diff options
| author | Andinus <andinus@inventati.org> | 2020-03-16 17:29:15 +0530 |
|---|---|---|
| committer | Andinus <andinus@inventati.org> | 2020-03-16 17:29:15 +0530 |
| commit | b75359931e3c5baaded6d0addb6d28f750dcd518 (patch) | |
| tree | d21197d18dad2bc58d081263c0192abc7110edaa /hibp | |
| parent | 553079dc017a44164cd04d4c067c061003e1684f (diff) | |
| download | orion-b75359931e3c5baaded6d0addb6d28f750dcd518.tar.gz | |
Add initial version of orion v0.1.0
Diffstat (limited to 'hibp')
| -rw-r--r-- | hibp/hash.go | 15 | ||||
| -rw-r--r-- | hibp/pwned.go | 40 | ||||
| -rw-r--r-- | hibp/req.go | 35 |
3 files changed, 90 insertions, 0 deletions
diff --git a/hibp/hash.go b/hibp/hash.go new file mode 100644 index 0000000..25249ed --- /dev/null +++ b/hibp/hash.go @@ -0,0 +1,15 @@ +package hibp + +import ( + "crypto/sha1" + "encoding/hex" + "strings" +) + +// GetHsh takes a string as an input & returns SHA-1 Hash +func GetHsh(pass string) string { + alg := sha1.New() + alg.Write([]byte(pass)) + + return strings.ToUpper(hex.EncodeToString(alg.Sum(nil))) +} diff --git a/hibp/pwned.go b/hibp/pwned.go new file mode 100644 index 0000000..57a1727 --- /dev/null +++ b/hibp/pwned.go @@ -0,0 +1,40 @@ +package hibp + +import ( + "fmt" + "strings" +) + +// GetPwned takes SHA-1 Hash as input & returns Pwned Passwords list +// returned by the Have I Been Pwned API +func GetPwned(hsh string) (map[string]string, error) { + api := "https://api.pwnedpasswords.com/range" + list := make(map[string]string) + + pfx := hsh[:5] + + reqApi := fmt.Sprintf("%s/%s", api, pfx) + body, err := reqHIBP(reqApi) + if err != nil { + return list, fmt.Errorf("reqHIBP failed\n%s", + err.Error()) + } + + for _, v := range strings.Split(body, "\r\n") { + s := strings.Split(v, ":") + list[s[0]] = s[1] + } + return list, err +} + +// ChkPwn takes list, hash as input & returns if the hash is in list, +// the frequency +func ChkPwn(list map[string]string, hsh string) (bool, string) { + sfx := hsh[5:] + for k, fq := range list { + if sfx == k { + return true, fq + } + } + return false, "" +} diff --git a/hibp/req.go b/hibp/req.go new file mode 100644 index 0000000..a3085da --- /dev/null +++ b/hibp/req.go @@ -0,0 +1,35 @@ +package hibp + +import ( + "fmt" + "io/ioutil" + "net/http" +) + +func reqHIBP(reqApi string) (string, error) { + req, err := http.NewRequest(http.MethodGet, reqApi, nil) + if err != nil { + return "", fmt.Errorf("request init failed\n%s", + err.Error()) + } + + c := http.Client{} + res, err := c.Do(req) + if err != nil { + return "", fmt.Errorf("request failed\n%s", + err.Error()) + } + defer res.Body.Close() + + if res.StatusCode != 200 { + return "", fmt.Errorf("Unexpected response status code received: %d %s", + res.StatusCode, http.StatusText(res.StatusCode)) + } + + body, err := ioutil.ReadAll(res.Body) + if err != nil { + return "", fmt.Errorf("reading res.Body failed\n%s", + err.Error()) + } + return string(body), err +} |