forked from lda/telodendria
Refactor Sha API to return raw bytes, added Sha1() function.
This commit is contained in:
parent
8f0d197480
commit
8bda70b1fb
5 changed files with 117 additions and 41 deletions
|
@ -21,30 +21,28 @@
|
||||||
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
* SOFTWARE.
|
* SOFTWARE.
|
||||||
*/
|
*/
|
||||||
|
#include <Sha.h>
|
||||||
|
#include <Memory.h>
|
||||||
|
|
||||||
#ifndef CYTOPLASM_SHA2_H
|
#include <stdio.h>
|
||||||
#define CYTOPLASM_SHA2_H
|
#include <string.h>
|
||||||
|
|
||||||
/***
|
char *
|
||||||
* @Nm Sha2
|
ShaToHex(unsigned char *bytes)
|
||||||
* @Nd A simple implementation of the SHA2 hashing functions.
|
{
|
||||||
* @Dd December 19 2022
|
size_t i = 0;
|
||||||
* @Xr Memory Base64
|
char *str = Malloc(((strlen((char *) bytes) * 2) + 1) * sizeof(char));
|
||||||
*
|
|
||||||
* This API defines simple functions for computing SHA2 hashes.
|
|
||||||
* At the moment, it only defines
|
|
||||||
* .Fn Sha256 ,
|
|
||||||
* which computes the SHA-256 hash of the given C string. It is
|
|
||||||
* not trivial to implement SHA-512 in ANSI C due to the lack of
|
|
||||||
* a 64-bit integer type, so that hash function has been omitted.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/**
|
if (!str)
|
||||||
* This function takes a pointer to a NULL-terminated C string, and
|
{
|
||||||
* returns a string allocated on the heap using the Memory API, or
|
return NULL;
|
||||||
* NULL if there was an error allocating memory. The returned string
|
}
|
||||||
* should be freed when it is no longer needed.
|
|
||||||
*/
|
|
||||||
extern char * Sha256(char *);
|
|
||||||
|
|
||||||
#endif /* CYTOPLASM_SHA2_H */
|
while (bytes[i] != '\0')
|
||||||
|
{
|
||||||
|
snprintf(str + (2 * i), 3, "%02x", bytes[i]);
|
||||||
|
i++;
|
||||||
|
}
|
||||||
|
|
||||||
|
return str;
|
||||||
|
}
|
|
@ -21,7 +21,7 @@
|
||||||
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
* SOFTWARE.
|
* SOFTWARE.
|
||||||
*/
|
*/
|
||||||
#include <Sha2.h>
|
#include <Sha.h>
|
||||||
#include <Memory.h>
|
#include <Memory.h>
|
||||||
#include <Int.h>
|
#include <Int.h>
|
||||||
|
|
||||||
|
@ -170,13 +170,12 @@ Sha256Process(Sha256Context * context, unsigned char *data, size_t length)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
char *
|
unsigned char *
|
||||||
Sha256(char *str)
|
Sha256(char *str)
|
||||||
{
|
{
|
||||||
Sha256Context context;
|
Sha256Context context;
|
||||||
size_t i;
|
size_t i;
|
||||||
unsigned char out[32];
|
unsigned char *out;
|
||||||
char *outStr;
|
|
||||||
|
|
||||||
unsigned char fill[64];
|
unsigned char fill[64];
|
||||||
UInt32 fillLen;
|
UInt32 fillLen;
|
||||||
|
@ -189,8 +188,8 @@ Sha256(char *str)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
outStr = Malloc(65);
|
out = Malloc(33 * sizeof(unsigned char));
|
||||||
if (!outStr)
|
if (!out)
|
||||||
{
|
{
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -228,11 +227,7 @@ Sha256(char *str)
|
||||||
PUT_UINT32(&out[4 * i], context.state[i]);
|
PUT_UINT32(&out[4 * i], context.state[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Convert to string */
|
out[32] = '\0';
|
||||||
for (i = 0; i < 32; i++)
|
|
||||||
{
|
|
||||||
snprintf(outStr + (2 * i), 3, "%02x", out[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
return outStr;
|
return out;
|
||||||
}
|
}
|
76
Cytoplasm/src/include/Sha.h
Normal file
76
Cytoplasm/src/include/Sha.h
Normal file
|
@ -0,0 +1,76 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2022-2023 Jordan Bancino <@jordan:bancino.net>
|
||||||
|
*
|
||||||
|
* Permission is hereby granted, free of charge, to any person
|
||||||
|
* obtaining a copy of this software and associated documentation files
|
||||||
|
* (the "Software"), to deal in the Software without restriction,
|
||||||
|
* including without limitation the rights to use, copy, modify, merge,
|
||||||
|
* publish, distribute, sublicense, and/or sell copies of the Software,
|
||||||
|
* and to permit persons to whom the Software is furnished to do so,
|
||||||
|
* subject to the following conditions:
|
||||||
|
*
|
||||||
|
* The above copyright notice and this permission notice shall be
|
||||||
|
* included in all copies or portions of the Software.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||||
|
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||||
|
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||||||
|
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
||||||
|
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
||||||
|
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||||
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
* SOFTWARE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef CYTOPLASM_SHA_H
|
||||||
|
#define CYTOPLASM_SHA_H
|
||||||
|
|
||||||
|
/***
|
||||||
|
* @Nm Sha
|
||||||
|
* @Nd A simple implementation of a few SHA hashing functions.
|
||||||
|
* @Dd December 19 2022
|
||||||
|
* @Xr Memory Base64
|
||||||
|
*
|
||||||
|
* This API defines simple functions for computing SHA hashes.
|
||||||
|
* At the moment, it only defines
|
||||||
|
* .Fn Sha256
|
||||||
|
* and
|
||||||
|
* .Fn Sha1 ,
|
||||||
|
* which compute the SHA-256 and SHA-1 hashes of the given C string,
|
||||||
|
* respectively. It is not trivial to implement SHA-512 in ANSI C
|
||||||
|
* due to the lack of a 64-bit integer type, so that hash
|
||||||
|
* function has been omitted.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function takes a pointer to a NULL-terminated C string, and
|
||||||
|
* returns a NULL-terminated byte buffer allocated on the heap using
|
||||||
|
* the Memory API, or NULL if there was an error allocating memory.
|
||||||
|
* The returned byte buffer should be freed when it is no longer
|
||||||
|
* needed. It is important to note that the returned buffer is not
|
||||||
|
* a printable string; to get a printable string, use
|
||||||
|
* .Fn ShaToHex .
|
||||||
|
*/
|
||||||
|
extern unsigned char * Sha256(char *);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function takes a pointer to a NULL-terminated C string, and
|
||||||
|
* returns a NULL-terminated byte buffer allocated on the heap using
|
||||||
|
* the Memory API, or NULL if there was an error allocating memory.
|
||||||
|
* The returned byte buffer should be freed when it is no longer
|
||||||
|
* needed. It is important to note that the returned buffer is not
|
||||||
|
* a printable string; to get a printable string, use
|
||||||
|
* .Fn ShaToHex .
|
||||||
|
*/
|
||||||
|
extern unsigned char * Sha1(char *);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convert a SHA byte buffer into a hex string. These hex strings
|
||||||
|
* are typically what is transmitted, stored, and compared, however
|
||||||
|
* there may be times when it is necessary to work with the raw
|
||||||
|
* bytes directly, which is why the conversion to a hex string is
|
||||||
|
* a separate step.
|
||||||
|
*/
|
||||||
|
extern char * ShaToHex(unsigned char *);
|
||||||
|
|
||||||
|
#endif /* CYTOPLASM_SHA_H */
|
7
TODO.txt
7
TODO.txt
|
@ -16,10 +16,11 @@ Milestone: v0.4.0
|
||||||
|
|
||||||
[ ] Client-Server API
|
[ ] Client-Server API
|
||||||
[ ] 6: Filtering
|
[ ] 6: Filtering
|
||||||
[ ] 7: Events
|
[~] 7: Events
|
||||||
[ ] Compute size of JSON object in Canonical JSON
|
[ ] Compute size of JSON object in Canonical JSON
|
||||||
[ ] Rename Sha2.h to just Sha; add Sha1() function
|
[x] Rename Sha2.h to just Sha; add Sha1() function
|
||||||
[ ] Make Sha256() return raw bytes; add function to convert to string
|
[x] Make Sha256() return raw bytes; add function to
|
||||||
|
convert to hex string.
|
||||||
[ ] 8: Rooms
|
[ ] 8: Rooms
|
||||||
[~] 9: User Data
|
[~] 9: User Data
|
||||||
[x] Profiles
|
[x] Profiles
|
||||||
|
|
12
src/User.c
12
src/User.c
|
@ -25,7 +25,7 @@
|
||||||
#include <Util.h>
|
#include <Util.h>
|
||||||
#include <Memory.h>
|
#include <Memory.h>
|
||||||
#include <Str.h>
|
#include <Str.h>
|
||||||
#include <Sha2.h>
|
#include <Sha.h>
|
||||||
#include <Json.h>
|
#include <Json.h>
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
@ -358,6 +358,7 @@ UserCheckPassword(User * user, char *password)
|
||||||
char *storedHash;
|
char *storedHash;
|
||||||
char *salt;
|
char *salt;
|
||||||
|
|
||||||
|
unsigned char *hashBytes;
|
||||||
char *hashedPwd;
|
char *hashedPwd;
|
||||||
char *tmp;
|
char *tmp;
|
||||||
|
|
||||||
|
@ -379,8 +380,10 @@ UserCheckPassword(User * user, char *password)
|
||||||
}
|
}
|
||||||
|
|
||||||
tmp = StrConcat(2, password, salt);
|
tmp = StrConcat(2, password, salt);
|
||||||
hashedPwd = Sha256(tmp);
|
hashBytes = Sha256(tmp);
|
||||||
|
hashedPwd = ShaToHex(hashBytes);
|
||||||
Free(tmp);
|
Free(tmp);
|
||||||
|
Free(hashBytes);
|
||||||
|
|
||||||
result = StrEquals(hashedPwd, storedHash);
|
result = StrEquals(hashedPwd, storedHash);
|
||||||
|
|
||||||
|
@ -394,6 +397,7 @@ UserSetPassword(User * user, char *password)
|
||||||
{
|
{
|
||||||
HashMap *json;
|
HashMap *json;
|
||||||
|
|
||||||
|
unsigned char *hashBytes;
|
||||||
char *hash = NULL;
|
char *hash = NULL;
|
||||||
char *salt = NULL;
|
char *salt = NULL;
|
||||||
char *tmpstr = NULL;
|
char *tmpstr = NULL;
|
||||||
|
@ -407,13 +411,15 @@ UserSetPassword(User * user, char *password)
|
||||||
|
|
||||||
salt = StrRandom(16);
|
salt = StrRandom(16);
|
||||||
tmpstr = StrConcat(2, password, salt);
|
tmpstr = StrConcat(2, password, salt);
|
||||||
hash = Sha256(tmpstr);
|
hashBytes = Sha256(tmpstr);
|
||||||
|
hash = ShaToHex(hashBytes);
|
||||||
|
|
||||||
JsonValueFree(HashMapSet(json, "salt", JsonValueString(salt)));
|
JsonValueFree(HashMapSet(json, "salt", JsonValueString(salt)));
|
||||||
JsonValueFree(HashMapSet(json, "password", JsonValueString(hash)));
|
JsonValueFree(HashMapSet(json, "password", JsonValueString(hash)));
|
||||||
|
|
||||||
Free(salt);
|
Free(salt);
|
||||||
Free(hash);
|
Free(hash);
|
||||||
|
Free(hashBytes);
|
||||||
Free(tmpstr);
|
Free(tmpstr);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
|
Loading…
Reference in a new issue