server/src/util/password.c

#ifdef _MSC_VER
#include <platform.h>
#endif
#include "password.h"

#include "crypto/crypto.h"

#include <assert.h>
#include <string.h>
#include <stdio.h>

int bcrypt_workfactor = 8;

bool password_is_implemented(cryptalgo_t algo) {
    if (algo == PASSWORD_BCRYPT) return true;
    return algo == PASSWORD_PLAINTEXT;
}

const char * password_encode(const char * passwd, cryptalgo_t algo) {
    if (algo == PASSWORD_BCRYPT) {
        char salt[BCRYPT_HASHSIZE];
        static char hash[BCRYPT_HASHSIZE];
        int ret;
        bcrypt_gensalt(bcrypt_workfactor, salt);
        ret = bcrypt_hashpw(passwd, salt, hash);
        assert(ret == 0);
        return hash;
    }
    return passwd;
}

int password_verify(const char * pwhash, const char * passwd) {
    if (pwhash[0] == '$') {
        if (pwhash[1] == '2') {
            int ret = bcrypt_checkpw(passwd, pwhash);
            assert(ret != -1);
            return (ret == 0) ? VERIFY_OK : VERIFY_FAIL;
        }
    }
    return (strcmp(passwd, pwhash) == 0) ? VERIFY_OK : VERIFY_FAIL;
}
fix bcrypt library, add to password.c (works on mac) 2018-09-26 17:09:29 +02:00			`#ifdef _MSC_VER`
add a new password module start adding password hashing logic (WIP) does not yet pass all tests 2016-01-12 23:52:30 +01:00			`#include <platform.h>`
fix bcrypt library, add to password.c (works on mac) 2018-09-26 17:09:29 +02:00			`#endif`
add a new password module start adding password hashing logic (WIP) does not yet pass all tests 2016-01-12 23:52:30 +01:00			`#include "password.h"`

More WIN32 adaptations, configurable work factor. 2018-09-26 19:05:49 +02:00			`#include "crypto/crypto.h"`
fix bcrypt library, add to password.c (works on mac) 2018-09-26 17:09:29 +02:00
add a new password module start adding password hashing logic (WIP) does not yet pass all tests 2016-01-12 23:52:30 +01:00			`#include <assert.h>`
			`#include <string.h>`
			`#include <stdio.h>`
implement md5 password hashing (untested) disable test for case-insensitive password test fix faction/checkpasswd test 2016-01-13 14:41:09 +01:00
More WIN32 adaptations, configurable work factor. 2018-09-26 19:05:49 +02:00			`int bcrypt_workfactor = 8;`

fix bcrypt library, add to password.c (works on mac) 2018-09-26 17:09:29 +02:00			`bool password_is_implemented(cryptalgo_t algo) {`
			`if (algo == PASSWORD_BCRYPT) return true;`
remove all password hashing code 2016-07-13 19:10:22 +02:00			`return algo == PASSWORD_PLAINTEXT;`
add a new password module start adding password hashing logic (WIP) does not yet pass all tests 2016-01-12 23:52:30 +01:00			`}`

fix bcrypt library, add to password.c (works on mac) 2018-09-26 17:09:29 +02:00			`const char * password_encode(const char * passwd, cryptalgo_t algo) {`
			`if (algo == PASSWORD_BCRYPT) {`
			`char salt[BCRYPT_HASHSIZE];`
			`static char hash[BCRYPT_HASHSIZE];`
			`int ret;`
More WIN32 adaptations, configurable work factor. 2018-09-26 19:05:49 +02:00			`bcrypt_gensalt(bcrypt_workfactor, salt);`
fix bcrypt library, add to password.c (works on mac) 2018-09-26 17:09:29 +02:00			`ret = bcrypt_hashpw(passwd, salt, hash);`
			`assert(ret == 0);`
			`return hash;`
			`}`
remove all password hashing code 2016-07-13 19:10:22 +02:00			`return passwd;`
implement md5 password hashing (untested) disable test for case-insensitive password test fix faction/checkpasswd test 2016-01-13 14:41:09 +01:00			`}`

			`int password_verify(const char * pwhash, const char * passwd) {`
fix bcrypt library, add to password.c (works on mac) 2018-09-26 17:09:29 +02:00			`if (pwhash[0] == '$') {`
			`if (pwhash[1] == '2') {`
			`int ret = bcrypt_checkpw(passwd, pwhash);`
			`assert(ret != -1);`
			`return (ret == 0) ? VERIFY_OK : VERIFY_FAIL;`
			`}`
			`}`
remove all password hashing code 2016-07-13 19:10:22 +02:00			`return (strcmp(passwd, pwhash) == 0) ? VERIFY_OK : VERIFY_FAIL;`
add a new password module start adding password hashing logic (WIP) does not yet pass all tests 2016-01-12 23:52:30 +01:00			`}`