NSData+Crypto: add password verification function
This will allow for using specific verification, depending on the scheme.pull/272/head
parent
c3a4f4aeb4
commit
789b55c274
|
@ -35,6 +35,10 @@
|
||||||
withSalt: (NSData *) theSalt
|
withSalt: (NSData *) theSalt
|
||||||
keyPath: (NSString *) theKeyPath;
|
keyPath: (NSString *) theKeyPath;
|
||||||
|
|
||||||
|
- (BOOL) verifyUsingScheme: (NSString *) passwordScheme
|
||||||
|
withPassword: (NSData *) thePassword
|
||||||
|
keyPath: (NSString *) theKeyPath;
|
||||||
|
|
||||||
- (NSData *) asLM;
|
- (NSData *) asLM;
|
||||||
- (NSData *) asMD4;
|
- (NSData *) asMD4;
|
||||||
- (NSData *) asMD5;
|
- (NSData *) asMD5;
|
||||||
|
|
|
@ -299,6 +299,35 @@ static const char salt_chars[] =
|
||||||
return nil;
|
return nil;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Verify the given password data is equivalent with the
|
||||||
|
* clear text password using the passed encryption scheme
|
||||||
|
*
|
||||||
|
* @param passwordScheme The password scheme to use for comparison
|
||||||
|
* @param thePassword
|
||||||
|
*/
|
||||||
|
- (BOOL) verifyUsingScheme: (NSString *) passwordScheme
|
||||||
|
withPassword: (NSData *) thePassword
|
||||||
|
keyPath: (NSString *) theKeyPath
|
||||||
|
{
|
||||||
|
NSData *passwordCrypted;
|
||||||
|
NSData *salt;
|
||||||
|
|
||||||
|
salt = [self extractSalt: passwordScheme];
|
||||||
|
if (salt == nil)
|
||||||
|
return NO;
|
||||||
|
// encrypt self with the salt an compare the results
|
||||||
|
passwordCrypted = [thePassword asCryptedPassUsingScheme: passwordScheme
|
||||||
|
withSalt: salt
|
||||||
|
keyPath: theKeyPath];
|
||||||
|
|
||||||
|
// return always false when there was a problem
|
||||||
|
if (passwordCrypted == nil)
|
||||||
|
return NO;
|
||||||
|
|
||||||
|
return [self isEqual: passwordCrypted];
|
||||||
|
}
|
||||||
|
|
||||||
- (NSData *) asLM
|
- (NSData *) asLM
|
||||||
{
|
{
|
||||||
NSData *out;
|
NSData *out;
|
||||||
|
|
|
@ -109,11 +109,10 @@
|
||||||
keyPath: (NSString *) theKeyPath
|
keyPath: (NSString *) theKeyPath
|
||||||
{
|
{
|
||||||
NSArray *passInfo;
|
NSArray *passInfo;
|
||||||
NSString *selfCrypted;
|
|
||||||
NSString *pass;
|
NSString *pass;
|
||||||
NSString *scheme;
|
NSString *scheme;
|
||||||
NSData *salt;
|
|
||||||
NSData *decodedData;
|
NSData *decodedData;
|
||||||
|
NSData *passwordData;
|
||||||
keyEncoding encoding;
|
keyEncoding encoding;
|
||||||
|
|
||||||
// split scheme and pass
|
// split scheme and pass
|
||||||
|
@ -152,29 +151,17 @@
|
||||||
decodedData = [pass dataUsingEncoding: NSUTF8StringEncoding];
|
decodedData = [pass dataUsingEncoding: NSUTF8StringEncoding];
|
||||||
}
|
}
|
||||||
|
|
||||||
salt = [decodedData extractSalt: scheme];
|
passwordData = [self dataUsingEncoding: NSUTF8StringEncoding];
|
||||||
|
return [decodedData verifyUsingScheme: scheme
|
||||||
// encrypt self with the salt an compare the results
|
withPassword: passwordData
|
||||||
selfCrypted = [self asCryptedPassUsingScheme: scheme
|
keyPath: theKeyPath];
|
||||||
withSalt: salt
|
|
||||||
andEncoding: encoding
|
|
||||||
keyPath: theKeyPath];
|
|
||||||
|
|
||||||
// return always false when there was a problem
|
|
||||||
if (selfCrypted == nil)
|
|
||||||
return NO;
|
|
||||||
|
|
||||||
if ([selfCrypted isEqualToString: pass] == YES)
|
|
||||||
return YES;
|
|
||||||
|
|
||||||
return NO;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Calls asCryptedPassUsingScheme:withSalt:andEncoding: with an empty salt and uses
|
* Calls asCryptedPassUsingScheme:withSalt:andEncoding: with an empty salt and uses
|
||||||
* the default encoding.
|
* the default encoding.
|
||||||
*
|
*
|
||||||
* @param passwordScheme
|
* @param passwordScheme: The password scheme to hash the cleartext password.
|
||||||
* @return If successful, the encrypted and encoded NSString of the format {scheme}pass, or nil if the scheme did not exists or an error occured
|
* @return If successful, the encrypted and encoded NSString of the format {scheme}pass, or nil if the scheme did not exists or an error occured
|
||||||
*/
|
*/
|
||||||
- (NSString *) asCryptedPassUsingScheme: (NSString *) passwordScheme
|
- (NSString *) asCryptedPassUsingScheme: (NSString *) passwordScheme
|
||||||
|
|
Loading…
Reference in New Issue