Commit ecf60c87 authored by Katharina Fey's avatar Katharina Fey 🏴
Browse files

FIxing hash verification

parent 2f836810
......@@ -21,9 +21,6 @@ pub fn run(args: &ArgMatches<'_>) {
.unwrap_or_else(|_| utils::log_fatal("Provided invalid UTF-8 data!"));
// Hash token twice with random salt
let token = utils::double_hash(string, salt);
let token_enc = utils::base64_encode(&token.0.iter().map(|i| *i).collect());
let pretty = (token_enc, salt).to_string();
println!("{}", pretty);
let token = utils::secret_to_verify(string, salt);
println!("{}", token);
}
......@@ -81,20 +81,23 @@ pub fn blake2<'salt>(data: &str, salt: &'salt str) -> Hash<'salt> {
}
/// Verify a secret token against a verification token
pub fn blake2_verify(hash: Hash, secret: String) -> bool {
let verify = blake2(secret.as_str(), hash.1);
hash.0
.iter()
.zip(verify.0.iter())
pub fn blake2_verify(hash: String, secret: String, salt: &str) -> bool {
let verify = secret_to_verify(secret, salt);
hash.chars()
.zip(verify.chars())
.fold(false, |acc, (a, b)| (a == b) && acc)
}
/// A utility to hash a secret twice so it can be compared
pub fn double_hash(secret: String, salt: &str) -> Hash {
pub fn secret_to_verify(secret: String, salt: &str) -> String {
let h1 = blake2(secret.as_str(), salt);
let h1_enc = base64_encode(&h1.0.iter().map(|i| *i).collect());
blake2(h1_enc.as_str(), h1.1)
let h2 = blake2(h1_enc.as_str(), h1.1);
let h2_enc = base64_encode(&h2.0.iter().map(|i| *i).collect());
(h2_enc, salt).to_string()
}
/// Derive a key from a secret token
......
......@@ -45,7 +45,8 @@ fn index(state: web::Data<Params>, req: HttpRequest) -> HttpResponse {
.to_str()
.unwrap();
let hash = utils::blake2(token, state.salt.as_str());
let hash = utils::secret_to_verify(token.into(), state.salt.as_str());
if utils::blake2_verify(hash, token.into()) {
HttpResponse::Ok().body(format!("Done"))
} else {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment