diff options
| -rw-r--r-- | .gitmodules | 3 | ||||
| m--------- | argon2 | 0 | ||||
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | src/Makefile.am | 27 | ||||
| -rw-r--r-- | src/hash.cc | 70 | ||||
| -rw-r--r-- | src/hash.h | 35 | ||||
| -rw-r--r-- | src/muniapwd.cc | 73 | ||||
| -rw-r--r-- | src/salt.cc | 53 | ||||
| -rw-r--r-- | src/salt.h | 35 |
9 files changed, 296 insertions, 1 deletions
diff --git a/.gitmodules b/.gitmodules index 49cc647..bb7ff44 100644 --- a/.gitmodules +++ b/.gitmodules @@ -4,3 +4,6 @@ [submodule "src/ws/marked"] path = src/ws/marked url = https://github.com/markedjs/marked.git +[submodule "argon2"] + path = argon2 + url = https://github.com/P-H-C/phc-winner-argon2 diff --git a/argon2 b/argon2 new file mode 160000 +Subproject cd5dd359960cea3962ace607d4915da7da5cf18 diff --git a/configure.ac b/configure.ac index 41440bc..83fd306 100644 --- a/configure.ac +++ b/configure.ac @@ -3,6 +3,7 @@ AC_INIT([munia], [0.1.0]) AC_CONFIG_SRCDIR([src/muniad.cc]) AM_INIT_AUTOMAKE +LT_INIT AM_SILENT_RULES([yes]) diff --git a/src/Makefile.am b/src/Makefile.am index c8a6560..750fb7c 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,6 +1,19 @@ SUBDIRS = ws -bin_PROGRAMS = muniad muniacli +noinst_LTLIBRARIES = libargon2.la + +bin_PROGRAMS = muniad muniacli muniapwd + +libargon2_la_CFLAGS = \ + -DARGON2_NO_THREADS -I$(top_srcdir)/argon2/include + +libargon2_la_SOURCES = \ + $(top_srcdir)/argon2/src/argon2.c \ + $(top_srcdir)/argon2/src/core.c \ + $(top_srcdir)/argon2/src/blake2/blake2b.c \ + $(top_srcdir)/argon2/src/thread.c \ + $(top_srcdir)/argon2/src/encoding.c \ + $(top_srcdir)/argon2/src/ref.c muniad_LDADD = $(LIBWEBSOCKETS_LIBS) $(EXPAT_LIBS) @@ -29,6 +42,18 @@ muniacli_CXXFLAGS = $(LIBWEBSOCKETS_CFLAGS) -I$(top_srcdir)/hugin muniacli_SOURCES = \ muniacli.cc +muniapwd_LDADD = libargon2.la + +muniapwd_CXXFLAGS = \ + -std=c++11 \ + $(LIBWEBSOCKETS_CFLAGS) \ + -I$(top_srcdir)/argon2/include + +muniapwd_SOURCES = \ + muniapwd.cc \ + salt.cc \ + hash.cc + EXTRA_DIST = \ connectionhandler.h \ errorcodes.h \ diff --git a/src/hash.cc b/src/hash.cc new file mode 100644 index 0000000..5b67d92 --- /dev/null +++ b/src/hash.cc @@ -0,0 +1,70 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set et sw=2 ts=2: */ +/*************************************************************************** + * hash.cc + * + * Sun Jul 5 10:37:32 CEST 2020 + * Copyright 2020 Bent Bisballe Nyeng + * deva@aasimon.org + ****************************************************************************/ + +/* + * This file is part of Munia. + * + * Munia is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Munia is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Munia; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. + */ +#include "hash.h" + +#include <cstdint> +#include <vector> + +#include <argon2.h> + +std::string getEncoded(const Salt& salt, const std::string& password) +{ + constexpr std::size_t hashlen = 32u; + constexpr std::uint32_t t_cost = 10; // 10-pass computation + constexpr std::uint32_t m_cost = (1 << 16); // 64 mebibytes memory usage + constexpr std::uint32_t parallelism = 1; // number of threads and lanes + + auto encodedlen = argon2_encodedlen(t_cost, m_cost, parallelism, + salt.size(), hashlen, Argon2_i); + std::vector<char> encoded(encodedlen, '\0'); + auto ret = argon2i_hash_encoded(t_cost, m_cost, parallelism, + password.data(), password.length(), + salt.data(), salt.size(), + hashlen, + encoded.data(), encoded.size()); + if(ret != ARGON2_OK) + { + throw "Argon2 encoding error."; + } + + // convert vector<char> to string + std::string s; + s.reserve(encoded.size()); + for(const auto& e : encoded) + { + s += e; + } + + return s; +} + +bool verifyEncoded(const std::string& encoded, const std::string& password) +{ + auto ret = argon2i_verify(encoded.data(), password.data(), password.length()); + return ret == ARGON2_OK; +} diff --git a/src/hash.h b/src/hash.h new file mode 100644 index 0000000..6f73f97 --- /dev/null +++ b/src/hash.h @@ -0,0 +1,35 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set et sw=2 ts=2: */ +/*************************************************************************** + * hash.h + * + * Sun Jul 5 10:37:32 CEST 2020 + * Copyright 2020 Bent Bisballe Nyeng + * deva@aasimon.org + ****************************************************************************/ + +/* + * This file is part of Munia. + * + * Munia is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Munia is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Munia; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. + */ +#pragma once + +#include <string> + +#include "salt.h" + +std::string getEncoded(const Salt& salt, const std::string& password); +bool verifyEncoded(const std::string& encoded, const std::string& password); diff --git a/src/muniapwd.cc b/src/muniapwd.cc new file mode 100644 index 0000000..26b8eeb --- /dev/null +++ b/src/muniapwd.cc @@ -0,0 +1,73 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set et sw=2 ts=2: */ +/*************************************************************************** + * muniapwd.cc + * + * Sun Jul 5 09:22:22 CEST 2020 + * Copyright 2020 Bent Bisballe Nyeng + * deva@aasimon.org + ****************************************************************************/ + +/* + * This file is part of Munia. + * + * Munia is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Munia is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Munia; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. + */ +#include <unistd.h> + +#include "salt.h" +#include "hash.h" + +int main(int argc, char* argv[]) +{ + if(argc != 2) + { + printf("Usage: %s <username>\n", argv[0]); + return 1; + } + + const char* user = argv[1]; + + std::string password = getpass("Type password: "); + std::string passwordAgain = getpass("Type password (again): "); + if(password != passwordAgain) + { + printf("Passwords don't match.\n"); + return 1; + } + + try + { + auto encoded = getEncoded(getSalt(), password); + printf("%s:%s\n", user, encoded.data()); + + if(verifyEncoded(encoded, password)) + { + printf("Verification ok\n"); + } + else + { + printf("Verification failed\n"); + return 1; + } + } + catch(char* msg) + { + printf("Error: %s\n", msg); + return 1; + } + + return 0; +} diff --git a/src/salt.cc b/src/salt.cc new file mode 100644 index 0000000..46eb94a --- /dev/null +++ b/src/salt.cc @@ -0,0 +1,53 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set et sw=2 ts=2: */ +/*************************************************************************** + * salt.cc + * + * Sun Jul 5 14:34:25 CEST 2020 + * Copyright 2020 Bent Bisballe Nyeng + * deva@aasimon.org + ****************************************************************************/ + +/* + * This file is part of Munia. + * + * Munia is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Munia is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Munia; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. + */ +#include "salt.h" + +#define _GNU_SOURCE 1 +#include <linux/random.h> +#include <sys/syscall.h> +#include <sys/types.h> +#include <unistd.h> +//#include <errno.h> + +Salt getSalt() +{ + Salt salt(16, '\0'); + + auto ret = syscall(SYS_getrandom, salt.data(), salt.size(), 1); + if(ret == -1) + { + throw "Could not get random bytes for salt"; // strerror(errno)); + } + + if(ret != (int)salt.size()) + { + throw "Not enough entropy."; + } + + return salt; +} diff --git a/src/salt.h b/src/salt.h new file mode 100644 index 0000000..0982b46 --- /dev/null +++ b/src/salt.h @@ -0,0 +1,35 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set et sw=2 ts=2: */ +/*************************************************************************** + * salt.h + * + * Sun Jul 5 14:34:25 CEST 2020 + * Copyright 2020 Bent Bisballe Nyeng + * deva@aasimon.org + ****************************************************************************/ + +/* + * This file is part of Munia. + * + * Munia is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Munia is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Munia; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. + */ +#pragma once + +#include <vector> +#include <cstdint> + +using Salt = std::vector<std::uint8_t>; + +Salt getSalt(); |