From f77ee68d61646d27ea2c4098d14808b31f6d9a86 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Tue, 2 Apr 2013 15:43:15 -0700
Subject: added support for hex_secrets

---
 lib/leap_cli/config/macros.rb | 11 +++++++++++
 lib/leap_cli/util/secret.rb   | 34 +++++++++++++++++++++++++---------
 2 files changed, 36 insertions(+), 9 deletions(-)

(limited to 'lib/leap_cli')

diff --git a/lib/leap_cli/config/macros.rb b/lib/leap_cli/config/macros.rb
index 5f90894..b2ad942 100644
--- a/lib/leap_cli/config/macros.rb
+++ b/lib/leap_cli/config/macros.rb
@@ -116,10 +116,21 @@ module LeapCli; module Config
     #
     # manager.export_secrets should be called later to capture any newly generated secrets.
     #
+    # +length+ is the character length of the generated password.
+    #
     def secret(name, length=32)
       @manager.secrets.set(name, Util::Secret.generate(length))
     end
 
+    #
+    # inserts an hexidecimal secret string, generating it if needed.
+    #
+    # +bit_length+ is the bits in the secret, (ie length of resulting hex string will be bit_length/4)
+    #
+    def hex_secret(name, bit_length=128)
+      @manager.secrets.set(name, Util::Secret.generate_hex(bit_length))
+    end
+
     #
     # return a fingerprint for a x509 certificate
     #
diff --git a/lib/leap_cli/util/secret.rb b/lib/leap_cli/util/secret.rb
index 691065f..47a050e 100644
--- a/lib/leap_cli/util/secret.rb
+++ b/lib/leap_cli/util/secret.rb
@@ -1,20 +1,23 @@
 #
-# A simple alphanumeric secret generator, with no ambiguous characters.
-#
-# Only alphanumerics are allowed, in order to make these passwords work
-# for REST url calls and to allow you to easily copy and paste them.
+# A simple secret generator
 #
 # Uses OpenSSL random number generator instead of Ruby's rand function
 #
-
 require 'openssl'
 
 module LeapCli; module Util
-
   class Secret
-
     CHARS = ('A'..'Z').to_a + ('a'..'z').to_a + ('0'..'9').to_a + "_".split(//u) - "io01lO".split(//u)
-
+    HEX = (0..9).to_a + ('a'..'f').to_a
+
+    #
+    # generate a secret with with no ambiguous characters.
+    #
+    # +length+ is in chars
+    #
+    # Only alphanumerics are allowed, in order to make these passwords work
+    # for REST url calls and to allow you to easily copy and paste them.
+    #
     def self.generate(length = 16)
       seed
       OpenSSL::Random.random_bytes(length).bytes.to_a.collect { |byte|
@@ -22,6 +25,20 @@ module LeapCli; module Util
       }.join
     end
 
+    #
+    # generates a hex secret, instead of an alphanumeric on.
+    #
+    # length is in bits
+    #
+    def self.generate_hex(length = 128)
+      seed
+      OpenSSL::Random.random_bytes(length/4).bytes.to_a.collect { |byte|
+        HEX[ byte % HEX.length ]
+      }.join
+    end
+
+    private
+
     def self.seed
       @pid ||= 0
       pid = $$
@@ -33,5 +50,4 @@ module LeapCli; module Util
     end
 
   end
-
 end; end
-- 
cgit v1.2.3