[yast-commit] r63682 - in /trunk/core: VERSION libycp/src/YCPBuiltinString.cc libycp/src/y2crypt.cc libycp/src/y2crypt.h package/yast2-core.changes
Author: aschnell Date: Thu Mar 31 11:13:05 2011 New Revision: 63682
URL: http://svn.opensuse.org/viewcvs/yast?rev=63682&view=rev Log: - added sha256 and sha516 password encryption (fate #309705)
Modified: trunk/core/VERSION trunk/core/libycp/src/YCPBuiltinString.cc trunk/core/libycp/src/y2crypt.cc trunk/core/libycp/src/y2crypt.h trunk/core/package/yast2-core.changes
Modified: trunk/core/VERSION URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/VERSION?rev=63682&r1=636... ============================================================================== --- trunk/core/VERSION (original) +++ trunk/core/VERSION Thu Mar 31 11:13:05 2011 @@ -1 +1 @@ -2.20.0 +2.21.0
Modified: trunk/core/libycp/src/YCPBuiltinString.cc URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/libycp/src/YCPBuiltinString.... ============================================================================== --- trunk/core/libycp/src/YCPBuiltinString.cc (original) +++ trunk/core/libycp/src/YCPBuiltinString.cc Thu Mar 31 11:13:05 2011 @@ -1356,6 +1356,68 @@
static YCPValue +s_cryptsha256(const YCPString& original) +{ + /** + * @builtin cryptsha256 + * @short Encrypts a string with sha256 + * @description + * Encrypts the string <tt>UNENCRYPTED</tt> using sha256 + * password encryption. The password is not truncated. + * + * @param string UNENCRYPTED + * @return string + * @usage cryptsha256 ("readable") -> "$5$keev8D8I$kZdbw1WYM7XJtn4cpl1S3QtoKXnxIIFVSqwadMAGLE3" + */ + + if (original.isNull ()) + return YCPNull (); + + string unencrypted = original->value(); + string encrypted; + + if (crypt_pass (unencrypted, SHA256, &encrypted)) + return YCPString (encrypted); + else + { + ycp2error ("Encryption using sha256 failed"); + return YCPNull (); + } +} + + +static YCPValue +s_cryptsha512(const YCPString& original) +{ + /** + * @builtin cryptsha512 + * @short Encrypts a string with sha512 + * @description + * Encrypts the string <tt>UNENCRYPTED</tt> using sha512 + * password encryption. The password is not truncated. + * + * @param string UNENCRYPTED + * @return string + * @usage cryptsha512 ("readable") -> "$6$QskPAFTK$R40N1UI047Bg.nD96ZYSGnx71mgbBgb.UEtKuR8bGGxuzYgXjCTxKIQmqXrgftBzA20m2P9ayrUKQQ2pnWzm70" + */ + + if (original.isNull ()) + return YCPNull (); + + string unencrypted = original->value(); + string encrypted; + + if (crypt_pass (unencrypted, SHA512, &encrypted)) + return YCPString (encrypted); + else + { + ycp2error ("Encryption using sha512 failed"); + return YCPNull (); + } +} + + +static YCPValue s_dgettext (const YCPString& domain, const YCPString& text) { /** @@ -1542,6 +1604,8 @@ { "cryptmd5", "string (string)", (void *)s_cryptmd5, ETC }, { "cryptbigcrypt", "string (string)", (void *)s_cryptbigcrypt, ETC }, { "cryptblowfish", "string (string)", (void *)s_cryptblowfish, ETC }, + { "cryptsha256", "string (string)", (void *)s_cryptsha256, ETC }, + { "cryptsha512", "string (string)", (void *)s_cryptsha512, ETC }, { "regexpmatch", "boolean (string, string)", (void *)s_regexpmatch, ETC }, { "regexppos", "list<integer> (string, string)", (void *)s_regexppos, ETC }, { "regexpsub", "string (string, string, string)", (void *)s_regexpsub, ETC },
Modified: trunk/core/libycp/src/y2crypt.cc URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/libycp/src/y2crypt.cc?rev=63... ============================================================================== --- trunk/core/libycp/src/y2crypt.cc (original) +++ trunk/core/libycp/src/y2crypt.cc Thu Mar 31 11:13:05 2011 @@ -151,6 +151,28 @@ free (salt); break;
+ case SHA256: + salt = make_crypt_salt ("$5$", 0); + if (!salt) + { + y2error ("Cannot create salt for sha256 crypt"); + return false; + } + newencrypted = xcrypt_r (unencrypted.c_str (), salt, &output); + free (salt); + break; + + case SHA512: + salt = make_crypt_salt ("$6$", 0); + if (!salt) + { + y2error ("Cannot create salt for sha512 crypt"); + return false; + } + newencrypted = xcrypt_r (unencrypted.c_str (), salt, &output); + free (salt); + break; + default: y2error ("Don't know crypt type %d", use_crypt); return false;
Modified: trunk/core/libycp/src/y2crypt.h URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/libycp/src/y2crypt.h?rev=636... ============================================================================== --- trunk/core/libycp/src/y2crypt.h (original) +++ trunk/core/libycp/src/y2crypt.h Thu Mar 31 11:13:05 2011 @@ -14,7 +14,7 @@ using std::string;
-enum crypt_t { CRYPT, MD5, BIGCRYPT, BLOWFISH }; +enum crypt_t { CRYPT, MD5, BIGCRYPT, BLOWFISH, SHA256, SHA512 };
bool crypt_pass (string unencrypted, crypt_t use_crypt, string* encrypted);
Modified: trunk/core/package/yast2-core.changes URL: http://svn.opensuse.org/viewcvs/yast/trunk/core/package/yast2-core.changes?r... ============================================================================== --- trunk/core/package/yast2-core.changes (original) +++ trunk/core/package/yast2-core.changes Thu Mar 31 11:13:05 2011 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Thu Mar 31 11:11:36 CEST 2011 - aschnell@suse.de + +- added sha256 and sha516 password encryption (fate #309705) +- 2.21.0 + +------------------------------------------------------------------- Tue Mar 15 15:51:48 UTC 2011 - coolo@novell.com
- fix build with gcc 4.6
yast-commit@lists.opensuse.org
-
aschnell@svn2.opensuse.org