const char *
password_scheme_detect(const char *plain_password, const char *crypted_password,
const struct password_generate_params *params)
{
struct hash_iterate_context *ctx;
const char *key;
const struct password_scheme *scheme;
const unsigned char *raw_password;
size_t raw_password_size;
const char *error;
ctx = hash_table_iterate_init(password_schemes);
while (hash_table_iterate(ctx, password_schemes, &key, &scheme)) {
if (password_decode(crypted_password, scheme->name,
&raw_password, &raw_password_size,
&error) <= 0)
continue;
if (password_verify(plain_password, params, scheme->name,
raw_password, raw_password_size,
&error) > 0)
break;
key = NULL;
}
hash_table_iterate_deinit(&ctx);
return key;
}
bool checkpasswd(const faction * f, const char *passwd)
{
const char *pwhash;
if (!passwd) return false;
pwhash = faction_getpassword(f);
if (pwhash && password_verify(pwhash, passwd) == VERIFY_FAIL) {
log_info("password check failed: %s", factionname(f));
return false;
}
return true;
}
int
main(int argc, char **argv)
{
char *password = NULL, *hash = NULL;
char output[BLOWFISH_LEN+1];
size_t i, len;
int status = 0;
char *ret = NULL;
int opt;
const struct option long_options[] = {
{ "password", 1, NULL, 'p' },
{ "hash", 1, NULL, 'h' },
{ "verbose", 1, NULL, 'v' },
{ "quiet", 0, NULL, 'q' },
{ "version", 0, NULL, 'V' },
{ "help", 0, NULL, 'H' },
{ NULL, 0, NULL, 0 }
};
msgno = 0;
while ((opt = getopt_long(argc, argv, "p:h:vqVH",
long_options, NULL)) != -1) {
switch (opt) {
case 'p':
password = optarg;
break;
case 'h':
hash = optarg;
break;
case 'v':
if (optarg) {
msgno = atoi(optarg);
} else {
msgno += 1;
}
break;
case 'q':
msgno = -1;
break;
case 'V':
printf("PHP Password Hashing version: %d.%d.%d\n",
PHP_PASSWORD_VERSION_MAJOR,
PHP_PASSWORD_VERSION_MINOR,
PHP_PASSWORD_VERSION_BUILD);
return 0;
case 'H':
default:
usage(argv[0]);
return -1;
}
}
if (password_verify(password, hash) == 0) {
printf("OK\n");
} else {
printf("NG\n");
}
return 0;
}
static void test_passwords(CuTest *tc) {
const char *hash, *expect;
expect = "$apr1$FqQLkl8g$.icQqaDJpim4BVy.Ho5660";
if (password_is_implemented(PASSWORD_APACHE_MD5)) {
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "Hodor"));
hash = password_encode("Hodor", PASSWORD_APACHE_MD5);
CuAssertPtrNotNull(tc, hash);
CuAssertIntEquals(tc, 0, strncmp(hash, expect, 6));
} else {
CuAssertIntEquals(tc, VERIFY_UNKNOWN, password_verify(expect, "Hodor"));
}
expect = "$1$ZouUn04i$yNnT1Oy8azJ5V.UM9ppP5/";
if (password_is_implemented(PASSWORD_MD5)) {
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "jollygood"));
hash = password_encode("jollygood", PASSWORD_MD5);
CuAssertPtrNotNull(tc, hash);
CuAssertIntEquals(tc, 0, strncmp(hash, expect, 3));
} else {
CuAssertIntEquals(tc, VERIFY_UNKNOWN, password_verify(expect, "jollygood"));
}
expect = "password";
if (password_is_implemented(PASSWORD_PLAINTEXT)) {
hash = password_encode("password", PASSWORD_PLAINTEXT);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, hash, expect);
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "password"));
CuAssertIntEquals(tc, VERIFY_FAIL, password_verify(expect, "arseword"));
} else {
CuAssertIntEquals(tc, VERIFY_UNKNOWN, password_verify(expect, "password"));
}
expect = "$0$password";
if (password_is_implemented(PASSWORD_NOCRYPT)) {
hash = password_encode("password", PASSWORD_NOCRYPT);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, hash, expect);
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "password"));
CuAssertIntEquals(tc, VERIFY_FAIL, password_verify(expect, "arseword"));
} else {
CuAssertIntEquals(tc, VERIFY_UNKNOWN, password_verify(expect, "password"));
}
expect = "$2y$05$RJ8qAhu.foXyJLdc2eHTLOaK4MDYn3/v4HtOVCq0Plv2yxcrEB7Wm";
if (password_is_implemented(PASSWORD_BCRYPT)) {
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "Hodor"));
hash = password_encode("Hodor", PASSWORD_BCRYPT);
CuAssertPtrNotNull(tc, hash);
CuAssertIntEquals(tc, 0, strncmp(hash, expect, 7));
} else {
CuAssertIntEquals(tc, VERIFY_UNKNOWN, password_verify(expect, "Hodor"));
}
CuAssertIntEquals(tc, VERIFY_UNKNOWN, password_verify("$9$saltyfish$password", "password"));
}
