diff --git a/Cargo.toml b/Cargo.toml index ae1dff6..1a9e2b4 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "cas-lib" -version = "0.2.68" +version = "0.2.69" edition = "2021" description = "A function wrapper layer for RustCrypto and Dalek-Cryptography. Intended to be used in FFI situations with a global heap deallactor at the top level project." license = "Apache-2.0" @@ -35,7 +35,7 @@ chacha20poly1305 = "0.10.1" slh-dsa = "0.0.3" ml-kem = "0.2.1" reqwest = { version = "0.12.24", features = ["json", "cookies", "rustls-tls"] } -serde = "1.0.228" +serde = { version = "1.0.228", features = ["derive"] } tokio = { version = "1.48.0", features = ["macros", "rt-multi-thread"] } url = "2.5.7" once_cell = "1.21.3" diff --git a/src/http/types/mod.rs b/src/http/types/mod.rs index 419ffa9..bd351da 100644 --- a/src/http/types/mod.rs +++ b/src/http/types/mod.rs @@ -1,4 +1,4 @@ -use serde::Serialize; +use serde::{Deserialize, Serialize}; pub mod runtime; @@ -10,7 +10,7 @@ pub struct BenchmarkRequest { pub time_in_milliseconds: i64 } -#[derive(serde::Deserialize)] +#[derive(Deserialize)] #[serde(rename_all = "camelCase")] pub struct AuthResponse { pub token: String, diff --git a/src/password_hashers/bcrypt.rs b/src/password_hashers/bcrypt.rs index 2a1b576..921b6d8 100644 --- a/src/password_hashers/bcrypt.rs +++ b/src/password_hashers/bcrypt.rs @@ -2,20 +2,18 @@ use bcrypt::{hash, verify, DEFAULT_COST}; -use super::cas_password_hasher::CASPasswordHasher; - pub struct CASBCrypt; -impl CASPasswordHasher for CASBCrypt { +impl CASBCrypt { /// Hashes a password using bcrypt. /// Returns the hashed password as a string. - fn hash_password(password_to_hash: String) -> String { + pub fn hash_password(password_to_hash: String) -> String { return hash(password_to_hash, DEFAULT_COST).unwrap(); } /// Verifies a password against a hashed password using bcrypt. /// Returns true if the password matches the hashed password, false otherwise. - fn verify_password(hashed_password: String, password_to_verify: String) -> bool { + pub fn verify_password(hashed_password: String, password_to_verify: String) -> bool { return verify(password_to_verify, &hashed_password).unwrap(); } } diff --git a/src/password_hashers/cas_password_hasher.rs b/src/password_hashers/cas_password_hasher.rs index 48a4fff..62cae98 100644 --- a/src/password_hashers/cas_password_hasher.rs +++ b/src/password_hashers/cas_password_hasher.rs @@ -1,8 +1,3 @@ -pub trait CASPasswordHasher { - fn hash_password(password_to_hash: String) -> String; - fn verify_password(hashed_password: String, password_to_verify: String) -> bool; -} - pub struct Pbkdf2Result { pub password: Vec, pub salt: Vec diff --git a/src/password_hashers/scrypt.rs b/src/password_hashers/scrypt.rs index 6d84b72..86b18ba 100644 --- a/src/password_hashers/scrypt.rs +++ b/src/password_hashers/scrypt.rs @@ -4,17 +4,27 @@ use scrypt::{ password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString}, - Scrypt, + Scrypt, Params }; -use super::cas_password_hasher::CASPasswordHasher; - pub struct CASScrypt; -impl CASPasswordHasher for CASScrypt { +impl CASScrypt { + /// Hashes a passwith using Scrypt with custom params. + /// Parameters: + /// - password_to_hash: The password to be hashed. + /// - cpu_memory_cost: logâ‚‚ of the Scrypt parameter `N`, the work factor. + /// - block_size: `r` parameter: resource usage. + /// - parallelism: `p` parameter: parallelization. + pub fn hash_password_customized(password_to_hash: String, cpu_memory_cost: u8, block_size: u32, parallelism: u32) -> String { + let salt = SaltString::generate(&mut OsRng); + let params = Params::new(cpu_memory_cost, block_size, parallelism, 32).unwrap(); + return Scrypt.hash_password_customized(password_to_hash.as_bytes(), None, None, params, &salt).unwrap().to_string(); + } + /// Hashes a password using Scrypt. /// Returns the hashed password as a string. - fn hash_password(password_to_hash: String) -> String { + pub fn hash_password(password_to_hash: String) -> String { let salt = SaltString::generate(&mut OsRng); return Scrypt .hash_password(password_to_hash.as_bytes(), &salt) @@ -24,7 +34,7 @@ impl CASPasswordHasher for CASScrypt { /// Verifies a password against a hashed password using Scrypt. /// Returns true if the password matches the hashed password, false otherwise. - fn verify_password(hashed_password: String, password_to_verify: String) -> bool { + pub fn verify_password(hashed_password: String, password_to_verify: String) -> bool { let parsed_hash = PasswordHash::new(&hashed_password).unwrap(); return Scrypt .verify_password(password_to_verify.as_bytes(), &parsed_hash) diff --git a/tests/password_hashers.rs b/tests/password_hashers.rs index ffc1ae7..aea8032 100644 --- a/tests/password_hashers.rs +++ b/tests/password_hashers.rs @@ -1,7 +1,7 @@ #[cfg(test)] mod password_hashers { use std::path::Path; - use cas_lib::{password_hashers::{argon2::CASArgon, bcrypt::CASBCrypt, cas_password_hasher::CASPasswordHasher, scrypt::CASScrypt}, symmetric::{aes::{CASAES128, CASAES256}, cas_symmetric_encryption::{CASAES128Encryption, CASAES256Encryption}}}; + use cas_lib::{password_hashers::{argon2::CASArgon, bcrypt::CASBCrypt, scrypt::CASScrypt}, symmetric::{aes::{CASAES128, CASAES256}, cas_symmetric_encryption::{CASAES128Encryption, CASAES256Encryption}}}; #[test] pub fn argon2_hash_with_parameters() { @@ -53,6 +53,14 @@ mod password_hashers { assert_eq!(true, verification); } + #[test] + pub fn scrypt_hash_password_customized() { + let password = "DoNotUseThisPassword".to_string(); + let hash = CASScrypt::hash_password_customized(password.clone(), 17, 8, 1); + let verification = CASScrypt::verify_password(hash, password); + assert_eq!(true, verification); + } + #[test] pub fn bcrypt_hash_password() { let password = "DoNotUseThisPassword".to_string();