diff options
| author | Kjetil Orbekk <kjetil.orbekk@gmail.com> | 2017-06-16 21:27:31 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kjetil.orbekk@gmail.com> | 2017-06-16 21:27:41 -0400 |
| commit | dc642430468a1942246642775040f9784ca3e8f2 (patch) | |
| tree | 5f2475e1744b6f318f1a0715b9ec1568d7e1d193 /src | |
| parent | 285075f369690295a0ffc83fdb5b68f3460b30d5 (diff) | |
Basic encryption and password validation.
This is a placeholder encryption scheme for authentication.
Diffstat (limited to 'src')
| -rw-r--r-- | src/auth/mod.rs | 32 | ||||
| -rw-r--r-- | src/bin/crypto.rs | 5 | ||||
| -rw-r--r-- | src/lib.rs | 3 |
3 files changed, 37 insertions, 3 deletions
diff --git a/src/auth/mod.rs b/src/auth/mod.rs new file mode 100644 index 0000000..9ef9960 --- /dev/null +++ b/src/auth/mod.rs @@ -0,0 +1,32 @@ +extern crate crypto; +extern crate base64; + +use crypto::bcrypt_pbkdf::bcrypt_pbkdf; + +// TODO: Replace salt with a random string. +// TODO: Configurable number of iterations. +pub fn encode(pw: &str) -> String { + let salt = "hello"; + let mut enc = vec!(0; 32); + let encrypted = bcrypt_pbkdf(pw.as_bytes(), salt.as_bytes(), + 10, &mut enc); + format!("${}${}${}", "sdv1", + base64::encode(salt.as_bytes()), base64::encode(&enc)) +} + +pub fn validate(pw: &str, enc: &str) -> bool { + // let cs = enc.split('$'); + // println("{:?}", cs.len()); + // let enc_pw = cs[3]; + encode(pw) == enc +} + +#[cfg(test)] +mod tests { + use super::*; + #[test] + fn it_validates() { + assert_eq!(false, validate("123", "123")); + assert_eq!(true, validate("123", &encode("123"))); + } +} diff --git a/src/bin/crypto.rs b/src/bin/crypto.rs index e059663..5cc8549 100644 --- a/src/bin/crypto.rs +++ b/src/bin/crypto.rs @@ -1,4 +1,5 @@ extern crate crypto; +extern crate systemhttp; use crypto::bcrypt_pbkdf::bcrypt_pbkdf; @@ -7,12 +8,14 @@ pub fn encode(pw: &str) -> Vec<u8> { let mut out = vec!(0; 32); let encrypted = bcrypt_pbkdf( pw.as_bytes(), salt.as_bytes(), - 100, &mut out); + 10, &mut out); out } pub fn main() { let pw = "123"; let out = encode(pw); + let out2 = systemhttp::auth::encode(pw); println!("{}: {:?}", pw, out); + println!("{}: {:?}", pw, out2); } @@ -1,11 +1,10 @@ #[macro_use] extern crate horrorshow; -extern crate rust_crypto; extern crate sqlite; pub mod systemd; pub mod render; -mod auth; +pub mod auth; #[cfg(test)] mod tests { |