Basic encryption and password validation.

This is a placeholder encryption scheme for authentication.
author: Kjetil Orbekk <kjetil.orbekk@gmail.com> 2017-06-16 21:27:31 -0400
committer: Kjetil Orbekk <kjetil.orbekk@gmail.com> 2017-06-16 21:27:41 -0400
commit: dc642430468a1942246642775040f9784ca3e8f2 (patch)
tree: 5f2475e1744b6f318f1a0715b9ec1568d7e1d193 /src/auth
parent: 285075f369690295a0ffc83fdb5b68f3460b30d5 (diff)
1 files changed, 32 insertions, 0 deletions
diff --git a/src/auth/mod.rs b/src/auth/mod.rs
new file mode 100644
index 0000000..9ef9960
--- /dev/null
+++ b/src/auth/mod.rs
@@ -0,0 +1,32 @@
+extern crate crypto;
+extern crate base64;
+
+use crypto::bcrypt_pbkdf::bcrypt_pbkdf;
+
+// TODO: Replace salt with a random string.
+// TODO: Configurable number of iterations.
+pub fn encode(pw: &str) -> String {
+    let salt = "hello";
+    let mut enc = vec!(0; 32);
+    let encrypted = bcrypt_pbkdf(pw.as_bytes(), salt.as_bytes(),
+                                 10, &mut enc);
+    format!("${}${}${}", "sdv1",
+            base64::encode(salt.as_bytes()), base64::encode(&enc))
+}
+
+pub fn validate(pw: &str, enc: &str) -> bool {
+    // let cs = enc.split('$');
+    // println("{:?}", cs.len());
+    // let enc_pw = cs[3];
+    encode(pw) == enc
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    #[test]
+    fn it_validates() {
+        assert_eq!(false, validate("123", "123"));
+        assert_eq!(true, validate("123", &encode("123")));
+    }
+}
author	Kjetil Orbekk <kjetil.orbekk@gmail.com>	2017-06-16 21:27:31 -0400
committer	Kjetil Orbekk <kjetil.orbekk@gmail.com>	2017-06-16 21:27:41 -0400
commit	dc642430468a1942246642775040f9784ca3e8f2 (patch)
tree	5f2475e1744b6f318f1a0715b9ec1568d7e1d193 /src/auth
parent	285075f369690295a0ffc83fdb5b68f3460b30d5 (diff)