PBKDF2Hash(const std::string& data) { irc::sepstream ss(data, ':'); std::string tok; ss.GetToken(tok); this->iterations = ConvToInt(tok); ss.GetToken(tok); this->hash = Base64ToBin(tok); ss.GetToken(tok); this->salt = Base64ToBin(tok); this->length = this->hash.length(); }
ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype) override { if (!hashtype.compare(0, 5, "hmac-", 5)) { std::string type(hashtype, 5); HashProvider* hp = ServerInstance->Modules.FindDataService<HashProvider>("hash/" + type); if (!hp) return MOD_RES_PASSTHRU; if (hp->IsKDF()) { ServerInstance->Logs.Log(MODNAME, LOG_DEFAULT, "Tried to use HMAC with %s, which does not support HMAC", type.c_str()); return MOD_RES_DENY; } // this is a valid hash, from here on we either accept or deny std::string::size_type sep = data.find('$'); if (sep == std::string::npos) return MOD_RES_DENY; std::string salt = Base64ToBin(data.substr(0, sep)); std::string target = Base64ToBin(data.substr(sep + 1)); if (target == hp->hmac(salt, input)) return MOD_RES_ALLOW; else return MOD_RES_DENY; } HashProvider* hp = ServerInstance->Modules.FindDataService<HashProvider>("hash/" + hashtype); /* Is this a valid hash name? */ if (hp) { if (hp->Compare(input, data)) return MOD_RES_ALLOW; else /* No match, and must be hashed, forbid */ return MOD_RES_DENY; } // We don't handle this type, let other mods or the core decide return MOD_RES_PASSTHRU; }
void SignatureVerifier::VerifyDSASHA1SignatureValid(const std::wstring &filename, const std::string &signature_base64) { try { if (signature_base64.size() == 0) throw BadSignatureException("Missing DSA signature!"); TinySSL::inst().VerifyDSASHA1Signature(filename, Base64ToBin(signature_base64)); } catch (BadSignatureException&) { throw; } catch (const std::exception &e) { throw BadSignatureException(e.what()); } catch (...) { throw BadSignatureException(); } }