2 * InspIRCd -- Internet Relay Chat Daemon
4 * Copyright (C) 2014 Daniel Vassdal <shutter@canternet.org>
6 * This file is part of InspIRCd. InspIRCd is free software: you can
7 * redistribute it and/or modify it under the terms of the GNU General Public
8 * License as published by the Free Software Foundation, version 2.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
12 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "modules/hash.h"
24 // Iterations:B64(Hash):B64(Salt)
26 // 10200:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
30 unsigned int iterations;
35 PBKDF2Hash(unsigned int itr, unsigned int dkl, const std::string& slt, const std::string& hsh = "")
36 : iterations(itr), length(dkl), salt(slt), hash(hsh)
40 PBKDF2Hash(const std::string& data)
42 irc::sepstream ss(data, ':');
46 this->iterations = ConvToInt(tok);
49 this->hash = Base64ToBin(tok);
52 this->salt = Base64ToBin(tok);
54 this->length = this->hash.length();
57 std::string ToString()
61 return ConvToStr(this->iterations) + ":" + BinToBase64(this->hash) + ":" + BinToBase64(this->salt);
66 if (!this->iterations || !this->length || this->salt.empty() || this->hash.empty())
72 class PBKDF2Provider : public HashProvider
75 HashProvider* provider;
76 unsigned int iterations;
77 unsigned int dkey_length;
79 std::string PBKDF2(const std::string& pass, const std::string& salt, unsigned int itr = 0, unsigned int dkl = 0)
81 size_t blocks = std::ceil((double)dkl / provider->out_size);
85 std::string salt_block = salt;
86 for (size_t block = 1; block <= blocks; block++)
89 for (size_t i = 0; i < sizeof(salt_data); i++)
90 salt_data[i] = block >> (24 - i * 8) & 0x0F;
92 salt_block.erase(salt.length());
93 salt_block.append(salt_data, sizeof(salt_data));
95 std::string blockdata = provider->hmac(pass, salt_block);
96 std::string lasthash = blockdata;
97 for (size_t iter = 1; iter < itr; iter++)
99 tmphash = provider->hmac(pass, lasthash);
100 for (size_t i = 0; i < provider->out_size; i++)
101 blockdata[i] ^= tmphash[i];
103 lasthash.swap(tmphash);
112 std::string GenerateRaw(const std::string& data) CXX11_OVERRIDE
114 PBKDF2Hash hs(this->iterations, this->dkey_length, ServerInstance->GenRandomStr(dkey_length, false));
115 hs.hash = PBKDF2(data, hs.salt, this->iterations, this->dkey_length);
116 return hs.ToString();
119 bool Compare(const std::string& input, const std::string& hash) CXX11_OVERRIDE
125 std::string cmp = PBKDF2(input, hs.salt, hs.iterations, hs.length);
126 return (cmp == hs.hash);
129 std::string ToPrintable(const std::string& raw) CXX11_OVERRIDE
134 PBKDF2Provider(Module* mod, HashProvider* hp)
135 : HashProvider(mod, "pbkdf2-hmac-" + hp->name.substr(hp->name.find('/') + 1))
138 DisableAutoRegister();
142 class ModulePBKDF2 : public Module
144 std::vector<PBKDF2Provider*> providers;
148 // First set the common values
149 ConfigTag* tag = ServerInstance->Config->ConfValue("pbkdf2");
150 unsigned int global_iterations = tag->getInt("iterations", 12288, 1);
151 unsigned int global_dkey_length = tag->getInt("length", 32, 1, 1024);
152 for (std::vector<PBKDF2Provider*>::iterator i = providers.begin(); i != providers.end(); ++i)
154 PBKDF2Provider* pi = *i;
155 pi->iterations = global_iterations;
156 pi->dkey_length = global_dkey_length;
159 // Then the specific values
160 ConfigTagList tags = ServerInstance->Config->ConfTags("pbkdf2prov");
161 for (ConfigIter i = tags.first; i != tags.second; ++i)
164 std::string hash_name = "hash/" + tag->getString("hash");
165 for (std::vector<PBKDF2Provider*>::iterator j = providers.begin(); j != providers.end(); ++j)
167 PBKDF2Provider* pi = *j;
168 if (pi->provider->name != hash_name)
171 pi->iterations = tag->getInt("iterations", global_iterations, 1);
172 pi->dkey_length = tag->getInt("length", global_dkey_length, 1, 1024);
180 stdalgo::delete_all(providers);
183 void Prioritize() CXX11_OVERRIDE
188 void OnLoadModule(Module* mod) CXX11_OVERRIDE
190 bool newProv = false;
191 // As the module doesn't tell us what ServiceProviders it has, let's iterate all (yay ...) the ServiceProviders
192 // Good thing people don't run loading and unloading those all the time
193 for (std::multimap<std::string, ServiceProvider*>::iterator i = ServerInstance->Modules->DataProviders.begin(); i != ServerInstance->Modules->DataProviders.end(); ++i)
195 ServiceProvider* provider = i->second;
197 // Does the service belong to the new mod?
198 // In the case this is our first run (mod == NULL, continue anyway)
199 if (mod && provider->creator != mod)
202 // Check if it's a hash provider
203 if (provider->name.compare(0, 5, "hash/"))
206 HashProvider* hp = static_cast<HashProvider*>(provider);
211 bool has_prov = false;
212 for (std::vector<PBKDF2Provider*>::const_iterator j = providers.begin(); j != providers.end(); ++j)
214 if ((*j)->provider == hp)
225 PBKDF2Provider* prov = new PBKDF2Provider(this, hp);
226 providers.push_back(prov);
227 ServerInstance->Modules->AddService(*prov);
234 void OnUnloadModule(Module* mod) CXX11_OVERRIDE
236 for (std::vector<PBKDF2Provider*>::iterator i = providers.begin(); i != providers.end(); )
238 PBKDF2Provider* item = *i;
239 if (item->provider->creator != mod)
245 ServerInstance->Modules->DelService(*item);
247 i = providers.erase(i);
251 void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
256 Version GetVersion() CXX11_OVERRIDE
258 return Version("Implements PBKDF2 hashing", VF_VENDOR);
262 MODULE_INIT(ModulePBKDF2)
projects / user / henk / code / inspircd.git / blob