bootstrapconfig

This commit is contained in:
Mikaël Cluseau 2022-03-28 18:36:44 +02:00
parent cfb325908f
commit d355a146c5
3 changed files with 119 additions and 0 deletions

61
bootstrapconfig/config.go Normal file
View File

@ -0,0 +1,61 @@
package bootstrapconfig
type Config struct {
AntiPhishingCode string `json:"anti_phishing_code"`
Keymap string
Modules string
Auths []Auth
Networks []struct {
Name string
Interfaces []struct {
Var string
N int
Regexps []string
}
Script string
}
LVM []LvmVG
Bootstrap Bootstrap
}
type Auth struct {
Name string
SSHKey string `yaml:"sshKey"`
Password string `yaml:"password"`
}
type LvmVG struct {
VG string
PVs struct {
N int
Regexps []string
}
Defaults struct {
FS string
Raid *RaidConfig
}
LVs []struct {
Name string
Crypt string
FS string
Raid *RaidConfig
Size string
Extents string
}
}
type RaidConfig struct {
Mirrors int
Stripes int
}
type Bootstrap struct {
Dev string
Seed string
}

View File

@ -0,0 +1,46 @@
package bootstrapconfig
import (
"crypto/rand"
"crypto/sha512"
"encoding/base64"
"strings"
"golang.org/x/crypto/pbkdf2"
)
var (
encoding = base64.RawStdEncoding
)
func PasswordHashFromSeed(seed, pass []byte) string {
h := pbkdf2.Key(pass, seed, 2048, 32, sha512.New)
return encoding.EncodeToString(h)
}
func PasswordHash(pass []byte) (hashedPassWithSeed string) {
seed := make([]byte, 10) // 8 bytes min by the RFC recommendation
_, err := rand.Read(seed)
if err != nil {
panic(err) // we do not expect this to fail...
}
return JoinSeedAndHash(seed, PasswordHashFromSeed(seed, pass))
}
func JoinSeedAndHash(seed []byte, hash string) string {
return encoding.EncodeToString(seed) + ":" + hash
}
func CheckPassword(hashedPassWithSeed string, pass []byte) (ok bool) {
parts := strings.SplitN(hashedPassWithSeed, ":", 2)
encodedSeed := parts[0]
encodedHash := parts[1]
seed, err := encoding.DecodeString(encodedSeed)
if err != nil {
return false
}
return encodedHash == PasswordHashFromSeed(seed, pass)
}

View File

@ -0,0 +1,12 @@
package bootstrapconfig
import "fmt"
func ExamplePasswordHash() {
seed := []byte("myseed")
hash := PasswordHashFromSeed(seed, []byte("mypass"))
fmt.Println(JoinSeedAndHash(seed, hash))
// Output:
// bXlzZWVk:HMSxrg1cYphaPuUYUbtbl/htep/tVYYIQAuvkNMVpw0
}