See Changlog
This commit is contained in:
parent
6027854570
commit
fe19f3bc49
|
@ -1,4 +1,6 @@
|
|||
*.o
|
||||
*.ppu
|
||||
*~
|
||||
.idea/
|
||||
*.iml
|
||||
|
||||
|
|
49
BCrypt.pas
49
BCrypt.pas
|
@ -247,9 +247,8 @@ end;
|
|||
|
||||
implementation
|
||||
|
||||
uses
|
||||
Math,
|
||||
RegExpr;
|
||||
Uses
|
||||
Math; // @Todo : Remove and use Renegade.Random
|
||||
|
||||
constructor TBCryptHash.Create;
|
||||
begin
|
||||
|
@ -503,8 +502,8 @@ end;
|
|||
|
||||
function TBCryptHash.FormatPasswordHash(const Salt, Hash: TBytes; Cost : Byte; HashType : THashTypes): AnsiString;
|
||||
var
|
||||
saltString: ansistring;
|
||||
hashString: ansistring;
|
||||
SaltString: ansistring;
|
||||
HashString: ansistring;
|
||||
HashPrefix : AnsiString;
|
||||
begin
|
||||
case HashType of
|
||||
|
@ -515,9 +514,9 @@ begin
|
|||
HashPrefix := '2y';
|
||||
end;
|
||||
end;
|
||||
saltString := BsdBase64Encode(Salt, Length(Salt));
|
||||
hashString := BsdBase64Encode(Hash, Length(MagicText) * 4 - 1);
|
||||
Result := Format('$%s$%d$%s%s', [HashPrefix, Cost, saltString, hashString]);
|
||||
SaltString := BsdBase64Encode(Salt, Length(Salt));
|
||||
HashString := BsdBase64Encode(Hash, Length(MagicText) * 4 - 1);
|
||||
Result := Format('$%s$%d$%s%s', [HashPrefix, Cost, SaltString, HashString]);
|
||||
end;
|
||||
|
||||
function TBCryptHash.getRandomBlockFileName : AnsiString;
|
||||
|
@ -737,19 +736,28 @@ end;
|
|||
|
||||
function TBCryptHash.VerifyHash(const Password, Hash : AnsiString) : Boolean;
|
||||
var
|
||||
RegexObj: TRegExpr;
|
||||
WorkingBcryptHash : AnsiString;
|
||||
HashCounter, ResultStatus, Cost : Byte;
|
||||
WorkingBcryptHash, Salt : AnsiString;
|
||||
HashCounter, ResultStatus, BCryptCost : Byte;
|
||||
HashType : THashTypes;
|
||||
PasswordInfo :RTPasswordInformation;
|
||||
Begin
|
||||
ResultStatus := 0;
|
||||
RegexObj := TRegExpr.Create;
|
||||
RegexObj.Expression := '^(\$2\w{1}\$)(\d{2})\$([\./0-9A-Za-z]{22})';
|
||||
if RegexObj.Exec(Hash) then
|
||||
try
|
||||
PasswordInfo := HashGetInfo(Hash);
|
||||
except
|
||||
on e: EHash do
|
||||
begin
|
||||
Result := False;
|
||||
Exit;
|
||||
end;
|
||||
end;
|
||||
with PasswordInfo do
|
||||
begin
|
||||
HashType := ResolveHashType(RegexObj.Match[1]);
|
||||
Cost := StrToInt(RegexObj.Match[2]);
|
||||
WorkingBcryptHash := Crypt(Password, RegexObj.Match[3], Cost, HashType);
|
||||
HashType := Algo;
|
||||
BCryptCost := Cost;
|
||||
Salt := BCryptSalt;
|
||||
end;
|
||||
WorkingBcryptHash := Crypt(Password, Salt, BCryptCost, HashType);
|
||||
if (Length(WorkingBcryptHash) < 60) or (Length(WorkingBcryptHash) > 60) then
|
||||
begin
|
||||
Result := False;
|
||||
|
@ -769,12 +777,9 @@ Begin
|
|||
values. }
|
||||
ResultStatus := ResultStatus or (ord(WorkingBcryptHash[HashCounter]) xor ord(Hash[HashCounter]));
|
||||
end;
|
||||
|
||||
Result := (ResultStatus = 0);
|
||||
end
|
||||
else begin
|
||||
Result := False;
|
||||
end;
|
||||
RegexObj.Free;
|
||||
|
||||
end;
|
||||
|
||||
function TBCryptHash.NeedsRehash(const BCryptHash : AnsiString) : Boolean; overload;
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
# Change Log
|
||||
All notable changes to this project will be documented in this file.
|
||||
|
||||
The format is based on [Keep a Changelog](http://keepachangelog.com/)
|
||||
and this project adheres to [Semantic Versioning](http://semver.org/).
|
||||
|
||||
|
||||
## [0.1.0] - 2016-11-03
|
||||
|
||||
### Added
|
||||
- Changelog
|
||||
- Started using [semver](http://semver.org/) for versioning.
|
||||
|
||||
### Changed
|
||||
- Removed regex logic for getting the password's current salt, because come on.
|
||||
- Make use of object RTPasswordInformation to extract information from hash for verifing logic.
|
||||
|
||||
|
28
README.md
28
README.md
|
@ -9,14 +9,30 @@ If you try to verify a $2a$ password with PHP it will verify, but if you run the
|
|||
Tested with :
|
||||
* Free Pascal
|
||||
* 2.6.4
|
||||
* (Linux, Gentoo)
|
||||
* (Linux, Raspbian)
|
||||
* Linux
|
||||
* Gentoo, 2.2-Current-x64
|
||||
* Raspbian
|
||||
* 3.0.0
|
||||
* (Linux, Gentoo)
|
||||
* (Win10, 64bit)
|
||||
* Linux
|
||||
* Gentoo, 2.2-Current-x64
|
||||
* FreeBSD
|
||||
* 12.0-CURRENT-x64
|
||||
* Windows
|
||||
* Windows 10-x64
|
||||
* PHP
|
||||
* 5.6.20-pl0-gentoo
|
||||
* 7.0.6_rc1-pl0-gentoo.
|
||||
* 5.5.x
|
||||
* 5.5.38-pl0-gentoo
|
||||
* 5.6.x
|
||||
* 5.6.20-pl0-gentoo
|
||||
* 5.6.28-pl0-gentoo
|
||||
* 7.0.x
|
||||
* 7.0.6_rc1-pl0-gentoo
|
||||
* 7.0.13-pl0-gentoo
|
||||
* 7.x.x (dev)
|
||||
* 7.2.0-dev-x64 (ZTS) 10/31/2016, Gentoo 2.2 Current
|
||||
* 7.2.0-dev-x64 (ZTS) 11/02/2016, FreeBSD 12.0-CURRENT
|
||||
* HHVM
|
||||
* Soon
|
||||
|
||||
### Usage
|
||||
```pascal
|
||||
|
|
Loading…
Reference in New Issue