Silverfish/proton-bridge
1
0
Fork 1
mirror of https://github.com/ProtonMail/proton-bridge.git synced 2025-12-15 14:56:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

GODT-1155 Update gopenpgp and use go-srp

Browse Source
This commit is contained in:
Jakub
2021-05-14 09:36:48 +02:00
committed by James Houlahan
parent c69239ca16
commit a2029002c4
40 changed files with 257 additions and 603 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/pmapi/passwords.go
View File

@ -20,13 +20,14 @@ package pmapi
import (
"encoding/base64"
"github.com/jameskeane/bcrypt"
"github.com/ProtonMail/go-srp"
"github.com/pkg/errors"
)
func HashMailboxPassword(password, salt string) ([]byte, error) {
// HashMailboxPassword expectects 128bit long salt encoded by standard base64.
func HashMailboxPassword(password []byte, salt string) ([]byte, error) {
if salt == "" {
return []byte(password), nil
return password, nil
}
decodedSalt, err := base64.StdEncoding.DecodeString(salt)
@ -34,15 +35,10 @@ func HashMailboxPassword(password, salt string) ([]byte, error) {
return nil, errors.Wrap(err, "failed to decode salt")
}
encodedSalt := base64.NewEncoding("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789").WithPadding(base64.NoPadding).EncodeToString(decodedSalt)
hashResult, err := bcrypt.Hash(password, "$2y$10$"+encodedSalt)
hash, err := srp.MailboxPassword(password, decodedSalt)
if err != nil {
return nil, errors.Wrap(err, "failed to bcrypt-hash password")
return nil, errors.Wrap(err, "failed to hash password")
}
if len(hashResult) != 60 {
return nil, errors.New("pmapi: invalid mailbox password hash")
}
return []byte(hashResult[len(hashResult)-31:]), nil
return hash[len(hash)-31:], nil
}