aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/args.rs37
-rw-r--r--src/auth.rs33
2 files changed, 44 insertions, 26 deletions
diff --git a/src/args.rs b/src/args.rs
index 433840e..5617704 100644
--- a/src/args.rs
+++ b/src/args.rs
@@ -91,11 +91,16 @@ fn parse_auth(src: &str) -> Result<auth::RequiredAuth, String> {
None => return Err(errmsg),
};
- let password = if let Some(hash) = split.next() {
+ let password = if let Some(hash_hex) = split.next() {
+ let hash_bin = match hex::decode(hash_hex) {
+ Ok(hash_bin) => hash_bin,
+ _ => return Err("Hash string is not a valid hex code".to_owned()),
+ };
+
match second_part {
- "sha256" => auth::RequiredAuthPassword::Sha256(hash.to_owned()),
- "sha512" => auth::RequiredAuthPassword::Sha512(hash.to_owned()),
- _ => return Err("Invalid hash method, only accept either sha256 or sha512".to_owned())
+ "sha256" => auth::RequiredAuthPassword::Sha256(hash_bin.to_owned()),
+ "sha512" => auth::RequiredAuthPassword::Sha512(hash_bin.to_owned()),
+ _ => return Err("Invalid hash method, only accept either sha256 or sha512".to_owned()),
}
} else {
// To make it Windows-compatible, the password needs to be shorter than 255 characters.
@@ -164,8 +169,8 @@ mod tests {
username: username.to_owned(),
password: match encrypt {
"plain" => Plain(password.to_owned()),
- "sha256" => Sha256(password.to_owned()),
- "sha512" => Sha512(password.to_owned()),
+ "sha256" => Sha256(hex::decode(password.to_owned()).unwrap()),
+ "sha512" => Sha512(hex::decode(password.to_owned()).unwrap()),
_ => panic!("Unknown encryption type")
},
}
@@ -184,8 +189,8 @@ mod tests {
#[test]
fn parse_auth_sha256() -> Result<(), String> {
assert_eq!(
- parse_auth("username:sha256:hash")?,
- create_required_auth("username", "hash", "sha256")
+ parse_auth("username:sha256:abcd")?,
+ create_required_auth("username", "abcd", "sha256")
);
Ok(())
@@ -194,8 +199,8 @@ mod tests {
#[test]
fn parse_auth_sha512() -> Result<(), String> {
assert_eq!(
- parse_auth("username:sha512:hash")?,
- create_required_auth("username", "hash", "sha512")
+ parse_auth("username:sha512:abcd")?,
+ create_required_auth("username", "abcd", "sha512")
);
Ok(())
@@ -212,12 +217,20 @@ mod tests {
#[test]
fn parse_auth_invalid_hash_method() {
assert_eq!(
- parse_auth("username:blahblah:hash").unwrap_err(),
+ parse_auth("username:blahblah:abcd").unwrap_err(),
"Invalid hash method, only accept either sha256 or sha512".to_owned()
);
}
#[test]
+ fn parse_auth_invalid_hash_string() {
+ assert_eq!(
+ parse_auth("username:sha256:invalid").unwrap_err(),
+ "Hash string is not a valid hex code".to_owned()
+ );
+ }
+
+ #[test]
fn parse_auth_excessive_length() {
let password = &"x".repeat(256);
let param = "username:".to_owned() + password;
@@ -227,4 +240,4 @@ mod tests {
"Password length cannot exceed 255 characters".to_owned()
);
}
-} \ No newline at end of file
+}
diff --git a/src/auth.rs b/src/auth.rs
index fed3732..806bdb7 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -20,8 +20,8 @@ pub struct BasicAuthParams {
#[derive(Clone, Debug, PartialEq)]
pub enum RequiredAuthPassword {
Plain(String),
- Sha256(String),
- Sha512(String),
+ Sha256(Vec<u8>),
+ Sha512(Vec<u8>),
}
#[derive(Clone, Debug, PartialEq)]
@@ -61,14 +61,14 @@ pub fn match_auth(basic_auth: BasicAuthParams, required_auth: &RequiredAuth) ->
}
}
-pub fn compare_hash<T: Digest>(password: String, hash: &String) -> bool {
- get_hash_hex::<T>(password) == *hash
+pub fn compare_hash<T: Digest>(password: String, hash: &Vec<u8>) -> bool {
+ get_hash::<T>(password) == *hash
}
-pub fn get_hash_hex<T: Digest>(text: String) -> String {
+pub fn get_hash<T: Digest>(text: String) -> Vec<u8> {
let mut hasher = T::new();
hasher.input(text);
- hex::encode(hasher.result())
+ hasher.result().to_vec()
}
impl Middleware<crate::MiniserveConfig> for Auth {
@@ -110,18 +110,23 @@ impl Middleware<crate::MiniserveConfig> for Auth {
mod tests {
use super::*;
+ fn assert_hex_eq(expectation: &str, received: Vec<u8>) {
+ let bin = hex::decode(expectation).expect("Provided string is not a valid hex code");
+ assert_eq!(bin, received);
+ }
+
#[test]
fn get_hash_hex_sha256() {
- let expectation = "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad".to_owned();
- let received = get_hash_hex::<Sha256>("abc".to_owned());
- assert_eq!(expectation, received);
+ let expectation = "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad";
+ let received = get_hash::<Sha256>("abc".to_owned());
+ assert_hex_eq(expectation, received);
}
#[test]
fn get_hash_hex_sha512() {
- let expectation = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f".to_owned();
- let received = get_hash_hex::<Sha512>("abc".to_owned());
- assert_eq!(expectation, received);
+ let expectation = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
+ let received = get_hash::<Sha512>("abc".to_owned());
+ assert_hex_eq(expectation, received);
}
fn create_auth_params(username: &str, password: &str) -> BasicAuthParams {
@@ -138,8 +143,8 @@ mod tests {
username: username.to_owned(),
password: match encrypt {
"plain" => Plain(password.to_owned()),
- "sha256" => Sha256(get_hash_hex::<sha2::Sha256>(password.to_owned())),
- "sha512" => Sha512(get_hash_hex::<sha2::Sha512>(password.to_owned())),
+ "sha256" => Sha256(get_hash::<sha2::Sha256>(password.to_owned())),
+ "sha512" => Sha512(get_hash::<sha2::Sha512>(password.to_owned())),
_ => panic!("Unknown encryption type")
},
}