Modify generate password

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-08-14 12:40:40 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-08-14 13:24:32 +0200
commit: d8dd2fc39ae329ceefbb1a695579858403705880 (patch)
tree: 7c155e78126b31ee523f3310cdb563ed5480c92b
parent: 19c467dccfd00193a66f1341f068987da7bca14b (diff)
download: Puppet-d8dd2fc39ae329ceefbb1a695579858403705880.tar.gz
Puppet-d8dd2fc39ae329ceefbb1a695579858403705880.tar.zst
Puppet-d8dd2fc39ae329ceefbb1a695579858403705880.zip
2 files changed, 49 insertions, 31 deletions
diff --git a/modules/base_installation/lib/puppet/functions/generate_password.rb b/modules/base_installation/lib/puppet/functions/generate_password.rb
new file mode 100644
index 0000000..0ccd4d6
--- /dev/null
+++ b/modules/base_installation/lib/puppet/functions/generate_password.rb
@@ -0,0 +1,49 @@
+require "base64"
+require "openssl"
+Puppet::Functions.create_function(:generate_password) do
+  dispatch :generate_password do
+    param 'Integer', :size
+    param 'String',  :seed_file
+    param 'String',  :password_key
+    optional_param 'String', :method
+    optional_param 'Boolean', :encode
+    return_type 'String'
+  end
+  def generate_password(size, seed_file, password_key, method = nil, encode = false)
+    key = get_key(seed_file, password_key)
+    case method
+    when nil
+      pass = generate_string(size, key)
+    when "curve25519"
+      pass = generate_string(32, key, binary = true)
+      pass[0] = (pass[0].ord & 248).chr
+      pass[31] = ((pass[31].ord & 127) | 64).chr
+    else
+      raise "Unknown method"
+    end
+    if encode
+      Base64.strict_encode64(pass).strip
+    else
+      pass
+    end
+  end
+  def generate_string(size, key, binary = false)
+    if binary
+      set = (0 .. 255).map { |i| i.chr }
+    else
+      set = ('a' .. 'z').to_a + ('A' .. 'Z').to_a + ('0' .. '9').to_a
+    end
+    size.times.collect do |i|
+      set[OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), key, i.to_s).to_i(16) % set.size]
+    end.join
+  end
+  def get_key(seed_file, password_key)
+    "#{File.open(seed_file).read}:#{password_key}"
+  end
+end
diff --git a/modules/base_installation/lib/puppet/parser/functions/generate_password.rb b/modules/base_installation/lib/puppet/parser/functions/generate_password.rb
deleted file mode 100644
index 384d81b..0000000
--- a/modules/base_installation/lib/puppet/parser/functions/generate_password.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-module Puppet::Parser::Functions
-  newfunction(:generate_password, :type => :rvalue, :doc => <<-EOS
-Returns a semi-random string based on a seed and a value. Will always generate the same value with the same entry.
-Prototype:
-  generate_password(length, seed_file, password_key)
-EOS
-) do |*arguments|
-  arguments = arguments.shift if arguments.first.is_a?(Array)
-  raise Puppet::ParseError, "generate_password(): Wrong number of arguments " +
-    "given (#{arguments.size} for 3)" if arguments.size != 3
-  size = arguments.shift
-  seed_file = arguments.shift
-  password_key = arguments.shift
-  unless size.class.ancestors.include?(Numeric) or size.is_a?(String)
-    raise Puppet::ParseError, 'generate_password(): Requires a numeric first argument'
-  end
-  size = size.to_i
-  set = ('a' .. 'z').to_a + ('A' .. 'Z').to_a + ('0' .. '9').to_a
-  key = "#{File.open(seed_file).read}:#{password_key}"
-  size.times.collect do |i|
-    set[OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), key, i.to_s).to_i(16) % set.size]
-  end.join
-end
-end
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-08-14 12:40:40 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-08-14 13:24:32 +0200
commit	d8dd2fc39ae329ceefbb1a695579858403705880 (patch)
tree	7c155e78126b31ee523f3310cdb563ed5480c92b
parent	19c467dccfd00193a66f1341f068987da7bca14b (diff)
download	Puppet-d8dd2fc39ae329ceefbb1a695579858403705880.tar.gz Puppet-d8dd2fc39ae329ceefbb1a695579858403705880.tar.zst Puppet-d8dd2fc39ae329ceefbb1a695579858403705880.zip

diff --git a/modules/base_installation/lib/puppet/functions/generate_password.rb b/modules/base_installation/lib/puppet/functions/generate_password.rb new file mode 100644 index 0000000..0ccd4d6 --- /dev/null +++ b/modules/base_installation/lib/puppet/functions/generate_password.rb
@@ -0,0 +1,49 @@
		1	require "base64"
		2	require "openssl"
		3
		4	Puppet::Functions.create_function(:generate_password) do
		5	dispatch :generate_password do
		6	param 'Integer', :size
		7	param 'String', :seed_file
		8	param 'String', :password_key
		9	optional_param 'String', :method
		10	optional_param 'Boolean', :encode
		11	return_type 'String'
		12	end
		13
		14	def generate_password(size, seed_file, password_key, method = nil, encode = false)
		15	key = get_key(seed_file, password_key)
		16	case method
		17	when nil
		18	pass = generate_string(size, key)
		19	when "curve25519"
		20	pass = generate_string(32, key, binary = true)
		21	pass[0] = (pass[0].ord & 248).chr
		22	pass[31] = ((pass[31].ord & 127) \| 64).chr
		23	else
		24	raise "Unknown method"
		25	end
		26
		27	if encode
		28	Base64.strict_encode64(pass).strip
		29	else
		30	pass
		31	end
		32	end
		33
		34	def generate_string(size, key, binary = false)
		35	if binary
		36	set = (0 .. 255).map { \|i\| i.chr }
		37	else
		38	set = ('a' .. 'z').to_a + ('A' .. 'Z').to_a + ('0' .. '9').to_a
		39	end
		40
		41	size.times.collect do \|i\|
		42	set[OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), key, i.to_s).to_i(16) % set.size]
		43	end.join
		44	end
		45
		46	def get_key(seed_file, password_key)
		47	"#{File.open(seed_file).read}:#{password_key}"
		48	end
		49	end


diff --git a/modules/base_installation/lib/puppet/parser/functions/generate_password.rb b/modules/base_installation/lib/puppet/parser/functions/generate_password.rb deleted file mode 100644 index 384d81b..0000000 --- a/modules/base_installation/lib/puppet/parser/functions/generate_password.rb +++ /dev/null
@@ -1,31 +0,0 @@
1	module Puppet::Parser::Functions
2	newfunction(:generate_password, :type => :rvalue, :doc => <<-EOS
3	Returns a semi-random string based on a seed and a value. Will always generate the same value with the same entry.
4	Prototype:
5	generate_password(length, seed_file, password_key)
6	EOS
7	) do \|*arguments\|
8	arguments = arguments.shift if arguments.first.is_a?(Array)
9
10	raise Puppet::ParseError, "generate_password(): Wrong number of arguments " +
11	"given (#{arguments.size} for 3)" if arguments.size != 3
12
13	size = arguments.shift
14	seed_file = arguments.shift
15	password_key = arguments.shift
16
17	unless size.class.ancestors.include?(Numeric) or size.is_a?(String)
18	raise Puppet::ParseError, 'generate_password(): Requires a numeric first argument'
19	end
20
21	size = size.to_i
22
23	set = ('a' .. 'z').to_a + ('A' .. 'Z').to_a + ('0' .. '9').to_a
24
25	key = "#{File.open(seed_file).read}:#{password_key}"
26
27	size.times.collect do \|i\|
28	set[OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), key, i.to_s).to_i(16) % set.size]
29	end.join
30	end
31	end