added: getHash function to generate hash and VerifyHash to verify gen…

…erated hash against a password.
inkfil · Nov 13, 2023 · 0ae560f · 0ae560f
1 parent 357f26b
commit 0ae560f
Show file tree

Hide file tree

Showing 7 changed files with 169 additions and 0 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
diff --git a/github/workflows/build.yml b/github/workflows/build.yml
diff --git a/include/hash.h b/include/hash.h
@@ -0,0 +1,23 @@
+#ifndef HASH_H
+#define HASH_H
+
+#include <iostream>
+#include <typedefs.h>
+#include <hash.h>
+
+extern "C" {
+        #include "pkdf2_hash.h"
+}
+
+class Hash {
+public:
+        static ByteArray GetHash(std::string password);
+        static bool VerifyHash(ByteArray hash, std::string password);
+
+        // Utility  Functions.
+        static ByteArray string_to_bytearray(std::string str);
+        static std::string print_hash(ByteArray ba);
+};
+
+#endif // HASH_H
+
diff --git a/include/pkdf2_hash.h b/include/pkdf2_hash.h
@@ -0,0 +1,38 @@
+/* 
+   scrypthash.c and scrypthash.h
+
+   Copyright (C) 2012 Barry Steyn (http://doctrina.org/Scrypt-Authentication-For-Node.html)
+
+   This source code is provided 'as-is', without any express or implied
+   warranty. In no event will the author be held liable for any damages
+   arising from the use of this software.
+
+   Permission is granted to anyone to use this software for any purpose,
+   including commercial applications, and to alter it and redistribute it
+   freely, subject to the following restrictions:
+
+   1. The origin of this source code must not be misrepresented; you must not
+      claim that you wrote the original source code. If you use this source code
+      in a product, an acknowledgment in the product documentation would be
+      appreciated but is not required.
+
+   2. Altered source versions must be plainly marked as such, and must not be
+      misrepresented as being the original source code.
+
+   3. This notice may not be removed or altered from any source distribution.
+
+   Barry Steyn [email protected] 
+
+*/
+
+#ifndef PKDF2_HASH_H
+#define PKDF2_HASH_H
+
+#include <stdint.h>
+#include <stdio.h>
+
+unsigned int pickparams(int *logN, uint32_t *r, uint32_t *p, double maxtime, double maxmem, double maxmemfrac, size_t osfreemem);
+unsigned int KDF(const uint8_t*, size_t, uint8_t*, uint32_t, uint32_t, uint32_t, const uint8_t*);
+unsigned int Verify(const uint8_t*, const uint8_t*, size_t);
+
+#endif // PKDF2_HASH_H
diff --git a/include/typedefs.h b/include/typedefs.h
@@ -0,0 +1,13 @@
+#ifndef TYPEDEF_H
+#define TYPEDEF_H
+
+#include <string>
+#include <vector>
+
+typedef std::vector<std::string> Strings;
+typedef std::vector<int> Ints;
+typedef std::vector<float> Floats;
+typedef std::vector<double> Doubles;
+typedef std::vector<uint8_t> ByteArray;
+
+#endif // TYPEDEF_H
diff --git a/main.cpp b/main.cpp
@@ -0,0 +1,37 @@
+#include <iostream>
+#include <typedefs.h>
+#include <hash.h>
+
+
+int main(const int argc, const char** argv){
+
+	if(argc != 3){
+		std::cerr << "Usage: ./spit_it <password_to_hash>" <<std::endl;
+	}
+
+	std::string password = argv[1];
+
+	/*
+		purpose: encode cleartext -> hash;
+		inputs: password -> pixiink, std::string to encode.
+		output: hash -> generated 96 length bytearray.
+	*/
+	ByteArray hash = Hash::GetHash(password);
+	std::cout << "\nHash: " << Hash::print_hash(hash) << std::endl;
+
+	/*
+		purpose: verify a pre generated hash againt a cleartext;
+		input:
+			password -> pixiink, std::string to verify against.
+			hash -> pregenerated 96 length bytearray.
+		output: bool -> true if hash matches, else false.
+	*/
+	bool isVerifiedHash = Hash::VerifyHash(hash, password);
+	std::cout << "\nHash verified: " << isVerifiedHash << std::endl;
+
+	password.append("a");
+	isVerifiedHash = Hash::VerifyHash(hash, password);
+	std::cout << "\nHash verified: " << isVerifiedHash << std::endl;
+
+	return 0;
+}
diff --git a/src/hash.cpp b/src/hash.cpp
@@ -0,0 +1,58 @@
+#include "hash.h"
+
+ByteArray Hash::GetHash(std::string password) {
+    ByteArray password_ba = string_to_bytearray(password);
+    uint8_t *password_cleartext = (uint8_t *)password_ba.data();
+
+    size_t maxmem = 0;
+    double maxmemfrac = 0.5;
+    double maxtime = 0.1;
+    uint8_t outbuf[96]; //Header size for password derivation is fixed
+
+    int passwdSize = password_ba.size();
+	int logN = 0;
+	uint32_t r = 0;
+	uint32_t p = 0;
+	uint8_t salt[] = "abcdefghijklmnopqrstuvwxyzabcdef";
+	size_t osfreemem = 100;
+	pickparams(&logN, &r, &p, maxtime, maxmem, maxmemfrac, osfreemem);
+
+	int result = KDF(password_cleartext, (uint8_t)passwdSize, outbuf, logN, r, p, salt);
+
+	if(result){
+        return ByteArray();
+    }
+    return ByteArray(std::begin(outbuf), std::end(outbuf));
+}
+
+bool Hash::VerifyHash(ByteArray hash, std::string password) {
+    ByteArray password_ba = string_to_bytearray(password);
+
+	uint8_t *password_cleartext = (uint8_t *)password_ba.data();
+    size_t passwdSize = password_ba.size();
+
+	int result = Verify((uint8_t *)hash.data(), password_cleartext, passwdSize);
+	return !result;
+}
+
+ByteArray Hash::string_to_bytearray(std::string str) {
+    if(str.length() < 0){
+        return ByteArray();
+    }
+
+    ByteArray result;
+    for (const auto& c : str) {
+        result.push_back(static_cast<uint8_t>(c));
+    }
+
+    return result;
+}
+
+std::string Hash::print_hash(ByteArray ba) {
+    std::string result = "\n";
+    for(const auto& elem: ba){
+        result += elem;
+    }
+    result += "\n";
+    return result;
+}