From 741b3c594d31a841b13e8f929d5305db12def7da Mon Sep 17 00:00:00 2001 From: Tom Harrison Date: Tue, 27 Dec 2022 22:55:40 +0000 Subject: [PATCH 1/5] Change Gemfile to allow Ruby 3 Bundle installs --- Gemfile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 2de89e019..96cfdcbf4 100644 --- a/Gemfile +++ b/Gemfile @@ -23,7 +23,7 @@ gem 'process_helper' gem 'ovirt-engine-sdk' gem 'duplicate' gem 'smbhash' -gem 'digest-whirlpool', :git => "https://github.com/fgosew/ruby-digest-whirlpool" +# gem 'digest-whirlpool', :git => "https://github.com/fgosew/ruby-digest-whirlpool" gem 'digest-siphash' gem 'scrypt' gem 'braille', :git => "http://github.com/nicanor/braille.git" @@ -33,16 +33,17 @@ gem 'huffman', :git => "https://github.com/fgosew/huffman" gem 'ruby-graphviz' gem 'rsa' gem 'gpgmeh' -gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby" +# gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby" gem 'packetfu' gem 'net-ntp' gem 'CFPropertyList' gem 'artii' +gem 'sqlite3' #development only gems go here group :test, :development do gem 'minitest' gem 'rake' - gem 'rdoc' + # gem 'rdoc' gem 'yard' end From ea8e19c59769dea05dcf8d73db7e7f09aad71800 Mon Sep 17 00:00:00 2001 From: Tom Harrison Date: Fri, 6 Jan 2023 14:39:24 +0000 Subject: [PATCH 2/5] Mass updates for several encoders utilising out-of-date gems. Update SHA3-384 encoder to use OpenSSL encoder Update SHA1 encoder to use OpenSSL Changed SHA-384 to hexdigest to match original Updated SHA512 to use OpenSSL Update SHA384 to use OpenSSL Update SHA256 to use OpenSSL Update Dependencies, Update SHA3-224 to newer lib Update SHA3-512 encoder to newer lib Update SHA3-384 encoder to newer lib Update SHA3-256 encoder to use newer lib Updated SHA3 encoder to use OpenSSL -- Note: This module is ambiguous - the previous version was listed as a SHA1 encoder --- Gemfile | 7 ++++--- modules/encoders/hash/sha1/secgen_local/local.rb | 3 ++- modules/encoders/hash/sha256/secgen_local/local.rb | 3 ++- modules/encoders/hash/sha3-224/secgen_local/local.rb | 4 ++-- modules/encoders/hash/sha3-256/secgen_local/local.rb | 4 ++-- modules/encoders/hash/sha3-384/secgen_local/local.rb | 4 ++-- modules/encoders/hash/sha3-512/secgen_local/local.rb | 4 ++-- modules/encoders/hash/sha3/secgen_local/local.rb | 6 +++--- modules/encoders/hash/sha384/secgen_local/local.rb | 3 ++- modules/encoders/hash/sha512/secgen_local/local.rb | 3 ++- 10 files changed, 23 insertions(+), 18 deletions(-) diff --git a/Gemfile b/Gemfile index 96cfdcbf4..c05b2db02 100644 --- a/Gemfile +++ b/Gemfile @@ -23,7 +23,7 @@ gem 'process_helper' gem 'ovirt-engine-sdk' gem 'duplicate' gem 'smbhash' -# gem 'digest-whirlpool', :git => "https://github.com/fgosew/ruby-digest-whirlpool" +#gem 'digest-whirlpool', :git => "https://github.com/havardMoe/ruby-digest-whirlpool.git" # Broken gem 'digest-siphash' gem 'scrypt' gem 'braille', :git => "http://github.com/nicanor/braille.git" @@ -33,7 +33,8 @@ gem 'huffman', :git => "https://github.com/fgosew/huffman" gem 'ruby-graphviz' gem 'rsa' gem 'gpgmeh' -# gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby" +# gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby" # Broken +gem 'sha3' gem 'packetfu' gem 'net-ntp' gem 'CFPropertyList' @@ -44,6 +45,6 @@ gem 'sqlite3' group :test, :development do gem 'minitest' gem 'rake' - # gem 'rdoc' + # gem 'rdoc' # Probably obsolete and breaking bundle install gem 'yard' end diff --git a/modules/encoders/hash/sha1/secgen_local/local.rb b/modules/encoders/hash/sha1/secgen_local/local.rb index 8eebcf998..3a92dbfa5 100644 --- a/modules/encoders/hash/sha1/secgen_local/local.rb +++ b/modules/encoders/hash/sha1/secgen_local/local.rb @@ -1,5 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' +require 'openssl' class SHA1Encoder < HashEncoder def initialize @@ -8,7 +9,7 @@ class SHA1Encoder < HashEncoder end def hash_function(string) - Digest::SHA1.hexdigest(string) + OpenSSL::Digest::SHA1.new.hexdigest(string) end end diff --git a/modules/encoders/hash/sha256/secgen_local/local.rb b/modules/encoders/hash/sha256/secgen_local/local.rb index 356405a05..cb6419bd4 100644 --- a/modules/encoders/hash/sha256/secgen_local/local.rb +++ b/modules/encoders/hash/sha256/secgen_local/local.rb @@ -1,5 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' +require 'openssl' class SHA256Encoder < HashEncoder def initialize @@ -8,7 +9,7 @@ class SHA256Encoder < HashEncoder end def hash_function(string) - Digest::SHA256.hexdigest(string) + OpenSSL::Digest::SHA256.new.hexdigest(string) end end diff --git a/modules/encoders/hash/sha3-224/secgen_local/local.rb b/modules/encoders/hash/sha3-224/secgen_local/local.rb index 30fc8dfba..306d9c2c6 100644 --- a/modules/encoders/hash/sha3-224/secgen_local/local.rb +++ b/modules/encoders/hash/sha3-224/secgen_local/local.rb @@ -1,6 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'digest/sha3' +require 'sha3' class SHA3_224_Encoder < HashEncoder def initialize @@ -9,7 +9,7 @@ class SHA3_224_Encoder < HashEncoder end def hash_function(string) - Digest::SHA3.hexdigest(string, 224) + SHA3::Digest.hexdigest(:sha224, string) end end diff --git a/modules/encoders/hash/sha3-256/secgen_local/local.rb b/modules/encoders/hash/sha3-256/secgen_local/local.rb index b4d5f1a2c..2a6cef822 100644 --- a/modules/encoders/hash/sha3-256/secgen_local/local.rb +++ b/modules/encoders/hash/sha3-256/secgen_local/local.rb @@ -1,6 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'digest/sha3' +require 'sha3' class SHA3_256_Encoder < HashEncoder def initialize @@ -9,7 +9,7 @@ class SHA3_256_Encoder < HashEncoder end def hash_function(string) - Digest::SHA3.hexdigest(string, 256) + SHA3::Digest.hexdigest(:sha256, string) end end diff --git a/modules/encoders/hash/sha3-384/secgen_local/local.rb b/modules/encoders/hash/sha3-384/secgen_local/local.rb index bb86c3ce7..417c43d9f 100644 --- a/modules/encoders/hash/sha3-384/secgen_local/local.rb +++ b/modules/encoders/hash/sha3-384/secgen_local/local.rb @@ -1,6 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'digest/sha3' +require 'sha3' class SHA3_384_Encoder < HashEncoder def initialize @@ -9,7 +9,7 @@ class SHA3_384_Encoder < HashEncoder end def hash_function(string) - Digest::SHA3.hexdigest(string, 384) + SHA3::Digest.hexdigest(:sha384, string) end end diff --git a/modules/encoders/hash/sha3-512/secgen_local/local.rb b/modules/encoders/hash/sha3-512/secgen_local/local.rb index d9be87d7f..cfbca0ee2 100644 --- a/modules/encoders/hash/sha3-512/secgen_local/local.rb +++ b/modules/encoders/hash/sha3-512/secgen_local/local.rb @@ -1,6 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'digest/sha3' +require 'sha3' class SHA3_512_Encoder < HashEncoder def initialize @@ -9,7 +9,7 @@ class SHA3_512_Encoder < HashEncoder end def hash_function(string) - Digest::SHA3.hexdigest(string, 512) + SHA3::Digest.hexdigest(:sha512, string) end end diff --git a/modules/encoders/hash/sha3/secgen_local/local.rb b/modules/encoders/hash/sha3/secgen_local/local.rb index c3f353f80..8701d2911 100644 --- a/modules/encoders/hash/sha3/secgen_local/local.rb +++ b/modules/encoders/hash/sha3/secgen_local/local.rb @@ -1,15 +1,15 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'digest/sha3' +require 'openssl' class SHA3Encoder < HashEncoder def initialize super - self.module_name = 'SHA1 Encoder' + self.module_name = 'SHA1 Encoder' # ?? end def hash_function(string) - Digest::SHA1.hexdigest(string) + OpenSSL::Digest::SHA1.new.hexdigest(string) # ?? end end diff --git a/modules/encoders/hash/sha384/secgen_local/local.rb b/modules/encoders/hash/sha384/secgen_local/local.rb index cf8ba5b8e..e58fde978 100644 --- a/modules/encoders/hash/sha384/secgen_local/local.rb +++ b/modules/encoders/hash/sha384/secgen_local/local.rb @@ -1,5 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' +require 'openssl' class SHA384Encoder < HashEncoder def initialize @@ -8,7 +9,7 @@ class SHA384Encoder < HashEncoder end def hash_function(string) - Digest::SHA384.hexdigest(string) + OpenSSL::Digest::SHA384.new.hexdigest(string) end end diff --git a/modules/encoders/hash/sha512/secgen_local/local.rb b/modules/encoders/hash/sha512/secgen_local/local.rb index 0b24e1d7b..dbe34375a 100644 --- a/modules/encoders/hash/sha512/secgen_local/local.rb +++ b/modules/encoders/hash/sha512/secgen_local/local.rb @@ -1,5 +1,6 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' +require 'openssl' class SHA512Encoder < HashEncoder def initialize @@ -8,7 +9,7 @@ class SHA512Encoder < HashEncoder end def hash_function(string) - Digest::SHA512.hexdigest(string) + OpenSSL::Digest::SHA512.new.hexdigest(string) end end From 0018e310dcdb5f08abd8bda9426fab1d0001934c Mon Sep 17 00:00:00 2001 From: Tom Harrison Date: Fri, 6 Jan 2023 20:40:41 +0000 Subject: [PATCH 3/5] Gemfile cleanup Removed incompatible whirlpool encoder --- Gemfile | 4 +-- .../hash/whirlpool/manifests/.no_puppet | 0 .../hash/whirlpool/secgen_local/local.rb | 15 ---------- .../hash/whirlpool/secgen_metadata.xml | 30 ------------------- modules/encoders/hash/whirlpool/whirlpool.pp | 0 5 files changed, 1 insertion(+), 48 deletions(-) delete mode 100644 modules/encoders/hash/whirlpool/manifests/.no_puppet delete mode 100644 modules/encoders/hash/whirlpool/secgen_local/local.rb delete mode 100644 modules/encoders/hash/whirlpool/secgen_metadata.xml delete mode 100644 modules/encoders/hash/whirlpool/whirlpool.pp diff --git a/Gemfile b/Gemfile index c05b2db02..6d14090c0 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,5 @@ source 'https://rubygems.org' + #production gems go here gem 'nokogiri' gem 'puppet' @@ -23,7 +24,6 @@ gem 'process_helper' gem 'ovirt-engine-sdk' gem 'duplicate' gem 'smbhash' -#gem 'digest-whirlpool', :git => "https://github.com/havardMoe/ruby-digest-whirlpool.git" # Broken gem 'digest-siphash' gem 'scrypt' gem 'braille', :git => "http://github.com/nicanor/braille.git" @@ -33,7 +33,6 @@ gem 'huffman', :git => "https://github.com/fgosew/huffman" gem 'ruby-graphviz' gem 'rsa' gem 'gpgmeh' -# gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby" # Broken gem 'sha3' gem 'packetfu' gem 'net-ntp' @@ -45,6 +44,5 @@ gem 'sqlite3' group :test, :development do gem 'minitest' gem 'rake' - # gem 'rdoc' # Probably obsolete and breaking bundle install gem 'yard' end diff --git a/modules/encoders/hash/whirlpool/manifests/.no_puppet b/modules/encoders/hash/whirlpool/manifests/.no_puppet deleted file mode 100644 index e69de29bb..000000000 diff --git a/modules/encoders/hash/whirlpool/secgen_local/local.rb b/modules/encoders/hash/whirlpool/secgen_local/local.rb deleted file mode 100644 index ba1c37eb1..000000000 --- a/modules/encoders/hash/whirlpool/secgen_local/local.rb +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/ruby -require_relative '../../../../../lib/objects/local_hash_encoder.rb' - -class WhirlpoolEncoder < HashEncoder - def initialize - super - self.module_name = 'Whirlpool Hash Encoder' - end - - def hash_function(string) - Digest::Whirlpool.hexdigest(string) - end -end - -WhirlpoolEncoder.new.run diff --git a/modules/encoders/hash/whirlpool/secgen_metadata.xml b/modules/encoders/hash/whirlpool/secgen_metadata.xml deleted file mode 100644 index d32350364..000000000 --- a/modules/encoders/hash/whirlpool/secgen_metadata.xml +++ /dev/null @@ -1,30 +0,0 @@ - - - - Whirlpool Hash Encoder - Thomas Shaw - MIT - Generates a Whirlpool hash for each of the strings. - - hash - whirlpool - linux - windows - medium - - strings_to_encode - salt - return_salts - - string - - - Cryptography and authentication (hashes and attacks against authentication schemes / passwords) - - - cryptographic hashing - - - diff --git a/modules/encoders/hash/whirlpool/whirlpool.pp b/modules/encoders/hash/whirlpool/whirlpool.pp deleted file mode 100644 index e69de29bb..000000000 From 018bae6d752d5b4bfd9d4690b9a83bf85d6551ed Mon Sep 17 00:00:00 2001 From: Tom Harrison Date: Mon, 9 Jan 2023 18:27:11 +0000 Subject: [PATCH 4/5] Remove accidental sqlite3 from Gemfile --- Gemfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Gemfile b/Gemfile index 6d14090c0..ed8d0c3d6 100644 --- a/Gemfile +++ b/Gemfile @@ -38,7 +38,6 @@ gem 'packetfu' gem 'net-ntp' gem 'CFPropertyList' gem 'artii' -gem 'sqlite3' #development only gems go here group :test, :development do From 1205a48397bbfbf60778ea40431301559e77c127 Mon Sep 17 00:00:00 2001 From: Tom Harrison Date: Tue, 10 Jan 2023 10:33:21 +0000 Subject: [PATCH 5/5] Revert OpenSSL conversion for SHA1-based hashes Update local_encoding_functions to avoid FrozenError on encoding modules --- lib/objects/local_encoding_functions.rb | 2 +- modules/encoders/hash/sha1/secgen_local/local.rb | 3 +-- modules/encoders/hash/sha256/secgen_local/local.rb | 3 +-- modules/encoders/hash/sha384/secgen_local/local.rb | 3 +-- modules/encoders/hash/sha512/secgen_local/local.rb | 3 +-- 5 files changed, 5 insertions(+), 9 deletions(-) diff --git a/lib/objects/local_encoding_functions.rb b/lib/objects/local_encoding_functions.rb index 311ae289e..38d66ab00 100644 --- a/lib/objects/local_encoding_functions.rb +++ b/lib/objects/local_encoding_functions.rb @@ -25,7 +25,7 @@ class EncodingFunctions utf8 = [] value.map {|element| if element.is_a? String - utf8 << element.force_encoding('UTF-8') + utf8 << element.dup.force_encoding('UTF-8') elsif element.is_a? Hash utf8 << EncodingFunctions::hash_to_utf8(element) elsif element.is_a? Array diff --git a/modules/encoders/hash/sha1/secgen_local/local.rb b/modules/encoders/hash/sha1/secgen_local/local.rb index 3a92dbfa5..8eebcf998 100644 --- a/modules/encoders/hash/sha1/secgen_local/local.rb +++ b/modules/encoders/hash/sha1/secgen_local/local.rb @@ -1,6 +1,5 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'openssl' class SHA1Encoder < HashEncoder def initialize @@ -9,7 +8,7 @@ class SHA1Encoder < HashEncoder end def hash_function(string) - OpenSSL::Digest::SHA1.new.hexdigest(string) + Digest::SHA1.hexdigest(string) end end diff --git a/modules/encoders/hash/sha256/secgen_local/local.rb b/modules/encoders/hash/sha256/secgen_local/local.rb index cb6419bd4..356405a05 100644 --- a/modules/encoders/hash/sha256/secgen_local/local.rb +++ b/modules/encoders/hash/sha256/secgen_local/local.rb @@ -1,6 +1,5 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'openssl' class SHA256Encoder < HashEncoder def initialize @@ -9,7 +8,7 @@ class SHA256Encoder < HashEncoder end def hash_function(string) - OpenSSL::Digest::SHA256.new.hexdigest(string) + Digest::SHA256.hexdigest(string) end end diff --git a/modules/encoders/hash/sha384/secgen_local/local.rb b/modules/encoders/hash/sha384/secgen_local/local.rb index e58fde978..cf8ba5b8e 100644 --- a/modules/encoders/hash/sha384/secgen_local/local.rb +++ b/modules/encoders/hash/sha384/secgen_local/local.rb @@ -1,6 +1,5 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'openssl' class SHA384Encoder < HashEncoder def initialize @@ -9,7 +8,7 @@ class SHA384Encoder < HashEncoder end def hash_function(string) - OpenSSL::Digest::SHA384.new.hexdigest(string) + Digest::SHA384.hexdigest(string) end end diff --git a/modules/encoders/hash/sha512/secgen_local/local.rb b/modules/encoders/hash/sha512/secgen_local/local.rb index dbe34375a..0b24e1d7b 100644 --- a/modules/encoders/hash/sha512/secgen_local/local.rb +++ b/modules/encoders/hash/sha512/secgen_local/local.rb @@ -1,6 +1,5 @@ #!/usr/bin/ruby require_relative '../../../../../lib/objects/local_hash_encoder.rb' -require 'openssl' class SHA512Encoder < HashEncoder def initialize @@ -9,7 +8,7 @@ class SHA512Encoder < HashEncoder end def hash_function(string) - OpenSSL::Digest::SHA512.new.hexdigest(string) + Digest::SHA512.hexdigest(string) end end