/* * Copyright (c) 2010, Nicholas Campbell * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include #include #include #include #include #include #include // atoi #include "node_blf.h" #define NODE_LESS_THAN (!(NODE_VERSION_AT_LEAST(0, 5, 4))) using namespace v8; using namespace node; namespace { struct baton_base { v8::Persistent callback; std::string error; virtual ~baton_base() { callback.Dispose(); } }; struct salt_baton : baton_base { std::string seed; std::string salt; ssize_t rounds; salt_baton() : salt(), rounds(0) {} }; struct encrypt_baton : baton_base { std::string salt; std::string input; std::string output; }; struct compare_baton : baton_base { std::string input; std::string encrypted; bool result; compare_baton(): input(), encrypted(), result(false) {} }; bool ValidateSalt(const char* salt) { if (!salt || *salt != '$') { return false; } // discard $ salt++; if (*salt > BCRYPT_VERSION) { return false; } if (salt[1] != '$') { switch (salt[1]) { case 'a': salt++; break; default: return false; } } // discard version + $ salt += 2; if (salt[2] != '$') { return false; } int n = atoi(salt); if (n > 31 || n < 0) { return false; } if (((uint8_t)1 << (uint8_t)n) < BCRYPT_MINROUNDS) { return false; } salt += 3; if (strlen(salt) * 3 / 4 < BCRYPT_MAXSALT) { return false; } return true; } /* SALT GENERATION */ void GenSaltAsync(uv_work_t* req) { salt_baton* baton = static_cast(req->data); char salt[_SALT_LEN]; bcrypt_gensalt(baton->rounds, (u_int8_t *)&baton->seed[0], salt); baton->salt = std::string(salt); } void GenSaltAsyncAfter(uv_work_t* req) { HandleScope scope; salt_baton* baton = static_cast(req->data); delete req; Handle argv[2]; if (!baton->error.empty()) { argv[0] = Exception::Error(String::New(baton->error.c_str())); argv[1] = Undefined(); } else { argv[0] = Undefined(); argv[1] = Encode(baton->salt.c_str(), baton->salt.size(), BINARY); } TryCatch try_catch; // don't quite see the necessity of this baton->callback->Call(Context::GetCurrent()->Global(), 2, argv); if (try_catch.HasCaught()) FatalException(try_catch); delete baton; } Handle GenerateSalt(const Arguments &args) { HandleScope scope; if (args.Length() < 3) { return ThrowException(Exception::TypeError(String::New("3 arguments expected"))); } if (!Buffer::HasInstance(args[1]) || Buffer::Length(args[1].As