Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Initial import.

  • Loading branch information...
commit e68b3ba850aa545559ab06440ac89400a2bbe3f4 0 parents
@silentbicycle authored
2  Makefile
@@ -0,0 +1,2 @@
+include config.mk
+include lualib.mk
20 README.md
@@ -0,0 +1,20 @@
+Simple bcrypt wrapper for Lua.
+
+**Basic usage:**
+
+ require "bcrypt"
+ -- Defaults to a cost of 8, higher will take (much, much...) longer.
+ local salt = bcrypt.gensalt(8)
+ local hash = bcrypt.bcrypt("my password", salt)
+
+ -- Print the contents. You can just save hash.raw; bcrypt.equal
+ -- can take the raw string or the derived table.
+ for k,v in pairs(hash) do print("--> ", k,v) end
+ --> raw $2a$07$8BzFlUuprZN4FSBpDx3ZAuPWOu4CZ3uv8Awa4EjAZhNmnIY59nh2e
+ --> salt 8BzFlUuprZN4FSBpDx3ZAu
+ --> version 2a
+ --> cost 7
+
+ -- Later, somebady wants to log in, check if the password matches.
+ if bcrypt.equal("my password", hash) then print "OK" end --> "OK"
+ if not bcrypt.equal("not my password", hash) then print "REJECTED" end --> "REJECTED"
45 bcrypt.lua
@@ -0,0 +1,45 @@
+local assert, print, require, string, tonumber, type =
+ assert, print, require, string, tonumber, type
+
+module("bcrypt")
+
+local bc = require "bcryptc"
+
+local _bcrypt, _gensalt = bc.bcrypt, bc.gensalt
+
+-- Generate a salt, with a given cost.
+function gensalt(cost)
+ return _gensalt(cost or 8)
+end
+
+-- Read version, cost, and salt from bcrypt hash string.
+function parse(hash)
+ assert(type(hash) == "string")
+ local version, cost = hash:match("^%$(..)%$(..)%$")
+ if not version then return false end
+ local salt = string.sub(hash, 8, 29)
+ return version, tonumber(cost, 16), salt
+end
+
+-- Create a new password with a given salt.
+function create(password, salt)
+ local hash = bc.bcrypt(password, salt)
+ local v, c, s = parse(hash)
+ local p = { raw=hash, version=v, cost=c, salt=s }
+ return p
+end
+
+-- Does a password encrypt to match the saved hash (using its salt and cost)?
+function equal(password, hash)
+ local ver, cost, salt, raw
+ if type(hash) == "table" then
+ ver, cost, salt = hash.version, hash.cost, hash.salt
+ raw = hash.raw
+ elseif type(hash) == "string" then
+ raw = hash
+ ver, cost, salt = parse(hash)
+ if not ver then return false, "Not a valid bcrypt password entry" end
+ end
+ local np = create(password, raw)
+ return np.raw == raw
+end
36 config.mk
@@ -0,0 +1,36 @@
+# Lua-specific paths and libraries
+LUA_VER= 5.1
+LUA= /usr/local/bin/lua
+LUA_LIBPATH= -L/usr/local/lib/
+LUA_LIBS= -llua -lm
+LUA_INC= -I/usr/local/include/
+LUA_FLAGS= $(LUA_INC) $(LUA_LIBPATH) $(LUA_LIBS)
+
+
+# Where compiled libraries and .lua sources install.
+LUA_DEST_LIB= /usr/local/lib/lua/$(LUA_VER)/
+LUA_DEST_LUA= /usr/local/share/lua/$(LUA_VER)/
+
+
+# Additional C settings
+CC= cc
+LIB_PATHS=
+LIBS=
+INC=
+CFLAGS= -Wall -shared -fPIC
+LIBEXT= .so
+
+
+# Other tools, optional
+LINT= lint
+ARCHNAME= lua-$(LIBNAME)
+TESTSUITE= test.lua
+
+
+# Build targets
+LIBNAME= bcrypt
+LIBPREFIX= l
+LIBSUFFIX= c
+LIBFILE= $(LIBNAME)$(LIBSUFFIX)$(LIBEXT)
+INST_LIB= $(LIBFILE)
+INST_LUA= $(LIBNAME).lua
32 lbcrypt.c
@@ -0,0 +1,32 @@
+#include <pwd.h>
+#include <unistd.h>
+#include <lua.h>
+#include <lauxlib.h>
+
+static int lbcrypt_gensalt(lua_State *L) {
+ int log_rounds = luaL_checkint(L, 1);
+ char* salt = bcrypt_gensalt(log_rounds);
+ lua_pushstring(L, salt);
+ return 1;
+}
+
+
+static int lbcrypt(lua_State *L) {
+ const char *key = luaL_checkstring(L, 1);
+ const char *salt = luaL_checkstring(L, 2);
+ char* res = bcrypt(key, salt);
+ lua_pushstring(L, res);
+ return 1;
+}
+
+
+static const struct luaL_Reg lbcrypt_lib[] = {
+ { "gensalt", lbcrypt_gensalt },
+ { "bcrypt", lbcrypt },
+ { NULL, NULL },
+};
+
+int luaopen_bcryptc(lua_State *L) {
+ luaL_register(L, "bcryptc", lbcrypt_lib);
+ return 1;
+}
34 lualib.mk
@@ -0,0 +1,34 @@
+# Makefile for Lua libraries written in C.
+
+all: $(LIBFILE)
+
+clean:
+ rm -f *.so $(ARCHNAME)*.tar.gz $(ARCHNAME)*.zip *.core
+
+$(LIBFILE): $(LIBPREFIX)$(LIBNAME).c
+ $(CC) -o $@ $> $(CFLAGS) $(LUA_FLAGS) $(INC) $(LIB_PATHS) $(LIBS)
+
+test: $(LIBFILE)
+ $(LUA) $(TESTSUITE)
+
+lint: $(LIBPREFIX)$(LIBNAME).c
+ $(LINT) $(INC) $(LUA_INC) $>
+
+tar:
+ git archive --format=tar --prefix=$(ARCHNAME)-$(LIBVER)/ HEAD^{tree) \
+ | gzip > $(ARCHNAME)-$(LIBVER).tar.gz
+
+zip:
+ git archive --format=zip --prefix=$(ARCHNAME)-$(LIBVER)/ HEAD^{tree) \
+ > $(ARCHNAME)-$(LIBVER).zip
+
+gdb:
+ gdb `which lua` lua.core
+
+install: $(LIBFILE)
+ cp $(INST_LIB) $(LUA_DEST_LIB)
+ cp $(INST_LUA) $(LUA_DEST_LUA)
+
+uninstall:
+ rm -f $(LUA_DEST_LIB)$(LIBFILE)$(LIBEXT)*
+ rm -f $(LUA_DEST_LUA)$(INST_LUA)
22 test.lua
@@ -0,0 +1,22 @@
+require "bcrypt"
+pcall(require, "socket") --use for timing, if available
+
+local now, t
+if socket then now = socket.gettime end
+
+for cost=4,14 do
+ print("\nCost: ", cost)
+ local t; if now then t = now() end
+ local salt = bcrypt.gensalt(cost)
+ local pwd = "my password" .. cost
+ local bad_pwd = "not my password" .. cost
+ local hash = bcrypt.create(pwd, salt)
+
+ print("matching password accepted: ",
+ assert(bcrypt.equal(pwd, hash)), pwd)
+
+ print("differing password rejected: ",
+ assert(not bcrypt.equal(bad_pwd, hash)), bad_pwd)
+
+ if t then print(" -- Elapsed: ", now() - t) end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.