Branch
Hash :
605c2bf4
Author :
Thomas de Grivel
Date :
2024-11-27T15:02:23
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112
/* kc3
* Copyright 2022,2023,2024 kmx.io <contact@kmx.io>
*
* Permission is hereby granted to use this software granted the above
* copyright notice and this permission paragraph are included in all
* copies and substantial portions of this software.
*
* THIS SOFTWARE IS PROVIDED "AS-IS" WITHOUT ANY GUARANTEE OF
* PURPOSE AND PERFORMANCE. IN NO EVENT WHATSOEVER SHALL THE
* AUTHOR BE CONSIDERED LIABLE FOR THE USE AND PERFORMANCE OF
* THIS SOFTWARE.
*/
#include <sys/types.h>
#include <errno.h>
#ifndef WIN32
#include <pwd.h>
#endif
#include <string.h>
#include <unistd.h>
#include "assert.h"
#include "config.h"
#include "crypt.h"
#include "str.h"
#include "tag.h"
#if HAVE_CRYPT_NEWHASH
bool * crypt_check_password (const s_str *pass, const s_str *hash,
bool *dest)
{
sw e;
assert(pass);
assert(hash);
assert(dest);
if (crypt_checkpass(pass->ptr.pchar, hash->ptr.pchar)) {
if (errno != EACCES) {
e = errno;
err_write_1("crypt_check_password: ");
err_write_1(strerror(e));
err_write_1("\n");
}
*dest = false;
}
else
*dest = true;
return dest;
}
s_str * crypt_hash_password (const s_str *pass, s_str *dest)
{
sw e;
char hash[_PASSWORD_LEN] = {0};
assert(pass);
assert(dest);
if (crypt_newhash(pass->ptr.pchar, "bcrypt,a", hash,
sizeof(hash))) {
e = errno;
err_write_1("crypt_hash_password: ");
err_write_1(strerror(e));
err_write_1("\n");
return NULL;
}
return str_init_copy_1(dest, hash);
}
#else
/* SHA512 password hash */
bool * crypt_check_password (const s_str *pass, const s_str *hash,
bool *dest)
{
s_str str;
assert(pass);
assert(hash);
assert(dest);
if (! crypt_sha512(pass, hash, &str)) {
err_puts("crypt_check_password: crypt_sha512");
assert(! "crypt_check_password: crypt_sha512");
*dest = false;
}
else
*dest = true;
return dest;
}
s_str * crypt_hash_password (const s_str *pass, s_str *dest)
{
s_str config;
s_str hash;
s_str prefix = {{NULL}, 17, {"$6$rounds=123456$"}};
s_str salt;
s_tag tag;
tag_init_uw(&tag, 16);
if (! str_init_random_base64(&salt, &tag))
return NULL;
if (! str_init_concatenate(&config, &prefix, &salt)) {
str_clean(&salt);
return NULL;
}
if (! crypt_sha512(pass, &config, &hash)) {
str_clean(&config);
str_clean(&salt);
return NULL;
}
str_clean(&config);
str_clean(&salt);
*dest = hash;
return dest;
}
#endif