Parkmanne/old/encrypt.cpp

40 lines
1.4 KiB
C++
Raw Permalink Normal View History

#include "headers/encrypt.h"
string hash_password(string password) {
/*
Passing strings and converting to char* because I do not want to be forced
2019-07-23 14:17:55 +00:00
to use char * whenever the function is called.
Low level stuff in the function, the least possible low level stuff outside.
2019-07-02 18:40:37 +00:00
This uses the password hashing algorithm Argon2 implemented by libsodium.
2019-07-23 14:17:55 +00:00
2019-07-02 18:40:37 +00:00
DO NOT MODIFY memory_limit and cpu_limit after you add customers to the db.
When you do that, the hashed passwords can't be decrypted, and that would be
2019-07-23 14:17:55 +00:00
BAD.
*/
const char* password_ = password.c_str();
char hashed_password_[crypto_pwhash_STRBYTES];
2019-07-01 23:42:41 +00:00
int memory_limit = 3.2e+7; // 3.2e7 = 32e6 = 32 mb
2019-07-23 14:17:55 +00:00
int cpu_limit = 1; // this somewhat resembles n_threads, but is not a 1 to 1 match.
2019-07-08 20:57:09 +00:00
int result =
crypto_pwhash_str(hashed_password_, password_, strlen(password_), cpu_limit, memory_limit);
string hashed_password{hashed_password_};
return hashed_password;
}
bool verify_password(string hashed_password, string unhashed_password) {
2019-07-02 18:40:37 +00:00
/*
this verifies the password. It's encryption magic and don't question it.
*/
const char* password_ = unhashed_password.c_str();
const char* hashed_password_ = hashed_password.c_str();
2019-07-08 20:57:09 +00:00
if (crypto_pwhash_str_verify(hashed_password_, password_, strlen(password_)) != 0) {
return false;
} else {
return true;
}
}