diff options
| author | khai96_ <hvksmr1996@gmail.com> | 2019-04-23 16:12:03 +0000 |
|---|---|---|
| committer | khai96_ <hvksmr1996@gmail.com> | 2019-04-23 16:12:03 +0000 |
| commit | f5d7a051a13ff6b16d69b80f91a06d264c0cd978 (patch) | |
| tree | 597cb42dc7b63dc77cd3ab3182c8236b466074b2 /src | |
| parent | Remove spaces before function names (diff) | |
| download | miniserve-f5d7a051a13ff6b16d69b80f91a06d264c0cd978.tar.gz miniserve-f5d7a051a13ff6b16d69b80f91a06d264c0cd978.zip | |
Convert hex strings to raw byte vectors and compare them
Diffstat (limited to 'src')
| -rw-r--r-- | src/args.rs | 37 | ||||
| -rw-r--r-- | src/auth.rs | 33 |
2 files changed, 44 insertions, 26 deletions
diff --git a/src/args.rs b/src/args.rs index 433840e..5617704 100644 --- a/src/args.rs +++ b/src/args.rs @@ -91,11 +91,16 @@ fn parse_auth(src: &str) -> Result<auth::RequiredAuth, String> { None => return Err(errmsg), }; - let password = if let Some(hash) = split.next() { + let password = if let Some(hash_hex) = split.next() { + let hash_bin = match hex::decode(hash_hex) { + Ok(hash_bin) => hash_bin, + _ => return Err("Hash string is not a valid hex code".to_owned()), + }; + match second_part { - "sha256" => auth::RequiredAuthPassword::Sha256(hash.to_owned()), - "sha512" => auth::RequiredAuthPassword::Sha512(hash.to_owned()), - _ => return Err("Invalid hash method, only accept either sha256 or sha512".to_owned()) + "sha256" => auth::RequiredAuthPassword::Sha256(hash_bin.to_owned()), + "sha512" => auth::RequiredAuthPassword::Sha512(hash_bin.to_owned()), + _ => return Err("Invalid hash method, only accept either sha256 or sha512".to_owned()), } } else { // To make it Windows-compatible, the password needs to be shorter than 255 characters. @@ -164,8 +169,8 @@ mod tests { username: username.to_owned(), password: match encrypt { "plain" => Plain(password.to_owned()), - "sha256" => Sha256(password.to_owned()), - "sha512" => Sha512(password.to_owned()), + "sha256" => Sha256(hex::decode(password.to_owned()).unwrap()), + "sha512" => Sha512(hex::decode(password.to_owned()).unwrap()), _ => panic!("Unknown encryption type") }, } @@ -184,8 +189,8 @@ mod tests { #[test] fn parse_auth_sha256() -> Result<(), String> { assert_eq!( - parse_auth("username:sha256:hash")?, - create_required_auth("username", "hash", "sha256") + parse_auth("username:sha256:abcd")?, + create_required_auth("username", "abcd", "sha256") ); Ok(()) @@ -194,8 +199,8 @@ mod tests { #[test] fn parse_auth_sha512() -> Result<(), String> { assert_eq!( - parse_auth("username:sha512:hash")?, - create_required_auth("username", "hash", "sha512") + parse_auth("username:sha512:abcd")?, + create_required_auth("username", "abcd", "sha512") ); Ok(()) @@ -212,12 +217,20 @@ mod tests { #[test] fn parse_auth_invalid_hash_method() { assert_eq!( - parse_auth("username:blahblah:hash").unwrap_err(), + parse_auth("username:blahblah:abcd").unwrap_err(), "Invalid hash method, only accept either sha256 or sha512".to_owned() ); } #[test] + fn parse_auth_invalid_hash_string() { + assert_eq!( + parse_auth("username:sha256:invalid").unwrap_err(), + "Hash string is not a valid hex code".to_owned() + ); + } + + #[test] fn parse_auth_excessive_length() { let password = &"x".repeat(256); let param = "username:".to_owned() + password; @@ -227,4 +240,4 @@ mod tests { "Password length cannot exceed 255 characters".to_owned() ); } -}
\ No newline at end of file +} diff --git a/src/auth.rs b/src/auth.rs index fed3732..806bdb7 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -20,8 +20,8 @@ pub struct BasicAuthParams { #[derive(Clone, Debug, PartialEq)] pub enum RequiredAuthPassword { Plain(String), - Sha256(String), - Sha512(String), + Sha256(Vec<u8>), + Sha512(Vec<u8>), } #[derive(Clone, Debug, PartialEq)] @@ -61,14 +61,14 @@ pub fn match_auth(basic_auth: BasicAuthParams, required_auth: &RequiredAuth) -> } } -pub fn compare_hash<T: Digest>(password: String, hash: &String) -> bool { - get_hash_hex::<T>(password) == *hash +pub fn compare_hash<T: Digest>(password: String, hash: &Vec<u8>) -> bool { + get_hash::<T>(password) == *hash } -pub fn get_hash_hex<T: Digest>(text: String) -> String { +pub fn get_hash<T: Digest>(text: String) -> Vec<u8> { let mut hasher = T::new(); hasher.input(text); - hex::encode(hasher.result()) + hasher.result().to_vec() } impl Middleware<crate::MiniserveConfig> for Auth { @@ -110,18 +110,23 @@ impl Middleware<crate::MiniserveConfig> for Auth { mod tests { use super::*; + fn assert_hex_eq(expectation: &str, received: Vec<u8>) { + let bin = hex::decode(expectation).expect("Provided string is not a valid hex code"); + assert_eq!(bin, received); + } + #[test] fn get_hash_hex_sha256() { - let expectation = "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad".to_owned(); - let received = get_hash_hex::<Sha256>("abc".to_owned()); - assert_eq!(expectation, received); + let expectation = "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"; + let received = get_hash::<Sha256>("abc".to_owned()); + assert_hex_eq(expectation, received); } #[test] fn get_hash_hex_sha512() { - let expectation = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f".to_owned(); - let received = get_hash_hex::<Sha512>("abc".to_owned()); - assert_eq!(expectation, received); + let expectation = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f"; + let received = get_hash::<Sha512>("abc".to_owned()); + assert_hex_eq(expectation, received); } fn create_auth_params(username: &str, password: &str) -> BasicAuthParams { @@ -138,8 +143,8 @@ mod tests { username: username.to_owned(), password: match encrypt { "plain" => Plain(password.to_owned()), - "sha256" => Sha256(get_hash_hex::<sha2::Sha256>(password.to_owned())), - "sha512" => Sha512(get_hash_hex::<sha2::Sha512>(password.to_owned())), + "sha256" => Sha256(get_hash::<sha2::Sha256>(password.to_owned())), + "sha512" => Sha512(get_hash::<sha2::Sha512>(password.to_owned())), _ => panic!("Unknown encryption type") }, } |