2019-02-17 14:39:34 +00:00
|
|
|
#!/usr/bin/env perl
|
|
|
|
|
|
|
|
##
|
|
|
|
## Author......: See docs/credits.txt
|
|
|
|
## License.....: MIT
|
|
|
|
##
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
|
|
|
|
|
|
|
use Net::DNS::RR::NSEC3;
|
|
|
|
use Net::DNS::SEC;
|
|
|
|
|
2023-07-27 16:11:55 +00:00
|
|
|
# we need to restrict the pure password length for the test module to 63 bytes,
|
2020-05-25 09:30:45 +00:00
|
|
|
# because we can't have any string (including the pass) of over 63 bytes without "."
|
|
|
|
|
|
|
|
# sub module_constraints { [[1, 256], [-1, -1], [1, 55], [-1, -1], [-1, -1]] }
|
|
|
|
sub module_constraints { [[1, 63], [-1, -1], [1, 55], [-1, -1], [-1, -1]] }
|
2019-02-17 14:39:34 +00:00
|
|
|
|
|
|
|
sub get_random_dnssec_salt
|
|
|
|
{
|
|
|
|
my $salt_buf = "";
|
|
|
|
|
|
|
|
$salt_buf .= ".";
|
|
|
|
|
|
|
|
$salt_buf .= random_lowercase_string (8);
|
|
|
|
|
|
|
|
$salt_buf .= ".net";
|
|
|
|
|
|
|
|
$salt_buf .= ":";
|
|
|
|
|
|
|
|
$salt_buf .= random_numeric_string (8);
|
|
|
|
|
|
|
|
return $salt_buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub module_generate_hash
|
|
|
|
{
|
|
|
|
my $word = shift;
|
|
|
|
my $salt = shift;
|
|
|
|
my $iter = shift // 1;
|
|
|
|
|
|
|
|
if (length $salt == 0)
|
|
|
|
{
|
2020-05-25 09:30:45 +00:00
|
|
|
if (int (rand (10)) == 0)
|
|
|
|
{
|
|
|
|
$salt = ":";
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$salt = get_random_dnssec_salt ();
|
|
|
|
}
|
2019-02-17 14:39:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
my ($domain, $salt_hex) = split (":", $salt);
|
|
|
|
|
|
|
|
my $hashalg = Net::DNS::SEC->digtype ("SHA1");
|
|
|
|
|
|
|
|
my $name = lc ($word . $domain);
|
|
|
|
|
2019-04-13 17:10:52 +00:00
|
|
|
my $hash_buf = Net::DNS::RR::NSEC3::name2hash ($hashalg, $name, $iter, $salt_hex);
|
2019-02-17 14:39:34 +00:00
|
|
|
|
|
|
|
my $hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iter);
|
|
|
|
|
|
|
|
return $hash;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub module_verify_hash
|
|
|
|
{
|
|
|
|
my $line = shift;
|
|
|
|
|
|
|
|
my @datas = split (":", $line);
|
|
|
|
|
|
|
|
return if scalar @datas != 5;
|
|
|
|
|
|
|
|
my ($hash, $domain, $salt, $iter, $word) = @datas;
|
|
|
|
|
|
|
|
$salt = $domain . ":" . $salt;
|
|
|
|
|
|
|
|
return unless defined $salt;
|
|
|
|
return unless defined $iter;
|
|
|
|
return unless defined $word;
|
|
|
|
|
|
|
|
$word = pack_if_HEX_notation ($word);
|
|
|
|
|
|
|
|
my $new_hash = module_generate_hash ($word, $salt, $iter);
|
|
|
|
|
|
|
|
return ($new_hash, $word);
|
|
|
|
}
|
|
|
|
|
|
|
|
1;
|