cisco_scrypt 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 754d755c61852c27030fd6bd224593b72d1545416e61ca780b7e374832491378
4
+ data.tar.gz: 076dd98fa98cb73024f75eb5eb3a9dc93600371a39a692cd6473c083a069bc65
5
+ SHA512:
6
+ metadata.gz: c84c8fa19ad67e53fabf019148dd7284181fd8a830357b1192e32ec70eaf0090c12cdf9fe1afb1919f3ebff4cb4a56df7eab88e4bc631b504bde2307cf366f4e
7
+ data.tar.gz: a5ee8093b7c80f83cc39dcaaea7396447cf96a95ac47dacecedd0000ee88bfae9c1e64edac432994e6233e246356ebf2a64215b8231f25397f00346b3c22d89c
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,15 @@
1
+ AllCops:
2
+ TargetRubyVersion: 2.5
3
+ NewCops: enable
4
+ SuggestExtensions: false
5
+
6
+ Style/StringLiterals:
7
+ Enabled: true
8
+ EnforcedStyle: double_quotes
9
+
10
+ Style/StringLiteralsInInterpolation:
11
+ Enabled: true
12
+ EnforcedStyle: double_quotes
13
+
14
+ Layout/LineLength:
15
+ Max: 120
data/Gemfile ADDED
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ # Specify your gem's dependencies in cisco_scrypt.gemspec
6
+ gemspec
7
+
8
+ gem "rake", "~> 13.0"
9
+
10
+ gem "rspec", "~> 3.0"
11
+
12
+ gem "rubocop", "~> 1.7"
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2021 Marek Skrobacki
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,41 @@
1
+ # CiscoScrypt
2
+
3
+ Generate Cisco Type 9 password hashes with Ruby.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ ```ruby
10
+ gem 'cisco_scrypt'
11
+ ```
12
+
13
+ And then execute:
14
+
15
+ $ bundle install
16
+
17
+ Or install it yourself as:
18
+
19
+ $ gem install cisco_scrypt
20
+
21
+ ## Usage
22
+
23
+ ```ruby
24
+ >> CiscoScrypt.generate('myversyecret password', 'saltsalt')
25
+ => "$9$saltsalt$lEiBF6Jbcf2.hTsVwdsgxku5qa3X3PqFq.z4ta.BBLI"
26
+ >>
27
+ ```
28
+
29
+ ## Development
30
+
31
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
32
+
33
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
34
+
35
+ ## Contributing
36
+
37
+ Bug reports and pull requests are welcome on GitHub at https://github.com/skrobul/cisco_scrypt.
38
+
39
+ ## License
40
+
41
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
data/Rakefile ADDED
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+ require 'yard'
6
+
7
+ RSpec::Core::RakeTask.new(:spec)
8
+
9
+ require "rubocop/rake_task"
10
+
11
+ RuboCop::RakeTask.new
12
+
13
+ YARD::Rake::YardocTask.new do |t|
14
+ t.files = ['lib/**/*.rb']
15
+ # t.stats_options = ['--list-undoc'] # optional
16
+ end
17
+
18
+ task default: %i[spec rubocop]
data/bin/console ADDED
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "bundler/setup"
5
+ require "cisco_scrypt"
6
+
7
+ # You can add fixtures and/or initialization code here to make experimenting
8
+ # with your gem easier. You can also use a different console, if you like.
9
+
10
+ # (If you use this, don't forget to add pry to your Gemfile!)
11
+ # require "pry"
12
+ # Pry.start
13
+
14
+ require "irb"
15
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,32 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "lib/cisco_scrypt/version"
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "cisco_scrypt"
7
+ spec.version = CiscoScrypt::VERSION
8
+ spec.authors = ["Marek Skrobacki"]
9
+ spec.email = ["skrobul@skrobul.com"]
10
+
11
+ spec.summary = "Generate Cisco type 9 password hashes"
12
+ spec.description = "Generate Cisco type 9 password hashes, optionally with fixed salt."
13
+ spec.homepage = "https://github.com/skrobul/cisco_scrypt"
14
+ spec.license = "MIT"
15
+ spec.required_ruby_version = ">= 2.5.0"
16
+
17
+ spec.metadata["homepage_uri"] = spec.homepage
18
+ spec.metadata["source_code_uri"] = spec.homepage
19
+
20
+ # Specify which files should be added to the gem when it is released.
21
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
22
+ spec.files = Dir.chdir(File.expand_path(__dir__)) do
23
+ `git ls-files -z`.split("\x0").reject do |f|
24
+ (f == __FILE__) || f.match(%r{\A(?:(?:test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
25
+ end
26
+ end
27
+ spec.bindir = "exe"
28
+ spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
29
+ spec.require_paths = ["lib"]
30
+
31
+ spec.add_development_dependency "yard", "~> 0.9"
32
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CiscoScrypt
4
+ VERSION = "0.1.0"
5
+ end
@@ -0,0 +1,85 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "openssl"
4
+ require_relative "cisco_scrypt/version"
5
+
6
+ # Generate Cisco type 9 password hashes
7
+ module CiscoScrypt
8
+ class Error < StandardError; end
9
+ class << self
10
+ # Based on the John The Ripper
11
+ # https://github.com/openwall/john/blob/186c9ae1e421618962a7446fa22f9d678cd6b0a9/run/pass_gen.pl#L994
12
+ # https://github.com/videgro/cisco-password-hashes
13
+ # @!visibility private
14
+ def crypt_to64_wpa(value, number_of_iterations)
15
+ itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
16
+ result = +""
17
+ number_of_iterations.times do
18
+ position = (value & 0xFC0000) >> 18
19
+ result << itoa64[position]
20
+ value = value << 6
21
+ end
22
+ result
23
+ end
24
+
25
+ # Cisco uses non-standard base64 encoding, which happens to be the same
26
+ # implementation as used for WPA passwords.
27
+ #
28
+ # @!visibility private
29
+ # rubocop: disable Metrics/MethodLength
30
+ def base64_wpa(byte_string)
31
+ len = byte_string.size
32
+ mod = len % 3
33
+ cnt = (len - mod) / 3
34
+ out = +""
35
+
36
+ # iterate over "full" bytes, 3 bytes at a time
37
+ # encode every 3 sextets as 4 sextets
38
+ cnt.times do |idx|
39
+ out << full_bytes(byte_string, idx)
40
+ end
41
+
42
+ case mod
43
+ when 2 then out << two_bytes(byte_string, len)
44
+ when 1 then out << single_byte(byte_string, len)
45
+ end
46
+ out
47
+ end
48
+ # rubocop: enable Metrics/MethodLength
49
+
50
+ # @!visibility private
51
+ def full_bytes(byte_string, idx)
52
+ offset = idx * 3
53
+ c = byte_string[offset].ord
54
+ b = byte_string[offset + 1].ord
55
+ a = byte_string[offset + 2].ord
56
+ l = ((c << 16) | (b << 8) | a)
57
+ crypt_to64_wpa(l, 4)
58
+ end
59
+
60
+ # @!visibility private
61
+ def single_byte(byte_string, len)
62
+ c = byte_string[len - 1].ord
63
+ l = c << 16
64
+ crypt_to64_wpa(l, 2)
65
+ end
66
+
67
+ # @!visibility private
68
+ def two_bytes(byte_string, len)
69
+ c = byte_string[len - 2].ord
70
+ b = byte_string[len - 1].ord
71
+ l = ((c << 16) | (b << 8))
72
+ crypt_to64_wpa(l, 3)
73
+ end
74
+
75
+ # Generate Cisco Type 9 password hash
76
+ # @param password [String] cleartext password
77
+ # @param salt [String] static salt to be used
78
+ def generate(password, salt)
79
+ bytes = OpenSSL::KDF.scrypt(password, N: 2**14, r: 1, p: 1, salt: salt, length: 32)
80
+ password_hash = base64_wpa(bytes)
81
+
82
+ "$9$#{salt}$#{password_hash}"
83
+ end
84
+ end
85
+ end
metadata ADDED
@@ -0,0 +1,70 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: cisco_scrypt
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Marek Skrobacki
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2021-11-03 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: yard
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0.9'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0.9'
27
+ description: Generate Cisco type 9 password hashes, optionally with fixed salt.
28
+ email:
29
+ - skrobul@skrobul.com
30
+ executables: []
31
+ extensions: []
32
+ extra_rdoc_files: []
33
+ files:
34
+ - ".rspec"
35
+ - ".rubocop.yml"
36
+ - Gemfile
37
+ - LICENSE.txt
38
+ - README.md
39
+ - Rakefile
40
+ - bin/console
41
+ - bin/setup
42
+ - cisco_scrypt.gemspec
43
+ - lib/cisco_scrypt.rb
44
+ - lib/cisco_scrypt/version.rb
45
+ homepage: https://github.com/skrobul/cisco_scrypt
46
+ licenses:
47
+ - MIT
48
+ metadata:
49
+ homepage_uri: https://github.com/skrobul/cisco_scrypt
50
+ source_code_uri: https://github.com/skrobul/cisco_scrypt
51
+ post_install_message:
52
+ rdoc_options: []
53
+ require_paths:
54
+ - lib
55
+ required_ruby_version: !ruby/object:Gem::Requirement
56
+ requirements:
57
+ - - ">="
58
+ - !ruby/object:Gem::Version
59
+ version: 2.5.0
60
+ required_rubygems_version: !ruby/object:Gem::Requirement
61
+ requirements:
62
+ - - ">="
63
+ - !ruby/object:Gem::Version
64
+ version: '0'
65
+ requirements: []
66
+ rubygems_version: 3.2.3
67
+ signing_key:
68
+ specification_version: 4
69
+ summary: Generate Cisco type 9 password hashes
70
+ test_files: []