From e9f447d1fbbf9c6098d6f3ea9c4695b60a68cead Mon Sep 17 00:00:00 2001 From: Harishankar Date: Tue, 5 May 2020 21:07:49 +0530 Subject: [PATCH] Fixed bug in hashing and represented hash as a hexadecimal Fixed bug for password comparison and made the password save in hexadecimal format --- wordblox.h | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/wordblox.h b/wordblox.h index b657986..f7a3ce4 100644 --- a/wordblox.h +++ b/wordblox.h @@ -101,6 +101,23 @@ err: exit (2); } +/* convert the hashed binary password to hexadecimal representation and + free the hashed binary password */ +void to_hexadecimal (char *hex, unsigned char *binary_pwd, unsigned int len) +{ + char buf[3]; + /* keep reference to beginning of the hashed password */ + unsigned char *binary_pw_begin = binary_pwd; + for (int i = 0; i < len; i ++) + { + sprintf (buf, "%02x", (*binary_pwd)&0xff); + strcat (hex, buf); + binary_pwd ++; + } + /* free the hashed password */ + OPENSSL_free (binary_pw_begin); +} + /* get a number from the user */ int get_num () { @@ -122,13 +139,12 @@ bool verify_password (Puzzle *p, const char* password) unsigned int len; digest_message ((const unsigned char *)password, strlen(password), &hashed_password, &len); + char hashed_hex_pwd[256] = { (char) NULL }; + to_hexadecimal (hashed_hex_pwd, hashed_password, len); - if (strcmp (p->hashed_password, (const char*) hashed_password) == 0) - { - OPENSSL_free (hashed_password); + if (strcmp (p->hashed_password, hashed_hex_pwd) == 0) return true; - } - OPENSSL_free (hashed_password); + return false; } @@ -148,9 +164,14 @@ void set_puzzle_password (Puzzle *p, const char *password) unsigned int len; digest_message ((const unsigned char *)password, strlen(password), &hashedpwd, &len); - strcpy (p->hashed_password, (const char *)hashedpwd); + /* the hashedpwd contains binary data - we will convert it to + hexadecimal data and store in file */ + + to_hexadecimal (p->hashed_password, hashedpwd, len); + printf ("%s\n", p->hashed_password); + strcpy (p->salt, "\0"); - OPENSSL_free (hashedpwd); + } } -- 2.20.1