ESAPI-C 1.0
The OWASP Enterprise Security API for C

authenticator.c

00001 
00007 #include <stdio.h>
00008 #include <stdlib.h>
00009 #include <ctype.h>
00010 #include <gcrypt.h>
00011 #include "authenticator.h"
00012 #include "base64.h"
00013 #include "esapi.h"
00014 
00015 /*
00016  * Hashes the given password with a username as a salt. The third argument is
00017  * the hash algorithm to use. Passing zero means you get the default, SHA-256.
00018  */
00019 char *esapi_hash_password(struct esapi_ctx *es_ctx, const char *real_pw) {
00020 
00021         char *hash;
00022         char *out;
00023         int hash_len;
00024         gcry_md_hd_t ctx;
00025         int algo;
00026 
00027         if (!es_ctx->hash_algo) {
00028                 algo = GCRY_MD_SHA256;
00029         } else {
00030                 algo = es_ctx->hash_algo;
00031         }
00032 
00033         hash_len = gcry_md_get_algo_dlen(algo);
00034 
00035         gcry_md_open(&ctx, algo, 0);
00036         gcry_md_write(ctx, es_ctx->master_salt, strlen(es_ctx->master_salt));
00037         gcry_md_write(ctx, (char *) real_pw, strlen(real_pw));
00038         hash = (char *) gcry_md_read(ctx, algo);
00039 
00040         if (!hash)
00041                 return NULL;
00042 
00043         gcry_md_close(ctx);
00044 
00045         free(hash);
00046 
00047         size_t outlen = base64_encode_alloc(hash, hash_len, &out);
00048 
00049         if (out == NULL && outlen == 0 && hash_len != 0)
00050                 return NULL;
00051 
00052         if (out == NULL)
00053                 return NULL;
00054 
00055         puts(out);
00056 
00057         return out;
00058 }
00059 
00060 /*
00061  * Checks to see if the supplied login is correct.
00062  */
00063 int esapi_login(const char *user_name, const char *pw) {
00064         if (!user_name || !pw) {
00065                 return -1;
00066         }
00067 
00068         return 0;
00069 }
00070 
00071 /* 
00072  * Checks to see if a password is complex enough.
00073  */
00074 int esapi_verify_password_strength(char *pw, int min, int max, int char_set_cnt) {
00075         int upper = 0;
00076         int lower = 0;
00077         int special = 0;
00078         char *p;
00079 
00080         if ((!pw && min > 0) || (pw && min != 0 && strlen(pw) < min)) {
00081                 return ES_PW_TOO_SHORT;
00082         }
00083 
00084         if (max > 0 && strlen(pw) > max) {
00085                 return ES_PW_TOO_LONG;
00086         }
00087 
00088         if (char_set_cnt > 0) {
00089                 for (p = pw; *p; p++) {
00090                         if (isupper(*p)) {
00091                                 upper = 1;
00092                         } else if (islower(*p)) {
00093                                 lower = 1;
00094                         } else {
00095                                 special = 1;
00096                         }
00097                 }
00098         }
00099 
00100         if (special + lower + upper < char_set_cnt) {
00101                 return ES_PW_NOT_ENOUGH_CHAR_CLS;
00102         }
00103 
00104         return 0;
00105 }
00106 
00107 /*
00108  * Adds the given user to the persistence layer.
00109  */
00110 int esapi_add_user(user *u) {
00111 
00112         return 0;
00113 }
00114 
00115 /*
00116  * Removes the given user from the persistence layer.
00117  */
00118 int esapi_remove_user(user *u) {
00119 
00120         return 0;
00121 }
 All Data Structures Files Functions Variables Typedefs Defines