Add Bcrypt hashing

Cargo.toml

@@ -42,3 +42,4 @@ hmac-sha256 = "1.1.5"
 hmac-sha512 = { version = "1.1.2", features = ["sha384"] }
 rsa = "0.7.2"
 yew-hooks = "0.2.0"
+bcrypt = "0.14.0"

src/crypto_helper.rs

@@ -15,6 +15,7 @@ use sha1::{Digest, Sha1};
 use yew::{classes, function_component, html, use_effect_with_deps, use_state, Callback, Html};
 use yew_hooks::{use_clipboard, use_location};
 use yew_notifications::{use_notification, Notification, NotificationType};
+use crate::crypto_helper::computations::process_bcrypt;
 
 use self::computations::{process_krb_cipher, process_krb_hmac, process_rsa};
 use crate::url_query_params::generate_crypto_helper_link;
@@ -35,6 +36,7 @@ fn convert(algrithm: &Algorithm) -> Result<Vec<u8>, String> {
         Algorithm::HmacSha196Aes128(input) => process_krb_hmac(ChecksumSuite::HmacSha196Aes128.hasher(), input),
         Algorithm::HmacSha196Aes256(input) => process_krb_hmac(ChecksumSuite::HmacSha196Aes256.hasher(), input),
         Algorithm::Rsa(input) => process_rsa(input),
+        Algorithm::Bcrypt(input) => process_bcrypt(input),
     }
 }
 

src/crypto_helper/algorithm.rs

@@ -6,7 +6,7 @@ use serde::{Deserialize, Serialize};
 
 use super::serde::*;
 
-pub const SUPPORTED_ALGORITHMS: [&str; 10] = [
+pub const SUPPORTED_ALGORITHMS: [&str; 11] = [
     "MD5",                     // 0
     "SHA1",                    // 1
     "SHA256",                  // 2
@@ -17,14 +17,16 @@ pub const SUPPORTED_ALGORITHMS: [&str; 10] = [
     "HMAC-SHA1-96-AES256",     // 7
     "RSA",                     // 8
     "SHA384",                  // 9
+    "BCRYPT",                  // 10
 ];
 
-pub const HASHING_ALGOS: [&str; 5] = [
+pub const HASHING_ALGOS: [&str; 6] = [
     SUPPORTED_ALGORITHMS[0],
     SUPPORTED_ALGORITHMS[1],
     SUPPORTED_ALGORITHMS[2],
     SUPPORTED_ALGORITHMS[3],
     SUPPORTED_ALGORITHMS[9],
+    SUPPORTED_ALGORITHMS[10],
 ];
 
 pub const ENCRYPTION_ALGOS: [&str; 3] = [
@@ -246,6 +248,64 @@ pub struct RsaInput {
     pub payload: Vec<u8>,
 }
 
+impl Default for BcryptInput {
+    fn default() -> Self {
+        let action = BcryptAction::Hash(BcryptHashAction {
+            rounds: 8,
+            salt: Vec::new(),
+        });
+        Self {
+            data: Vec::new(),
+            action
+        }
+    }
+}
+
+impl Default for BcryptHashAction {
+    fn default() -> Self {
+        Self {
+            rounds: 8,
+            salt: Vec::new(),
+        }
+    }
+}
+
+#[derive(Eq, Clone, PartialEq, Debug, Serialize, Deserialize)]
+pub struct BcryptHashAction {
+    pub rounds: u32,
+    pub salt: Vec<u8>,
+}
+
+#[derive(Eq, Clone, PartialEq, Serialize, Deserialize, Debug)]
+pub enum BcryptAction {
+    Hash(BcryptHashAction),
+    Verify(String),
+}
+
+impl From<BcryptAction> for bool {
+    fn from(action: BcryptAction) -> Self {
+        match action {
+            BcryptAction::Hash(_) => false,
+            BcryptAction::Verify(_) => true,
+        }
+    }
+}
+
+impl From<bool> for BcryptAction {
+    fn from(action: bool) -> Self {
+        match action {
+            true => Self::Verify(Default::default()),
+            false => Self::Hash(Default::default()),
+        }
+    }
+}
+
+#[derive(Debug, PartialEq, Eq, Clone, Serialize, Deserialize)]
+pub struct BcryptInput {
+    pub action: BcryptAction,
+    pub data: Vec<u8>,
+}
+
 #[allow(clippy::large_enum_variant)]
 #[derive(Debug, PartialEq, Eq, Clone, Serialize, Deserialize)]
 pub enum Algorithm {
@@ -264,6 +324,7 @@ pub enum Algorithm {
     HmacSha196Aes128(KrbInputData),
     HmacSha196Aes256(KrbInputData),
     Rsa(RsaInput),
+    Bcrypt(BcryptInput),
 }
 
 impl TryFrom<&str> for Algorithm {
@@ -290,6 +351,8 @@ impl TryFrom<&str> for Algorithm {
             return Ok(Algorithm::HmacSha196Aes256(Default::default()));
         } else if value == SUPPORTED_ALGORITHMS[8] {
             return Ok(Algorithm::Rsa(Default::default()));
+        } else if value == SUPPORTED_ALGORITHMS[10] {
+            return Ok(Algorithm::Bcrypt(Default::default()));
         }
 
         log::error!("invalid algo literal: {}", value);
@@ -311,6 +374,7 @@ impl From<&Algorithm> for &str {
             Algorithm::HmacSha196Aes128(_) => SUPPORTED_ALGORITHMS[6],
             Algorithm::HmacSha196Aes256(_) => SUPPORTED_ALGORITHMS[7],
             Algorithm::Rsa(_) => SUPPORTED_ALGORITHMS[8],
+            Algorithm::Bcrypt(_) => SUPPORTED_ALGORITHMS[10],
         }
     }
 }

src/crypto_helper/computations.rs

@@ -3,8 +3,10 @@ use picky_krb::crypto::{Checksum, Cipher};
 use rand::SeedableRng;
 use rand_chacha::ChaCha8Rng;
 use rsa::{PaddingScheme, PublicKey as PublicKeyTrait};
+use std::convert::TryInto;
+use bcrypt::Version;
 
-use super::algorithm::{KrbInput, KrbInputData, KrbMode, RsaAction, RsaInput};
+use super::algorithm::{KrbInput, KrbInputData, KrbMode, RsaAction, RsaInput, BcryptInput, BcryptAction, BcryptHashAction};
 
 pub fn process_rsa(input: &RsaInput) -> Result<Vec<u8>, String> {
     let payload = &input.payload;
@@ -44,3 +46,39 @@ pub fn process_krb_hmac(hasher: Box<dyn Checksum>, input: &KrbInputData) -> Resu
         .checksum(&input.key, input.key_usage, &input.payload)
         .map_err(|err| err.to_string())
 }
+
+pub fn process_bcrypt(input: &BcryptInput) -> Result<Vec<u8>, String> {
+    match &input.action {
+        BcryptAction::Hash(bcrypt_hash_action) => hash_bcrypt(bcrypt_hash_action, &input.data),
+        BcryptAction::Verify(hashed) => verify_bcrypt(&input.data, hashed),
+    }
+}
+fn hash_bcrypt(hash_action: &BcryptHashAction, password: &[u8]) -> Result<Vec<u8>, String> {
+    match hash_action.salt.len() {
+        16 => hash_with_salt_bcrypt(password, hash_action.rounds, hash_action.salt.clone().try_into().unwrap()), // todo: get rid of clone()
+        0 => hash_without_salt_bcrypt(password, hash_action.rounds),
+        len => Err(format!("Invalid bcrypt salt len: expected 16 bytes but got {}", len))
+    }
+}
+fn hash_with_salt_bcrypt(password: &[u8], rounds: u32, salt: [u8; 16]) -> Result<Vec<u8>, String> {
+    let res = bcrypt::hash_with_salt(password, rounds, salt);
+    match &res {
+        Ok(hash_parts) => Ok(hash_parts.format_for_version(Version::TwoB).into_bytes()),
+        Err(e) => Err(e.to_string()),
+    }
+}
+fn hash_without_salt_bcrypt(password: &[u8], cost: u32) -> Result<Vec<u8>, String> {
+    match bcrypt::hash(password, cost) {
+        Ok(hash) => Ok(hash.into_bytes()),
+        Err(e) => Err(e.to_string())
+    }
+}
+fn verify_bcrypt(password: &[u8], hashed: &str) -> Result<Vec<u8>, String>{
+    match bcrypt::verify(password, hashed) {
+        Ok(res) => Ok(match res {
+            true => vec![1],
+            false => vec![],
+        }),
+        Err(e) => Err(e.to_string()),
+    }
+}

src/crypto_helper/info.rs

@@ -65,6 +65,9 @@ fn get_algorithm_info(algorithm: &Algorithm) -> Html {
         Algorithm::Rsa(_) => html! {
             <span>{"Use RSA algorithm to sign/verify/encrypt/decrypt your data."}</span>
         },
+        Algorithm::Bcrypt(_) => html! {
+            <span>{"Use Bcrypt algorithm to encrypt/verify your data."}</span>
+        },
     }
 }
 

src/crypto_helper/input.rs

@@ -1,11 +1,13 @@
 mod krb;
 mod rsa;
+mod bcrypt;
 
 use picky_krb::crypto::CipherSuite;
 use yew::{classes, function_component, html, Callback, Html, Properties, UseStateSetter};
 
 use self::krb::build_krb_input;
 use self::rsa::build_rsa_input;
+use self::bcrypt::build_bcrypt_input;
 use super::algorithm::{KrbInput, KrbMode};
 use super::Algorithm;
 use crate::common::build_byte_input;
@@ -81,6 +83,10 @@ fn get_input_components(algorithm: &Algorithm, setter: &UseStateSetter<Algorithm
             input.clone(),
             Callback::from(move |input| setter.set(Algorithm::Rsa(input))),
         ),
+        Algorithm::Bcrypt(input) => build_bcrypt_input(
+            input.clone(),
+            Callback::from(move |input| setter.set(Algorithm::Bcrypt(input))),
+        ),
     }
 }