X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fstorage.cpp;h=f8d60b76709a9f1b476f88e70d8ad1b3fe4f5dc5;hp=0fbd3fc2615430ab949608dcdd574b5d55d86a66;hb=1e57394b3bb6aaf6213270658e00975b19f02d26;hpb=f824db0e31b54969e0b7fa0b5405b1e9173d482c diff --git a/src/core/storage.cpp b/src/core/storage.cpp index 0fbd3fc2..f8d60b76 100644 --- a/src/core/storage.cpp +++ b/src/core/storage.cpp @@ -1,5 +1,5 @@ /*************************************************************************** - * Copyright (C) 2005-09 by the Quassel Project * + * Copyright (C) 2005-2015 by the Quassel Project * * devel@quassel-irc.org * * * * This program is free software; you can redistribute it and/or modify * @@ -15,7 +15,7 @@ * You should have received a copy of the GNU General Public License * * along with this program; if not, write to the * * Free Software Foundation, Inc., * - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * ***************************************************************************/ #include "storage.h" @@ -23,10 +23,88 @@ #include Storage::Storage(QObject *parent) - : QObject(parent) + : QObject(parent) { } -QString Storage::cryptedPassword(const QString &password) { - return QString(QCryptographicHash::hash(password.toUtf8(), QCryptographicHash::Sha1).toHex()); +QString Storage::hashPassword(const QString &password) +{ +#if QT_VERSION >= 0x050000 + return hashPasswordSha2_512(password); +#else + return hashPasswordSha1(password); +#endif +} + +bool Storage::checkHashedPassword(const UserId user, const QString &password, const QString &hashedPassword, const Storage::HashVersion version) +{ + bool passwordCorrect = false; + + switch (version) { + case Storage::HashVersion::sha1: + passwordCorrect = checkHashedPasswordSha1(password, hashedPassword); + break; + +#if QT_VERSION >= 0x050000 + case Storage::HashVersion::sha2_512: + passwordCorrect = checkHashedPasswordSha2_512(password, hashedPassword); + break; +#endif + + default: + qWarning() << "Password hash version" << QString(version) << "is not supported, please reset password"; + } + + if (passwordCorrect && version < Storage::HashVersion::latest) { + updateUser(user, password); + } + + return passwordCorrect; +} + +QString Storage::hashPasswordSha1(const QString &password) +{ + return QString(QCryptographicHash::hash(password.toUtf8(), QCryptographicHash::Sha1).toHex()); +} + +bool Storage::checkHashedPasswordSha1(const QString &password, const QString &hashedPassword) +{ + return hashPasswordSha1(password) == hashedPassword; +} + +#if QT_VERSION >= 0x050000 +QString Storage::hashPasswordSha2_512(const QString &password) +{ + // Generate a salt of 512 bits (64 bytes) using the Mersenne Twister + std::random_device seed; + std::mt19937 generator(seed()); + std::uniform_int_distribution distribution(0, 255); + QByteArray saltBytes; + saltBytes.resize(64); + for (int i = 0; i < 64; i++) { + saltBytes[i] = (unsigned char) distribution(generator); + } + QString salt(saltBytes.toHex()); + + // Append the salt to the password and hash it + QString passwordAndSalt(password + salt); + QString hash(QCryptographicHash::hash(passwordAndSalt.toUtf8(), QCryptographicHash::Sha512).toHex()); + + return hash + ":" + salt; +} + +bool Storage::checkHashedPasswordSha2_512(const QString &password, const QString &hashedPassword) +{ + QRegExp colonSplitter("\\:"); + QStringList hashedPasswordAndSalt = hashedPassword.split(colonSplitter); + + if (hashedPasswordAndSalt.size() == 2){ + QString passwordAndSalt(password + hashedPasswordAndSalt[1]); + return QString(QCryptographicHash::hash(passwordAndSalt.toUtf8(), QCryptographicHash::Sha512).toHex()) == hashedPasswordAndSalt[0]; + } + else { + qWarning() << "Password hash and salt were not in the correct format"; + return false; + } } +#endif