bootstrapconfig
This commit is contained in:
Mikaël Cluseau
parent
cfb325908f
commit
d355a146c5
61
bootstrapconfig/config.go
Normal file
61
bootstrapconfig/config.go
Normal file
@ -0,0 +1,61 @@
|
||||
package bootstrapconfig
|
||||
|
||||
type Config struct {
|
||||
AntiPhishingCode string `json:"anti_phishing_code"`
|
||||
|
||||
Keymap string
|
||||
Modules string
|
||||
|
||||
Auths []Auth
|
||||
|
||||
Networks []struct {
|
||||
Name string
|
||||
Interfaces []struct {
|
||||
Var string
|
||||
N int
|
||||
Regexps []string
|
||||
}
|
||||
Script string
|
||||
}
|
||||
|
||||
LVM []LvmVG
|
||||
Bootstrap Bootstrap
|
||||
}
|
||||
|
||||
type Auth struct {
|
||||
Name string
|
||||
SSHKey string `yaml:"sshKey"`
|
||||
Password string `yaml:"password"`
|
||||
}
|
||||
|
||||
type LvmVG struct {
|
||||
VG string
|
||||
PVs struct {
|
||||
N int
|
||||
Regexps []string
|
||||
}
|
||||
|
||||
Defaults struct {
|
||||
FS string
|
||||
Raid *RaidConfig
|
||||
}
|
||||
|
||||
LVs []struct {
|
||||
Name string
|
||||
Crypt string
|
||||
FS string
|
||||
Raid *RaidConfig
|
||||
Size string
|
||||
Extents string
|
||||
}
|
||||
}
|
||||
|
||||
type RaidConfig struct {
|
||||
Mirrors int
|
||||
Stripes int
|
||||
}
|
||||
|
||||
type Bootstrap struct {
|
||||
Dev string
|
||||
Seed string
|
||||
}
|
||||
46
bootstrapconfig/password.go
Normal file
46
bootstrapconfig/password.go
Normal file
@ -0,0 +1,46 @@
|
||||
package bootstrapconfig
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/sha512"
|
||||
"encoding/base64"
|
||||
"strings"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
)
|
||||
|
||||
var (
|
||||
encoding = base64.RawStdEncoding
|
||||
)
|
||||
|
||||
func PasswordHashFromSeed(seed, pass []byte) string {
|
||||
h := pbkdf2.Key(pass, seed, 2048, 32, sha512.New)
|
||||
return encoding.EncodeToString(h)
|
||||
}
|
||||
|
||||
func PasswordHash(pass []byte) (hashedPassWithSeed string) {
|
||||
seed := make([]byte, 10) // 8 bytes min by the RFC recommendation
|
||||
_, err := rand.Read(seed)
|
||||
if err != nil {
|
||||
panic(err) // we do not expect this to fail...
|
||||
}
|
||||
return JoinSeedAndHash(seed, PasswordHashFromSeed(seed, pass))
|
||||
}
|
||||
|
||||
func JoinSeedAndHash(seed []byte, hash string) string {
|
||||
return encoding.EncodeToString(seed) + ":" + hash
|
||||
}
|
||||
|
||||
func CheckPassword(hashedPassWithSeed string, pass []byte) (ok bool) {
|
||||
parts := strings.SplitN(hashedPassWithSeed, ":", 2)
|
||||
|
||||
encodedSeed := parts[0]
|
||||
encodedHash := parts[1]
|
||||
|
||||
seed, err := encoding.DecodeString(encodedSeed)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
return encodedHash == PasswordHashFromSeed(seed, pass)
|
||||
}
|
||||
12
bootstrapconfig/password_test.go
Normal file
12
bootstrapconfig/password_test.go
Normal file
@ -0,0 +1,12 @@
|
||||
package bootstrapconfig
|
||||
|
||||
import "fmt"
|
||||
|
||||
func ExamplePasswordHash() {
|
||||
seed := []byte("myseed")
|
||||
hash := PasswordHashFromSeed(seed, []byte("mypass"))
|
||||
fmt.Println(JoinSeedAndHash(seed, hash))
|
||||
|
||||
// Output:
|
||||
// bXlzZWVk:HMSxrg1cYphaPuUYUbtbl/htep/tVYYIQAuvkNMVpw0
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user