diff options
-rw-r--r-- | src/lib.rs | 110 | ||||
-rw-r--r-- | src/main.rs | 97 |
2 files changed, 112 insertions, 95 deletions
diff --git a/src/lib.rs b/src/lib.rs new file mode 100644 index 0000000..3b0cae4 --- /dev/null +++ b/src/lib.rs @@ -0,0 +1,110 @@ +// checkpw - Check passwords against pwnedpasswords.com +// Copyright (C) 2018 Harald Eilertsen <haraldei@anduin.net> +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <https://www.gnu.org/licenses/>. + +use reqwest; +use ring::digest; + +// +// Convert a slice of bytes into a string of hex values +// +fn to_hex(data: &[u8]) -> String { + data.iter() + .map(|b| format!("{:02X}", b)) + .collect() +} + +#[test] +fn test_to_hex() { + let input = [0x01, 0x00, 0xff, 0xaa, 0x10, 0x07]; + assert_eq!(to_hex(&input), "0100FFAA1007"); +} + +/// +/// Split the digest into the range and rest parts for k-anonymity +/// +fn to_k_anon(d: digest::Digest) -> (String, String) { + let mut hash = to_hex(d.as_ref()); + let rest = hash.split_off(5); + (hash, rest) +} + +#[test] +fn test_k_anon() { + let input = digest::digest(&digest::SHA1, "Passw0rd".as_bytes()); + let (range, rest) = to_k_anon(input); + assert_eq!(&range, "EBFC7"); + assert_eq!(&rest, "910077770C8340F63CD2DCA2AC1F120444F"); +} + +pub struct Password { + pub range: String, + pub rest: String, +} + +impl Password { + pub fn new(pw: &str) -> Password { + let (range, rest) = to_k_anon(digest::digest(&digest::SHA1, &pw.as_bytes())); + + Password { range, rest, } + } + + pub fn is_pwned(&self, hashes: &str) -> usize { + if let Some(pos) = hashes.find(&self.rest) { + if let Some(res) = hashes[pos..].lines().take(1).collect::<Vec<_>>().pop() { + return res.split(':').skip(1).collect::<Vec<_>>().pop().unwrap().parse().unwrap(); + } + } + + 0 + } +} + +#[test] +fn test_creating_new_password() { + let pw = Password::new("Passw0rd"); + assert_eq!(&pw.range, "EBFC7"); + assert_eq!(&pw.rest, "910077770C8340F63CD2DCA2AC1F120444F"); +} + +#[test] +fn test_matching_response_with_no_matches() { + let pw = Password::new("Passw0rd"); + let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:42"; + + assert_eq!(0, pw.is_pwned(&hashes)); +} + +#[test] +fn test_matching_response_with_one_match() { + let pw = Password::new("Passw0rd"); + let hashes = "910077770C8340F63CD2DCA2AC1F120444F:42"; + + assert_eq!(42, pw.is_pwned(&hashes)); +} + +#[test] +fn test_matching_response_with_multiple_matches() { + let pw = Password::new("Passw0rd"); + let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:3\n910077770C8340F63CD2DCA2AC1F120444F:42\n00000000000000000000:1"; + + assert_eq!(42, pw.is_pwned(&hashes)); +} + +pub fn check(pw: Password) -> Result<usize, reqwest::Error>{ + let uri = &format!("https://api.pwnedpasswords.com/range/{}", pw.range); + let hashes = reqwest::get(uri)?.text()?; + Ok(pw.is_pwned(&hashes)) +} diff --git a/src/main.rs b/src/main.rs index 0bd1d3c..b89a381 100644 --- a/src/main.rs +++ b/src/main.rs @@ -14,101 +14,8 @@ // You should have received a copy of the GNU General Public License // along with this program. If not, see <https://www.gnu.org/licenses/>. -use std::{env, thread, time, process}; -use std::error::Error; -use ring::digest; - -// -// Convert a slice of bytes into a string of hex values -// -fn to_hex(data: &[u8]) -> String { - data.iter() - .map(|b| format!("{:02X}", b)) - .collect() -} - -#[test] -fn test_to_hex() { - let input = [0x01, 0x00, 0xff, 0xaa, 0x10, 0x07]; - assert_eq!(to_hex(&input), "0100FFAA1007"); -} - -/// -/// Split the digest into the range and rest parts for k-anonymity -/// -fn to_k_anon(d: digest::Digest) -> (String, String) { - let mut hash = to_hex(d.as_ref()); - let rest = hash.split_off(5); - (hash, rest) -} - -#[test] -fn test_k_anon() { - let input = digest::digest(&digest::SHA1, "Passw0rd".as_bytes()); - let (range, rest) = to_k_anon(input); - assert_eq!(&range, "EBFC7"); - assert_eq!(&rest, "910077770C8340F63CD2DCA2AC1F120444F"); -} - -struct Password { - pub range: String, - pub rest: String, -} - -impl Password { - pub fn new(pw: &str) -> Password { - let (range, rest) = to_k_anon(digest::digest(&digest::SHA1, &pw.as_bytes())); - - Password { range, rest, } - } - - pub fn is_pwned(&self, hashes: &str) -> usize { - if let Some(pos) = hashes.find(&self.rest) { - if let Some(res) = hashes[pos..].lines().take(1).collect::<Vec<_>>().pop() { - return res.split(':').skip(1).collect::<Vec<_>>().pop().unwrap().parse().unwrap(); - } - } - - 0 - } -} - -#[test] -fn test_creating_new_password() { - let pw = Password::new("Passw0rd"); - assert_eq!(&pw.range, "EBFC7"); - assert_eq!(&pw.rest, "910077770C8340F63CD2DCA2AC1F120444F"); -} - -#[test] -fn test_matching_response_with_no_matches() { - let pw = Password::new("Passw0rd"); - let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:42"; - - assert_eq!(0, pw.is_pwned(&hashes)); -} - -#[test] -fn test_matching_response_with_one_match() { - let pw = Password::new("Passw0rd"); - let hashes = "910077770C8340F63CD2DCA2AC1F120444F:42"; - - assert_eq!(42, pw.is_pwned(&hashes)); -} - -#[test] -fn test_matching_response_with_multiple_matches() { - let pw = Password::new("Passw0rd"); - let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:3\n910077770C8340F63CD2DCA2AC1F120444F:42\n00000000000000000000:1"; - - assert_eq!(42, pw.is_pwned(&hashes)); -} - -fn check(pw: Password) -> Result<usize, reqwest::Error>{ - let uri = &format!("https://api.pwnedpasswords.com/range/{}", pw.range); - let hashes = reqwest::get(uri)?.text()?; - Ok(pw.is_pwned(&hashes)) -} +use checkpw::{check, Password}; +use std::{env, error::Error, thread, time, process}; fn print_usage() { println!("Usage: checkpw <pw>..."); |