Author: aschnell Date: Thu Mar 31 11:13:05 2011 New Revision: 63682 URL: http://svn.opensuse.org/viewcvs/yast?rev=63682&view=rev Log: - added sha256 and sha516 password encryption (fate #309705) Modified: trunk/core/VERSION trunk/core/libycp/src/YCPBuiltinString.cc trunk/core/libycp/src/y2crypt.cc trunk/core/libycp/src/y2crypt.h trunk/core/package/yast2-core.changes Modified: trunk/core/VERSION URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/VERSION?rev=63682&r1=63681&r2=63682&view=diff ============================================================================== --- trunk/core/VERSION (original) +++ trunk/core/VERSION Thu Mar 31 11:13:05 2011 @@ -1 +1 @@ -2.20.0 +2.21.0 Modified: trunk/core/libycp/src/YCPBuiltinString.cc URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/libycp/src/YCPBuiltinString.cc?rev=63682&r1=63681&r2=63682&view=diff ============================================================================== --- trunk/core/libycp/src/YCPBuiltinString.cc (original) +++ trunk/core/libycp/src/YCPBuiltinString.cc Thu Mar 31 11:13:05 2011 @@ -1356,6 +1356,68 @@ static YCPValue +s_cryptsha256(const YCPString& original) +{ + /** + * @builtin cryptsha256 + * @short Encrypts a string with sha256 + * @description + * Encrypts the string <tt>UNENCRYPTED</tt> using sha256 + * password encryption. The password is not truncated. + * + * @param string UNENCRYPTED + * @return string + * @usage cryptsha256 ("readable") -> "$5$keev8D8I$kZdbw1WYM7XJtn4cpl1S3QtoKXnxIIFVSqwadMAGLE3" + */ + + if (original.isNull ()) + return YCPNull (); + + string unencrypted = original->value(); + string encrypted; + + if (crypt_pass (unencrypted, SHA256, &encrypted)) + return YCPString (encrypted); + else + { + ycp2error ("Encryption using sha256 failed"); + return YCPNull (); + } +} + + +static YCPValue +s_cryptsha512(const YCPString& original) +{ + /** + * @builtin cryptsha512 + * @short Encrypts a string with sha512 + * @description + * Encrypts the string <tt>UNENCRYPTED</tt> using sha512 + * password encryption. The password is not truncated. + * + * @param string UNENCRYPTED + * @return string + * @usage cryptsha512 ("readable") -> "$6$QskPAFTK$R40N1UI047Bg.nD96ZYSGnx71mgbBgb.UEtKuR8bGGxuzYgXjCTxKIQmqXrgftBzA20m2P9ayrUKQQ2pnWzm70" + */ + + if (original.isNull ()) + return YCPNull (); + + string unencrypted = original->value(); + string encrypted; + + if (crypt_pass (unencrypted, SHA512, &encrypted)) + return YCPString (encrypted); + else + { + ycp2error ("Encryption using sha512 failed"); + return YCPNull (); + } +} + + +static YCPValue s_dgettext (const YCPString& domain, const YCPString& text) { /** @@ -1542,6 +1604,8 @@ { "cryptmd5", "string (string)", (void *)s_cryptmd5, ETC }, { "cryptbigcrypt", "string (string)", (void *)s_cryptbigcrypt, ETC }, { "cryptblowfish", "string (string)", (void *)s_cryptblowfish, ETC }, + { "cryptsha256", "string (string)", (void *)s_cryptsha256, ETC }, + { "cryptsha512", "string (string)", (void *)s_cryptsha512, ETC }, { "regexpmatch", "boolean (string, string)", (void *)s_regexpmatch, ETC }, { "regexppos", "list<integer> (string, string)", (void *)s_regexppos, ETC }, { "regexpsub", "string (string, string, string)", (void *)s_regexpsub, ETC }, Modified: trunk/core/libycp/src/y2crypt.cc URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/libycp/src/y2crypt.cc?rev=63682&r1=63681&r2=63682&view=diff ============================================================================== --- trunk/core/libycp/src/y2crypt.cc (original) +++ trunk/core/libycp/src/y2crypt.cc Thu Mar 31 11:13:05 2011 @@ -151,6 +151,28 @@ free (salt); break; + case SHA256: + salt = make_crypt_salt ("$5$", 0); + if (!salt) + { + y2error ("Cannot create salt for sha256 crypt"); + return false; + } + newencrypted = xcrypt_r (unencrypted.c_str (), salt, &output); + free (salt); + break; + + case SHA512: + salt = make_crypt_salt ("$6$", 0); + if (!salt) + { + y2error ("Cannot create salt for sha512 crypt"); + return false; + } + newencrypted = xcrypt_r (unencrypted.c_str (), salt, &output); + free (salt); + break; + default: y2error ("Don't know crypt type %d", use_crypt); return false; Modified: trunk/core/libycp/src/y2crypt.h URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/libycp/src/y2crypt.h?rev=63682&r1=63681&r2=63682&view=diff ============================================================================== --- trunk/core/libycp/src/y2crypt.h (original) +++ trunk/core/libycp/src/y2crypt.h Thu Mar 31 11:13:05 2011 @@ -14,7 +14,7 @@ using std::string; -enum crypt_t { CRYPT, MD5, BIGCRYPT, BLOWFISH }; +enum crypt_t { CRYPT, MD5, BIGCRYPT, BLOWFISH, SHA256, SHA512 }; bool crypt_pass (string unencrypted, crypt_t use_crypt, string* encrypted); Modified: trunk/core/package/yast2-core.changes URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/package/yast2-core.changes?rev=63682&r1=63681&r2=63682&view=diff ============================================================================== --- trunk/core/package/yast2-core.changes (original) +++ trunk/core/package/yast2-core.changes Thu Mar 31 11:13:05 2011 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Thu Mar 31 11:11:36 CEST 2011 - aschnell@suse.de + +- added sha256 and sha516 password encryption (fate #309705) +- 2.21.0 + +------------------------------------------------------------------- Tue Mar 15 15:51:48 UTC 2011 - coolo@novell.com - fix build with gcc 4.6 -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org