Initial commit

1 files changed, 116 insertions, 0 deletions

diff --git a/src/main.rs b/src/main.rs
new file mode 100644
index 0000000..99443a2
--- /dev/null
+++ b/src/main.rs
@@ -0,0 +1,116 @@
+// checkpw - Check passwords against pwnedpasswords.com
+// Copyright (C) 2018  Harald Eilertsen <haraldei@anduin.net>
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+extern crate futures;
+extern crate hyper;
+extern crate hyper_tls;
+extern crate ring;
+extern crate tokio_core;
+
+use futures::{Future, Stream};
+use hyper::Client;
+use hyper_tls::HttpsConnector;
+use ring::digest;
+use std::env;
+use tokio_core::reactor::Core;
+
+//
+// Convert a slice of bytes into a string of hex values
+//
+fn to_hex(data: &[u8]) -> String {
+    data.into_iter()
+        .map(|b| format!("{:02X}", b))
+        .collect()
+}
+
+#[test]
+fn test_to_hex() {
+    let input = [0x01, 0x00, 0xff, 0xaa, 0x10, 0x07];
+    assert_eq!(to_hex(&input), "0100FFAA1007");
+}
+
+///
+/// Split the digest into the range and rest parts for k-anonymity
+///
+fn to_k_anon(d: digest::Digest) -> (String, String) {
+    let mut hash = to_hex(d.as_ref());
+    let rest = hash.split_off(5);
+    (hash, rest)
+}
+
+#[test]
+fn test_k_anon() {
+    let input = digest::digest(&digest::SHA1, "Passw0rd".as_bytes());
+    let res = to_k_anon(input);
+    assert_eq!(res, (String::from("EBFC7"), String::from("910077770C8340F63CD2DCA2AC1F120444F")));
+}
+
+struct Password {
+    pw: String,
+    pub range: String,
+    pub rest: String,
+}
+
+impl Password {
+    pub fn new(pw: &str) -> Password {
+        let (range, rest) = to_k_anon(digest::digest(&digest::SHA1, &pw.as_bytes()));
+
+        Password {
+            pw: String::from(pw),
+            range: range,
+            rest: rest,
+        }
+    }
+}
+
+#[test]
+fn test_creating_new_password() {
+    let pw = Password::new("Passw0rd");
+    assert_eq!(&pw.range, "EBFC7");
+    assert_eq!(&pw.rest, "910077770C8340F63CD2DCA2AC1F120444F");
+}
+
+fn check(pw: Password) -> Result<(), Box<::std::error::Error>> {
+    let mut core = Core::new()?;
+    let client = Client::configure()
+        .connector(HttpsConnector::new(4, &core.handle())?)
+        .build(&core.handle());
+
+    let uri = format!("https://api.pwnedpasswords.com/range/{}", pw.range).parse()?;
+
+    let req = client.get(uri).and_then(|res| {
+        res.body().concat2().and_then(move |body| {
+            let hashes = std::str::from_utf8(&body)?;
+            if let Some(pos) = hashes.find(&pw.rest) {
+                println!("Password is PWNED!");
+            }
+            Ok(())
+        })
+    });
+
+    core.run(req)?;
+
+    Ok(())
+}
+
+fn main() {
+    for arg in env::args().skip(1) {
+        let pw = Password::new(&arg);
+        println!("{}:{}:{}:", &arg, pw.range, pw.rest);
+
+        check(pw).unwrap();
+    };
+}