]>
Commit | Line | Data |
---|---|---|
d8dd2fc3 IB |
1 | require "base64" |
2 | require "openssl" | |
3 | ||
4 | Puppet::Functions.create_function(:generate_password) do | |
5 | dispatch :generate_password do | |
6 | param 'Integer', :size | |
7 | param 'String', :seed_file | |
8 | param 'String', :password_key | |
9 | optional_param 'String', :method | |
10 | optional_param 'Boolean', :encode | |
11 | return_type 'String' | |
12 | end | |
13 | ||
14 | def generate_password(size, seed_file, password_key, method = nil, encode = false) | |
15 | key = get_key(seed_file, password_key) | |
16 | case method | |
17 | when nil | |
18 | pass = generate_string(size, key) | |
19 | when "curve25519" | |
20 | pass = generate_string(32, key, binary = true) | |
21 | pass[0] = (pass[0].ord & 248).chr | |
22 | pass[31] = ((pass[31].ord & 127) | 64).chr | |
23 | else | |
24 | raise "Unknown method" | |
25 | end | |
26 | ||
27 | if encode | |
28 | Base64.strict_encode64(pass).strip | |
29 | else | |
30 | pass | |
31 | end | |
32 | end | |
33 | ||
34 | def generate_string(size, key, binary = false) | |
35 | if binary | |
36 | set = (0 .. 255).map { |i| i.chr } | |
37 | else | |
38 | set = ('a' .. 'z').to_a + ('A' .. 'Z').to_a + ('0' .. '9').to_a | |
39 | end | |
40 | ||
41 | size.times.collect do |i| | |
42 | set[OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), key, i.to_s).to_i(16) % set.size] | |
43 | end.join | |
44 | end | |
45 | ||
46 | def get_key(seed_file, password_key) | |
47 | "#{File.open(seed_file).read}:#{password_key}" | |
48 | end | |
49 | end |