Merge pull request #14508 from whiteinge/salt-jinja-utils

Added utils module for working with hash functions
2024-11-07 17:09:03 +00:00 · 2014-07-25 18:48:49 -06:00 · 2014-07-25 18:48:49 -06:00 · 0cd1236108
commit 0cd1236108
parent 6e575491ee adabf74852
2 changed files with 180 additions and 0 deletions
--- a/salt/modules/hashutil.py
+++ b/salt/modules/hashutil.py
@ -0,0 +1,131 @@
+# encoding: utf-8
+'''
+A collection of hashing and encoding functions
+'''
+import base64
+import hashlib
+import hmac
+
+
+def base64_encode(infile, outfile):
+    '''
+    Encode a file as base64 and write the result to a new file
+
+    .. versionadded:: Helium
+
+    CLI Example:
+
+    .. code-block::
+
+        salt '*' hashutil.base64_encode /path/to/file1 /path/to/encoded_file1
+    '''
+    return base64.encode(infile, outfile)
+
+
+def base64_decode(infile, outfile):
+    '''
+    Decode a base64-encoded file and write the result to a new file
+
+    .. versionadded:: Helium
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' hashutil.base64_decode /path/to/encoded_file1 /path/to/file1
+    '''
+    return base64.decode(infile, outfile)
+
+
+def base64_encodestring(instr):
+    '''
+    Encode a string as base64
+
+    .. versionadded:: Helium
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' hashutil.base64_encodestring 'get salted'
+    '''
+    return base64.encodestring(instr)
+
+
+def base64_decodestring(instr):
+    '''
+    Decode a base64-encoded string
+
+    .. versionadded:: Helium
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' hashutil.base64_decodestring 'Z2V0IHNhbHRlZA==\n'
+    '''
+    return base64.decodestring(instr)
+
+
+def md5_digest(instr):
+    '''
+    Generate an md5 hash of a given string
+
+    .. versionadded:: Helium
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' hashutil.md5_digest 'get salted'
+    '''
+    return hashlib.md5(instr).hexdigest()
+
+
+def sha256_digest(instr):
+    '''
+    Generate an sha256 hash of a given string
+
+    .. versionadded:: Helium
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' hashutil.sha256_digest 'get salted'
+    '''
+    return hashlib.sha256(instr).hexdigest()
+
+
+def sha512_digest(instr):
+    '''
+    Generate an sha512 hash of a given string
+
+    .. versionadded:: Helium
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' hashutil.sha512_digest 'get salted'
+    '''
+    return hashlib.sha512(instr).hexdigest()
+
+
+def hmac_signature(string, shared_secret, challenge_hmac):
+    '''
+    Verify a challenging hmac signature against a string / shared-secret
+
+    .. versionadded:: Helium
+
+    Returns a boolean if the verification succeeded or failed.
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' hashutil.hmac_signature 'get salted' 'shared secret' 'NS2BvKxFRk+rndAlFbCYIFNVkPtI/3KiIYQw4okNKU8='
+    '''
+    hmac_hash = hmac.new(string, shared_secret, hashlib.sha256)
+    valid_hmac = base64.b64encode(hmac_hash.digest())
+    return valid_hmac == challenge_hmac
--- a/tests/unit/modules/hashutil_test.py
+++ b/tests/unit/modules/hashutil_test.py
@ -0,0 +1,49 @@
+# coding: utf-8
+import salt.loader
+
+from tests.integration import ModuleCase
+
+
+class HashutilTestCase(ModuleCase):
+    the_string = 'get salted'
+    the_string_base64 = 'Z2V0IHNhbHRlZA==\n'
+    the_string_md5 = '2aacf29e92feaf528fb738bcf9d647ac'
+    the_string_sha256 = 'd49859ccbc854fa68d800b5734efc70d72383e6479d545468bc300263164ff33'
+    the_string_sha512 = 'a8c174a7941c64a068e686812a2fafd7624c840fde800f5965fbeca675f2f6e37061ffe41e17728c919bdea290eab7a21e13c04ae71661955a87f2e0e04bb045'
+    the_string_hmac = 'NS2BvKxFRk+rndAlFbCYIFNVkPtI/3KiIYQw4okNKU8='
+
+    def setUp(self):
+        self.hashutil = salt.loader.raw_mod(self.minion_opts, 'hashutil', None)
+
+    def test_base64_encodestring(self):
+        ret = self.hashutil['hashutil.base64_encodestring'](self.the_string)
+        self.assertEqual(ret, self.the_string_base64)
+
+    def test_base64_decodestring(self):
+        ret = self.hashutil['hashutil.base64_decodestring'](self.the_string_base64)
+        self.assertEqual(ret, self.the_string)
+
+    def test_md5_digest(self):
+        ret = self.hashutil['hashutil.md5_digest'](self.the_string)
+        self.assertEqual(ret, self.the_string_md5)
+
+    def test_sha256_digest(self):
+        ret = self.hashutil['hashutil.sha256_digest'](self.the_string)
+        self.assertEqual(ret, self.the_string_sha256)
+
+    def test_sha512_digest(self):
+        ret = self.hashutil['hashutil.sha512_digest'](self.the_string)
+        self.assertEqual(ret, self.the_string_sha512)
+
+    def test_hmac_signature(self):
+        ret = self.hashutil['hashutil.hmac_signature'](
+                self.the_string,
+                'shared secret',
+                self.the_string_hmac)
+        self.assertTrue(ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(HashutilTestCase,
+              needs_daemon=False)