2019-02-18 11:05:10 +00:00
|
|
|
#!/usr/bin/env perl
|
|
|
|
|
|
|
|
##
|
|
|
|
## Author......: See docs/credits.txt
|
|
|
|
## License.....: MIT
|
|
|
|
##
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
|
|
|
|
|
|
|
use Crypt::PBKDF2;
|
|
|
|
use MIME::Base64 qw (encode_base64);
|
|
|
|
|
|
|
|
sub module_constraints { [[0, 255], [14, 14], [-1, -1], [-1, -1], [-1, -1]] }
|
|
|
|
|
|
|
|
my $CISCO_BASE64_MAPPING =
|
|
|
|
{
|
|
|
|
'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H',
|
|
|
|
'5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C',
|
|
|
|
'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W',
|
|
|
|
'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R',
|
|
|
|
'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l',
|
|
|
|
'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g',
|
|
|
|
't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0',
|
|
|
|
'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v',
|
|
|
|
'8', 'w', '9', 'x', '+', 'y', '/', 'z'
|
|
|
|
};
|
|
|
|
|
|
|
|
sub module_generate_hash
|
|
|
|
{
|
|
|
|
my $word = shift;
|
|
|
|
my $salt = shift;
|
|
|
|
my $iter = shift // 20000;
|
|
|
|
|
|
|
|
my $pbkdf2 = Crypt::PBKDF2->new
|
|
|
|
(
|
|
|
|
hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
|
|
|
|
iterations => $iter
|
|
|
|
);
|
|
|
|
|
|
|
|
my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), "");
|
|
|
|
|
|
|
|
my $tmp_hash = "";
|
|
|
|
|
|
|
|
for (my $i = 0; $i < 43; $i++)
|
|
|
|
{
|
|
|
|
$tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
|
|
|
|
}
|
|
|
|
|
|
|
|
my $hash = sprintf ("\$8\$%s\$%s", $salt, $tmp_hash);
|
|
|
|
|
|
|
|
return $hash;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub module_verify_hash
|
|
|
|
{
|
|
|
|
my $line = shift;
|
|
|
|
|
|
|
|
# Cisco $8$ - PBKDF2-HMAC-SHA256
|
2019-02-19 11:50:57 +00:00
|
|
|
return unless (substr ($line, 0, 3) eq '$8$');
|
2019-02-18 11:05:10 +00:00
|
|
|
|
|
|
|
# get hash
|
|
|
|
my $index1 = index ($line, "\$", 3);
|
|
|
|
|
|
|
|
return if $index1 != 17;
|
|
|
|
|
|
|
|
my $index2 = index ($line, "\$", $index1 + 1);
|
|
|
|
|
|
|
|
# salt
|
|
|
|
my $salt = substr ($line, 3, $index1 - 3);
|
|
|
|
|
|
|
|
$index1 = index ($line, ":", $index1 + 1);
|
|
|
|
|
|
|
|
return if $index1 < 1;
|
|
|
|
|
|
|
|
# digest
|
|
|
|
|
|
|
|
my $word = substr ($line, $index1 + 1);
|
|
|
|
|
|
|
|
return unless defined $salt;
|
|
|
|
return unless defined $word;
|
|
|
|
|
|
|
|
$word = pack_if_HEX_notation ($word);
|
|
|
|
|
|
|
|
my $new_hash = module_generate_hash ($word, $salt);
|
|
|
|
|
|
|
|
return ($new_hash, $word);
|
|
|
|
}
|
|
|
|
|
|
|
|
1;
|