Files
cozisnews/src/bcrypt.c
T
2025-08-17 10:40:09 +02:00

46 lines
1.2 KiB
C

#include <stddef.h>
#include <string.h>
#include <crypt_blowfish.h>
#include "bcrypt.h"
int hash_password(char *pass, int passlen, int cost, PasswordHash *hash)
{
char passzt[128];
if (passlen >= (int) sizeof(passzt))
return -1;
memcpy(passzt, pass, passlen);
passzt[passlen] = '\0';
unsigned char random[16] = {
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, // TODO
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
};
char salt[30];
if (_crypt_gensalt_blowfish_rn("$2b$", cost, (char*) random, sizeof(random), salt, sizeof(salt)) == NULL)
return -1;
if (_crypt_blowfish_rn(passzt, salt, hash->data, (int) sizeof(hash->data)) == NULL)
return -1;
return 0;
}
int check_password(char *pass, int passlen, PasswordHash hash)
{
char passzt[128];
if (passlen >= (int) sizeof(passzt))
return -1;
memcpy(passzt, pass, passlen);
passzt[passlen] = '\0';
PasswordHash new_hash;
if (_crypt_blowfish_rn(passzt, hash.data, new_hash.data, sizeof(new_hash.data)) == NULL)
return -1;
if (strcmp(hash.data, new_hash.data)) // TODO: should be constant-time
return 1;
return 0;
}