1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

#![cfg(feature = "crypto")]

extern crate crypto;
extern crate rand;

use self::rand::RngCore;

use self::crypto::md5::Md5;
use self::crypto::digest::Digest;

/// Generate a random 16-byte salt.
pub fn gen_salt() -> [u8; 16] {
    let mut result = [0u8; 16];

    rand::thread_rng().fill_bytes(&mut result);

    result
}

/// Use bcrypt to hash a password whose length is not bigger than 72 bytes to 24 bytes data. If the salt is not 16 bytes, it will be MD5 hashed first.
pub fn bcrypt<T: ?Sized + AsRef<[u8]>, K: ?Sized + AsRef<[u8]>>(cost: u8, salt: &K, password: &T) -> Result<[u8; 24], &'static str> {
    let mut result = [0u8; 24];

    if cost >= 32 {
        return Err("Cost needs to be smaller than 32.");
    }

    let password = password.as_ref();

    let password_len = password.len();

    if password_len == 0 {
        return Err("The password is empty.");
    }

    if password_len > 72 {
        return Err("The length of the password should not be bigger than 72.");
    }

    let salt = salt.as_ref();

    if salt.len() != 16 {
        let mut new_salt = [0u8; 16];

        let mut md5 = Md5::new();

        md5.input(salt);

        md5.result(&mut new_salt);

        crypto::bcrypt::bcrypt(cost as u32, &new_salt, password, &mut result);
    } else {
        crypto::bcrypt::bcrypt(cost as u32, salt, password, &mut result);
    }


    Ok(result)
}

/// Identify a plain text password by using the bcrypt-hashed data we've stored before.
pub fn identify_bcrypt<T: ?Sized + AsRef<[u8]>, K: ?Sized + AsRef<[u8]>>(cost: u8, salt: &K, password: &T, hashed: &[u8; 24]) -> Result<bool, &'static str> {
    let p = bcrypt(cost, salt, password)?;

    Ok(hashed.eq(&p))
}