feat(csms): 添加 OCPP 鉴权

apps/csms/src/lib/ocpp-auth.ts

@@ -0,0 +1,32 @@
+import { randomBytes, scrypt, timingSafeEqual } from 'node:crypto'
+import { promisify } from 'node:util'
+
+const scryptAsync = promisify(scrypt)
+
+const SALT_LEN = 16
+const KEY_LEN = 64
+
+/** 生成随机明文密码（24 位 hex 字符串） */
+export function generateOcppPassword(): string {
+  return randomBytes(12).toString('hex')
+}
+
+/** 将明文密码哈希为存储格式 `<salt_hex>:<hash_hex>` */
+export async function hashOcppPassword(password: string): Promise<string> {
+  const salt = randomBytes(SALT_LEN)
+  const hash = (await scryptAsync(password, salt, KEY_LEN)) as Buffer
+  return `${salt.toString('hex')}:${hash.toString('hex')}`
+}
+
+/** 验证明文密码是否与存储的哈希匹配 */
+export async function verifyOcppPassword(
+  password: string,
+  stored: string,
+): Promise<boolean> {
+  const [saltHex, hashHex] = stored.split(':')
+  if (!saltHex || !hashHex) return false
+  const salt = Buffer.from(saltHex, 'hex')
+  const expectedHash = Buffer.from(hashHex, 'hex')
+  const actualHash = (await scryptAsync(password, salt, KEY_LEN)) as Buffer
+  return timingSafeEqual(expectedHash, actualHash)
+}