Commit f379d9e1579013e2b5575aee56ba6d42d0eb8f54
2024-10-27T19:13:09
wip crypt on linux
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68
diff --git a/libkc3/crypt.c b/libkc3/crypt.c
index b4de45f..459dd75 100644
--- a/libkc3/crypt.c
+++ b/libkc3/crypt.c
@@ -67,16 +67,13 @@ bool * crypt_check_password (const s_str *pass, const s_str *hash,
bool *dest)
{
sw e;
+ s_str str;
assert(pass);
assert(hash);
assert(dest);
- if (bcrypt_checkpass(pass->ptr.pchar, hash->ptr.pchar)) {
- if (errno != EACCES) {
- e = errno;
- err_write_1("crypt_check_password: ");
- err_write_1(strerror(e));
- err_write_1("\n");
- }
+ if (! crypt_sha512(pass, hash, &str)) {
+ err_puts("crypt_check_password: crypt_sha512");
+ assert(! "crypt_check_password: crypt_sha512");
*dest = false;
}
else
@@ -84,24 +81,27 @@ bool * crypt_check_password (const s_str *pass, const s_str *hash,
return dest;
}
-s_str * crypt_hash_password (const s_sym * const *hash,
- const s_str *pass, s_str *dest)
+s_str * crypt_hash_password (const s_str *pass, s_str *dest)
{
- sw e;
- char hash[_PASSWORD_LEN] = {0};
- char *salt = NULL;
- assert(pass);
- assert(dest);
- if (! (salt = bcrypt_
- if (crypt_newhash(pass->ptr.pchar, "bcrypt,a", hash,
- sizeof(hash))) {
- e = errno;
- err_write_1("crypt_hash_password: ");
- err_write_1(strerror(e));
- err_write_1("\n");
+ s_str prefix = {{NULL}, 17, {"$6$rounds=123456$"}};
+ s_str salt;
+ s_str config;
+ s_str hash;
+ if (! str_init_random_base64(&salt, 16))
+ return NULL;
+ if (! str_init_concatenate(&config, &prefix, &salt)) {
+ str_clean(&salt);
return NULL;
}
- return str_init_copy_1(dest, hash);
+ if (! crypt_sha512(pass, &config, &hash)) {
+ str_clean(&config);
+ str_clean(&salt);
+ return NULL;
+ }
+ str_clean(&config);
+ str_clean(&salt);
+ *dest = hash;
+ return dest;
}
#endif