Skip to content
Permalink
Browse files

Account for more bcrypt failure scenarios (#1207)

Related to #1206
  • Loading branch information
qaisjp committed Jan 12, 2020
1 parent 6f5d986 commit ea3668f1893080a799893ad0b5d43ff325358bce
Showing with 6 additions and 3 deletions.
  1. +6 −3 Shared/sdk/SharedUtil.Hash.hpp
@@ -487,7 +487,8 @@ namespace SharedUtil
std::generate_n(saltBuffer, sizeof(saltBuffer), generator);

char saltBase64Buffer[30];
bcrypt::crypt_gensalt_rn("$2y$", cost, saltBuffer, sizeof(saltBuffer), saltBase64Buffer, sizeof(saltBase64Buffer));
if (!bcrypt::crypt_gensalt_rn("$2y$", cost, saltBuffer, sizeof(saltBuffer), saltBase64Buffer, sizeof(saltBase64Buffer)))
return "";
salt = SStringX(saltBase64Buffer);
}
else
@@ -499,15 +500,17 @@ namespace SharedUtil
return "";

char hashBuffer[HashBufferSize];
bcrypt::crypt_rn(password.c_str(), salt.c_str(), hashBuffer, sizeof(hashBuffer));
if (!bcrypt::crypt_rn(password.c_str(), salt.c_str(), hashBuffer, sizeof(hashBuffer)))
return "";

return SStringX(hashBuffer);
}

bool BcryptVerify(const SString& password, const SString& hash)
{
char checkedHashBuffer[HashBufferSize];
bcrypt::crypt_rn(password.c_str(), hash.c_str(), checkedHashBuffer, sizeof(checkedHashBuffer));
if (!bcrypt::crypt_rn(password.c_str(), hash.c_str(), checkedHashBuffer, sizeof(checkedHashBuffer)))
return false;

return strcmp(checkedHashBuffer, hash.c_str()) == 0;
}

0 comments on commit ea3668f

Please sign in to comment.
You can’t perform that action at this time.