vladislavbelov
ffc4a56b9f
Fixes #6846 Differential Revision: https://code.wildfiregames.com/D5185 This was SVN commit r27965.
60 lines
2.4 KiB
C++
60 lines
2.4 KiB
C++
/* Copyright (C) 2021 Wildfire Games.
|
|
* This file is part of 0 A.D.
|
|
*
|
|
* 0 A.D. is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* 0 A.D. is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with 0 A.D. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
#include "precompiled.h"
|
|
|
|
#include "ps/CStr.h"
|
|
#include "ps/Util.h"
|
|
|
|
#include <sodium.h>
|
|
|
|
CStr8 HashCryptographically(const CStr8& string, const CStr8& salt)
|
|
{
|
|
if (string.empty())
|
|
return string;
|
|
|
|
ENSURE(sodium_init() >= 0);
|
|
|
|
constexpr int SALTSIZE = crypto_pwhash_SALTBYTES;
|
|
static_assert(SALTSIZE >= crypto_generichash_BYTES_MIN);
|
|
static_assert(SALTSIZE <= crypto_generichash_BYTES_MAX);
|
|
static_assert(SALTSIZE >= crypto_generichash_KEYBYTES_MIN);
|
|
static_assert(SALTSIZE <= crypto_generichash_KEYBYTES_MAX);
|
|
|
|
// First generate a fixed-size salt from out variable-sized one (libsodium requires it).
|
|
unsigned char salt_buffer[SALTSIZE] = {
|
|
235, 82, 29, 20, 135, 168, 184, 97, 7, 240, 48, 109, 8, 34, 158, 32,
|
|
};
|
|
crypto_generichash_state state;
|
|
crypto_generichash_init(&state, salt_buffer, SALTSIZE, SALTSIZE);
|
|
crypto_generichash_update(&state, reinterpret_cast<const unsigned char*>(salt.c_str()), salt.size());
|
|
crypto_generichash_final(&state, salt_buffer, SALTSIZE);
|
|
|
|
constexpr int HASHSIZE = 32;
|
|
static_assert(HASHSIZE >= crypto_pwhash_BYTES_MIN);
|
|
static_assert(HASHSIZE <= crypto_pwhash_BYTES_MAX);
|
|
|
|
// Now that we have a fixed-length key, use that to hash the password.
|
|
unsigned char output[HASHSIZE] = { 0 };
|
|
// For HashCryptographically, we use 'fast' parameters, corresponding to low values.
|
|
// These parameters must not change, or hashes will change, hence why the #defined values are copied.
|
|
constexpr size_t memLimit = 8192 * 4; // 4 * crypto_pwhash_argon2id_MEMLIMIT_MIN
|
|
constexpr size_t opsLimit = 2; // crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE
|
|
ENSURE(crypto_pwhash(output, HASHSIZE, string.c_str(), string.size(), salt_buffer, opsLimit, memLimit, crypto_pwhash_ALG_ARGON2ID13) == 0);
|
|
|
|
return CStr(Hexify(output, HASHSIZE)).UpperCase();
|
|
}
|