completed SHA256 Support and salted Hash
This commit is contained in:
parent
b150759059
commit
1933241a98
@ -5,23 +5,6 @@ use 5.008;
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
use GPUtils qw(GP_Import);
|
||||
|
||||
## Import der FHEM Funktionen
|
||||
#-- Run before package compilation
|
||||
BEGIN {
|
||||
|
||||
# Import from main context
|
||||
GP_Import(
|
||||
qw(
|
||||
Log3
|
||||
setKeyValue
|
||||
getKeyValue
|
||||
getUniqueId
|
||||
defs
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
### eigene Funktionen exportieren
|
||||
require Exporter;
|
||||
@ -33,23 +16,24 @@ our @EXPORT_OK = qw(
|
||||
getReadPassword
|
||||
setRename
|
||||
);
|
||||
our %EXPORT_TAGS = (ALL => [@EXPORT_OK]);
|
||||
our %EXPORT_TAGS = (
|
||||
ALL => [
|
||||
qw(
|
||||
new
|
||||
setStorePassword
|
||||
setDeletePassword
|
||||
getReadPassword
|
||||
setRename
|
||||
)
|
||||
],
|
||||
);
|
||||
|
||||
|
||||
sub new {
|
||||
my $class = shift;
|
||||
my $self = {
|
||||
name => undef,
|
||||
allowed_haveSha => undef,
|
||||
name => undef,
|
||||
};
|
||||
|
||||
eval { require Digest::SHA; };
|
||||
if($@) {
|
||||
Log3( $hash, 4, qq{password utils: Digest::SHA not found $@});
|
||||
$self->{allowed_haveSha} = 0;
|
||||
} else {
|
||||
$self->{allowed_haveSha} = 1;
|
||||
}
|
||||
|
||||
bless $self, $class;
|
||||
return $self;
|
||||
@ -60,46 +44,16 @@ sub setStorePassword {
|
||||
my $name = shift;
|
||||
my $password = shift;
|
||||
|
||||
my $index = $defs{$name}->{TYPE} . '_' . $name . '_passwd';
|
||||
my $key = getUniqueId() . $index;
|
||||
my $index = $::defs{$name}->{TYPE} . '_' . $name . '_passwd';
|
||||
my ($x,$y) = ::gettimeofday();
|
||||
my $salt = substr(sprintf("%08X", rand($y)*rand($x)),0,8);
|
||||
my $key = ::getUniqueId() . $index . $salt;
|
||||
my $enc_pwd = '';
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
my $plain = ($a[1] eq "basicAuth" ? "$a[2]:$a[3]" : $a[2]);
|
||||
my ($x,$y) = gettimeofday();
|
||||
my $salt = substr(sprintf("%08X", rand($y)*rand($x)),0,8);
|
||||
if ( eval q{use Digest::SHA;1} ) {
|
||||
|
||||
CommandAttr($hash->{CL}, "$a[0] $a[1] SHA256:$salt:".
|
||||
Digest::SHA::sha256_base64("$salt:$plain"));
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
if ( eval q{use Digest::MD5;1} ) {
|
||||
|
||||
$key = Digest::MD5::md5_hex( unpack "H*", $key );
|
||||
$key .= Digest::MD5::md5_hex($key);
|
||||
$key = Digest::SHA::sha256_hex( unpack "H*", $key );
|
||||
$key .= Digest::SHA::sha256_hex($key);
|
||||
}
|
||||
|
||||
for my $char ( split //, $password ) {
|
||||
@ -109,8 +63,8 @@ sub setStorePassword {
|
||||
$key = $encode . $key;
|
||||
}
|
||||
|
||||
my $err;
|
||||
$err = setKeyValue( $index, $enc_pwd );
|
||||
my $err;
|
||||
$err = ::setKeyValue( $index, $salt . $enc_pwd );
|
||||
|
||||
return(undef,$err)
|
||||
if ( defined($err) );
|
||||
@ -123,7 +77,7 @@ sub setDeletePassword {
|
||||
my $name = shift;
|
||||
|
||||
my $err;
|
||||
$err = setKeyValue( $defs{$name}->{TYPE} . '_' . $name . '_passwd', undef );
|
||||
$err = ::setKeyValue( $::defs{$name}->{TYPE} . '_' . $name . '_passwd', undef );
|
||||
|
||||
return(undef,$err)
|
||||
if ( defined($err) );
|
||||
@ -135,27 +89,33 @@ sub getReadPassword {
|
||||
my $self = shift;
|
||||
my $name = shift;
|
||||
|
||||
my $index = $defs{$name}->{TYPE} . '_' . $name . '_passwd';
|
||||
my $key = getUniqueId() . $index;
|
||||
my ( $password, $err );
|
||||
my $index = $::defs{$name}->{TYPE} . '_' . $name . '_passwd';
|
||||
my ( $password, $err, $salt );
|
||||
|
||||
Log3($name, 4, qq{password Keystore handle for Device ($name) - Read password from file});
|
||||
::Log3($name, 4, qq{password Keystore handle for Device ($name) - Read password from file});
|
||||
|
||||
( $err, $password ) = getKeyValue($index);
|
||||
( $err, $password ) = ::getKeyValue($index);
|
||||
|
||||
if ( defined($err) ) {
|
||||
|
||||
Log3($name, 4,
|
||||
::Log3($name, 4,
|
||||
qq{password Keystore handle for Device ($name) - unable to read password from file: $err});
|
||||
|
||||
return (undef,$err);
|
||||
}
|
||||
|
||||
if ( defined($password) ) {
|
||||
if ( eval q{use Digest::MD5;1} ) {
|
||||
if ( defined($password)
|
||||
and $password =~ m{\A(.{8})(.*)\z}xms )
|
||||
{
|
||||
$salt = $1;
|
||||
$password = $2;
|
||||
|
||||
my $key = ::getUniqueId() . $index . $salt;
|
||||
|
||||
$key = Digest::MD5::md5_hex( unpack "H*", $key );
|
||||
$key .= Digest::MD5::md5_hex($key);
|
||||
if ( eval q{use Digest::SHA;1} ) {
|
||||
|
||||
$key = Digest::SHA::sha256_hex( unpack "H*", $key );
|
||||
$key .= Digest::SHA::sha256_hex($key);
|
||||
}
|
||||
|
||||
my $dec_pwd = '';
|
||||
@ -171,7 +131,7 @@ qq{password Keystore handle for Device ($name) - unable to read password from fi
|
||||
}
|
||||
else {
|
||||
|
||||
Log3($name, 4, qq{password Keystore handle for Device ($name) - No password in file});
|
||||
::Log3($name, 4, qq{password Keystore handle for Device ($name) - No password in file});
|
||||
return undef;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user