[thirdparty/pdns.git] / pdns / credentials.hh

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#pragma once

#include <memory>
#include <string>

class SensitiveData
{
public:
  SensitiveData(size_t bytes);
  SensitiveData(std::string&& data);
  SensitiveData& operator=(SensitiveData&&) noexcept;

  ~SensitiveData();
  void clear();
  const std::string& getString() const
  {
    return d_data;
  }
  std::string& getString()
  {
    return d_data;
  }

private:
  std::string d_data;
};

std::string hashPassword(const std::string& password);
std::string hashPassword(const std::string& password, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize);
bool verifyPassword(const std::string& hash, const std::string& password);
bool verifyPassword(const std::string& binaryHash, const std::string& salt, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize, const std::string& binaryPassword);
bool isPasswordHashed(const std::string& password);

class CredentialsHolder
{
public:
  /* if hashPlaintext is true, the password is in cleartext and hashing is available,
     the hashed form will be kept in memory.
     Note that accepting hashed password from an untrusted source might open
     us to a denial of service, since we currently don't cap the the parameters,
     including the work factor */
  CredentialsHolder(std::string&& password, bool hashPlaintext);
  ~CredentialsHolder();

  CredentialsHolder(const CredentialsHolder&) = delete;
  CredentialsHolder& operator=(const CredentialsHolder&) = delete;

  bool matches(const std::string& password) const;
  /* whether it was constructed from a hashed and salted string */
  bool wasHashed() const
  {
    return d_wasHashed;
  }
  /* whether it is hashed in memory */
  bool isHashed() const
  {
    return d_isHashed;
  }

  static bool isHashingAvailable();
  static SensitiveData readFromTerminal();

  static uint64_t const s_defaultWorkFactor;
  static uint64_t const s_defaultParallelFactor;
  static uint64_t const s_defaultBlockSize;

private:
  SensitiveData d_credentials;
  /* if the password is hashed, we only extract
     the salt and parameters once */
  std::string d_salt;
  uint64_t d_workFactor{0};
  uint64_t d_parallelFactor{0};
  uint64_t d_blockSize{0};
  /* seed our hash so it's not predictable */
  uint32_t d_fallbackHashPerturb{0};
  uint32_t d_fallbackHash{0};
  /* whether it was constructed from a hashed and salted string */
  bool d_wasHashed{false};
  /* whether it is hashed in memory */
  bool d_isHashed{false};
};
Commit	Line	Data
cfe95ada RG	1	/*
	2	* This file is part of PowerDNS or dnsdist.
	3	* Copyright -- PowerDNS.COM B.V. and its contributors
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of version 2 of the GNU General Public License as
	7	* published by the Free Software Foundation.
	8	*
	9	* In addition, for the avoidance of any doubt, permission is granted to
	10	* link this program with OpenSSL and to (re)distribute the binaries
	11	* produced as the result of such linking.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program; if not, write to the Free Software
	20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	21	*/
	22	#pragma once
	23
061bc5f0	24	#include <memory>
cfe95ada RG	25	#include <string>
cfe95ada RG	26
8a6030b6 RG	27	class SensitiveData
	28	{
	29	public:
	30	SensitiveData(size_t bytes);
	31	SensitiveData(std::string&& data);
71633799	32	SensitiveData& operator=(SensitiveData&&) noexcept;
0bc984f9	33
8a6030b6 RG	34	~SensitiveData();
	35	void clear();
	36	const std::string& getString() const
	37	{
	38	return d_data;
	39	}
	40	std::string& getString()
	41	{
	42	return d_data;
	43	}
	44
	45	private:
	46	std::string d_data;
	47	};
	48
cfe95ada	49	std::string hashPassword(const std::string& password);
4ec3ff03	50	std::string hashPassword(const std::string& password, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize);
cfe95ada	51	bool verifyPassword(const std::string& hash, const std::string& password);
8a6030b6	52	bool verifyPassword(const std::string& binaryHash, const std::string& salt, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize, const std::string& binaryPassword);
cfe95ada RG	53	bool isPasswordHashed(const std::string& password);
	54
	55	class CredentialsHolder
	56	{
	57	public:
8a6030b6 RG	58	/* if hashPlaintext is true, the password is in cleartext and hashing is available,
	59	the hashed form will be kept in memory.
	60	Note that accepting hashed password from an untrusted source might open
	61	us to a denial of service, since we currently don't cap the the parameters,
	62	including the work factor */
64c4f83c	63	CredentialsHolder(std::string&& password, bool hashPlaintext);
cfe95ada RG	64	~CredentialsHolder();
	65
	66	CredentialsHolder(const CredentialsHolder&) = delete;
	67	CredentialsHolder& operator=(const CredentialsHolder&) = delete;
	68
	69	bool matches(const std::string& password) const;
32e8669a RG	70	/* whether it was constructed from a hashed and salted string */
32e8669a RG	71	bool wasHashed() const
cfe95ada	72	{
32e8669a	73	return d_wasHashed;
cfe95ada	74	}
64c4f83c RG	75	/* whether it is hashed in memory */
	76	bool isHashed() const
	77	{
	78	return d_isHashed;
	79	}
cfe95ada RG	80
cfe95ada RG	81	static bool isHashingAvailable();
8a6030b6 RG	82	static SensitiveData readFromTerminal();
	83
	84	static uint64_t const s_defaultWorkFactor;
	85	static uint64_t const s_defaultParallelFactor;
	86	static uint64_t const s_defaultBlockSize;
cfe95ada RG	87
cfe95ada RG	88	private:
8a6030b6 RG	89	SensitiveData d_credentials;
	90	/* if the password is hashed, we only extract
	91	the salt and parameters once */
	92	std::string d_salt;
	93	uint64_t d_workFactor{0};
	94	uint64_t d_parallelFactor{0};
	95	uint64_t d_blockSize{0};
	96	/* seed our hash so it's not predictable */
0bc984f9	97	uint32_t d_fallbackHashPerturb{0};
b2504b29	98	uint32_t d_fallbackHash{0};
32e8669a RG	99	/* whether it was constructed from a hashed and salted string */
32e8669a RG	100	bool d_wasHashed{false};
64c4f83c RG	101	/* whether it is hashed in memory */
64c4f83c RG	102	bool d_isHashed{false};
cfe95ada	103	};