broker-using-php
if ($argc >= 3) {
echo ("Add the obfuscated line below to Mosquitto's password file to authenticate with the provided credentials:\n\n");
echo (mosquitto_password($argv[1], $argv[2])."\n");
}
else {
echo("ERROR: Supply username and password as arguments in that order.\n");
}
function mosquitto_password($username, $password) {
$salt_base64 = base64_encode(openssl_random_pseudo_bytes(12));
// $salt_base64="mfJ0Eq3rIDLKG33r"; // example salt used in blog post
$salt = base64_decode($salt_base64);
$hash = hash("sha512", $password.$salt, true);
$hash_base64 = base64_encode($hash);
return($username.":$6$".$salt_base64."$".$hash_base64);
}
?>