aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib.rs110
-rw-r--r--src/main.rs97
2 files changed, 112 insertions, 95 deletions
diff --git a/src/lib.rs b/src/lib.rs
new file mode 100644
index 0000000..3b0cae4
--- /dev/null
+++ b/src/lib.rs
@@ -0,0 +1,110 @@
+// checkpw - Check passwords against pwnedpasswords.com
+// Copyright (C) 2018 Harald Eilertsen <haraldei@anduin.net>
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+use reqwest;
+use ring::digest;
+
+//
+// Convert a slice of bytes into a string of hex values
+//
+fn to_hex(data: &[u8]) -> String {
+ data.iter()
+ .map(|b| format!("{:02X}", b))
+ .collect()
+}
+
+#[test]
+fn test_to_hex() {
+ let input = [0x01, 0x00, 0xff, 0xaa, 0x10, 0x07];
+ assert_eq!(to_hex(&input), "0100FFAA1007");
+}
+
+///
+/// Split the digest into the range and rest parts for k-anonymity
+///
+fn to_k_anon(d: digest::Digest) -> (String, String) {
+ let mut hash = to_hex(d.as_ref());
+ let rest = hash.split_off(5);
+ (hash, rest)
+}
+
+#[test]
+fn test_k_anon() {
+ let input = digest::digest(&digest::SHA1, "Passw0rd".as_bytes());
+ let (range, rest) = to_k_anon(input);
+ assert_eq!(&range, "EBFC7");
+ assert_eq!(&rest, "910077770C8340F63CD2DCA2AC1F120444F");
+}
+
+pub struct Password {
+ pub range: String,
+ pub rest: String,
+}
+
+impl Password {
+ pub fn new(pw: &str) -> Password {
+ let (range, rest) = to_k_anon(digest::digest(&digest::SHA1, &pw.as_bytes()));
+
+ Password { range, rest, }
+ }
+
+ pub fn is_pwned(&self, hashes: &str) -> usize {
+ if let Some(pos) = hashes.find(&self.rest) {
+ if let Some(res) = hashes[pos..].lines().take(1).collect::<Vec<_>>().pop() {
+ return res.split(':').skip(1).collect::<Vec<_>>().pop().unwrap().parse().unwrap();
+ }
+ }
+
+ 0
+ }
+}
+
+#[test]
+fn test_creating_new_password() {
+ let pw = Password::new("Passw0rd");
+ assert_eq!(&pw.range, "EBFC7");
+ assert_eq!(&pw.rest, "910077770C8340F63CD2DCA2AC1F120444F");
+}
+
+#[test]
+fn test_matching_response_with_no_matches() {
+ let pw = Password::new("Passw0rd");
+ let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:42";
+
+ assert_eq!(0, pw.is_pwned(&hashes));
+}
+
+#[test]
+fn test_matching_response_with_one_match() {
+ let pw = Password::new("Passw0rd");
+ let hashes = "910077770C8340F63CD2DCA2AC1F120444F:42";
+
+ assert_eq!(42, pw.is_pwned(&hashes));
+}
+
+#[test]
+fn test_matching_response_with_multiple_matches() {
+ let pw = Password::new("Passw0rd");
+ let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:3\n910077770C8340F63CD2DCA2AC1F120444F:42\n00000000000000000000:1";
+
+ assert_eq!(42, pw.is_pwned(&hashes));
+}
+
+pub fn check(pw: Password) -> Result<usize, reqwest::Error>{
+ let uri = &format!("https://api.pwnedpasswords.com/range/{}", pw.range);
+ let hashes = reqwest::get(uri)?.text()?;
+ Ok(pw.is_pwned(&hashes))
+}
diff --git a/src/main.rs b/src/main.rs
index 0bd1d3c..b89a381 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -14,101 +14,8 @@
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
-use std::{env, thread, time, process};
-use std::error::Error;
-use ring::digest;
-
-//
-// Convert a slice of bytes into a string of hex values
-//
-fn to_hex(data: &[u8]) -> String {
- data.iter()
- .map(|b| format!("{:02X}", b))
- .collect()
-}
-
-#[test]
-fn test_to_hex() {
- let input = [0x01, 0x00, 0xff, 0xaa, 0x10, 0x07];
- assert_eq!(to_hex(&input), "0100FFAA1007");
-}
-
-///
-/// Split the digest into the range and rest parts for k-anonymity
-///
-fn to_k_anon(d: digest::Digest) -> (String, String) {
- let mut hash = to_hex(d.as_ref());
- let rest = hash.split_off(5);
- (hash, rest)
-}
-
-#[test]
-fn test_k_anon() {
- let input = digest::digest(&digest::SHA1, "Passw0rd".as_bytes());
- let (range, rest) = to_k_anon(input);
- assert_eq!(&range, "EBFC7");
- assert_eq!(&rest, "910077770C8340F63CD2DCA2AC1F120444F");
-}
-
-struct Password {
- pub range: String,
- pub rest: String,
-}
-
-impl Password {
- pub fn new(pw: &str) -> Password {
- let (range, rest) = to_k_anon(digest::digest(&digest::SHA1, &pw.as_bytes()));
-
- Password { range, rest, }
- }
-
- pub fn is_pwned(&self, hashes: &str) -> usize {
- if let Some(pos) = hashes.find(&self.rest) {
- if let Some(res) = hashes[pos..].lines().take(1).collect::<Vec<_>>().pop() {
- return res.split(':').skip(1).collect::<Vec<_>>().pop().unwrap().parse().unwrap();
- }
- }
-
- 0
- }
-}
-
-#[test]
-fn test_creating_new_password() {
- let pw = Password::new("Passw0rd");
- assert_eq!(&pw.range, "EBFC7");
- assert_eq!(&pw.rest, "910077770C8340F63CD2DCA2AC1F120444F");
-}
-
-#[test]
-fn test_matching_response_with_no_matches() {
- let pw = Password::new("Passw0rd");
- let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:42";
-
- assert_eq!(0, pw.is_pwned(&hashes));
-}
-
-#[test]
-fn test_matching_response_with_one_match() {
- let pw = Password::new("Passw0rd");
- let hashes = "910077770C8340F63CD2DCA2AC1F120444F:42";
-
- assert_eq!(42, pw.is_pwned(&hashes));
-}
-
-#[test]
-fn test_matching_response_with_multiple_matches() {
- let pw = Password::new("Passw0rd");
- let hashes = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:3\n910077770C8340F63CD2DCA2AC1F120444F:42\n00000000000000000000:1";
-
- assert_eq!(42, pw.is_pwned(&hashes));
-}
-
-fn check(pw: Password) -> Result<usize, reqwest::Error>{
- let uri = &format!("https://api.pwnedpasswords.com/range/{}", pw.range);
- let hashes = reqwest::get(uri)?.text()?;
- Ok(pw.is_pwned(&hashes))
-}
+use checkpw::{check, Password};
+use std::{env, error::Error, thread, time, process};
fn print_usage() {
println!("Usage: checkpw <pw>...");