// Non-public secure PBKDF2 hash function with salting and 1,337 iterations std::string JSI_Lobby::EncryptPassword(const std::string& password, const std::string& username) { const int DIGESTSIZE = SHA_DIGEST_SIZE; const int ITERATIONS = 1337; static const unsigned char salt_base[DIGESTSIZE] = { 244, 243, 249, 244, 32, 33, 34, 35, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 32, 33, 244, 224, 127, 129, 130, 140, 153, 133, 123, 234, 123 }; // initialize the salt buffer unsigned char salt_buffer[DIGESTSIZE] = {0}; SHA256 hash; hash.update(salt_base, sizeof(salt_base)); hash.update(username.c_str(), username.length()); hash.finish(salt_buffer); // PBKDF2 to create the buffer unsigned char encrypted[DIGESTSIZE]; pbkdf2(encrypted, (unsigned char*)password.c_str(), password.length(), salt_buffer, DIGESTSIZE, ITERATIONS); static const char base16[] = "0123456789ABCDEF"; char hex[2 * DIGESTSIZE]; for (int i = 0; i < DIGESTSIZE; ++i) { hex[i*2] = base16[encrypted[i] >> 4]; // 4 high bits hex[i*2 + 1] = base16[encrypted[i] & 0x0F]; // 4 low bits } return std::string(hex, sizeof(hex)); }
std::string sha256(const std::string& input) { SHA256::uint8 digest[SHA256::DIGEST_SIZE]; memset(digest,0,SHA256::DIGEST_SIZE); SHA256 ctx = SHA256(); ctx.init(); ctx.update( (SHA256::uint8*)input.c_str(), input.length()); ctx._final(digest); char buf[2*SHA256::DIGEST_SIZE+1]; buf[2*SHA256::DIGEST_SIZE] = 0; for (int i = 0; i < SHA256::DIGEST_SIZE; i++) sprintf(buf+i*2, "%02x", digest[i]); return std::string(buf); }