From: Harishankar <v.harishankar@gmail.com>
Date: Tue, 5 May 2020 15:37:49 +0000 (+0530)
Subject: Fixed bug in hashing and represented hash as a hexadecimal
X-Git-Tag: 0.1a~12
X-Git-Url: https://harishankar.org/repos/?p=wordblah.git;a=commitdiff_plain;h=e9f447d1fbbf9c6098d6f3ea9c4695b60a68cead

Fixed bug in hashing and represented hash as a hexadecimal
Fixed bug for password comparison and made the password save in
hexadecimal format
---

diff --git a/wordblox.h b/wordblox.h
index b657986..f7a3ce4 100644
--- a/wordblox.h
+++ b/wordblox.h
@@ -101,6 +101,23 @@ err:
 	exit (2);
 }
 
+/* convert the hashed binary password to hexadecimal representation and
+   free the hashed binary password */
+void to_hexadecimal (char *hex, unsigned char *binary_pwd, unsigned int len)
+{
+	char buf[3];
+	/* keep reference to beginning of the hashed password */
+	unsigned char *binary_pw_begin = binary_pwd;
+	for (int i = 0; i < len; i ++)
+	{
+		sprintf (buf, "%02x", (*binary_pwd)&0xff);
+		strcat (hex, buf);
+		binary_pwd ++;
+	}
+	/* free the hashed password */
+	OPENSSL_free (binary_pw_begin);	
+}
+
 /* get a number from the user */
 int get_num ()
 {
@@ -122,13 +139,12 @@ bool verify_password (Puzzle *p, const char* password)
 	unsigned int len;
 	digest_message ((const unsigned char *)password, strlen(password),
 						&hashed_password, &len);
+	char hashed_hex_pwd[256] = { (char) NULL };
+	to_hexadecimal (hashed_hex_pwd, hashed_password, len);
 	
-	if (strcmp (p->hashed_password, (const char*) hashed_password) == 0)
-	{
-		OPENSSL_free (hashed_password);
+	if (strcmp (p->hashed_password, hashed_hex_pwd) == 0)
 		return true;
-	}
-	OPENSSL_free (hashed_password);	
+	
 	return false;
 }
 
@@ -148,9 +164,14 @@ void set_puzzle_password (Puzzle *p, const char *password)
 		unsigned int len;
 		digest_message ((const unsigned char *)password, strlen(password),
 						&hashedpwd, &len);
-		strcpy (p->hashed_password, (const char *)hashedpwd);
+		/* the hashedpwd contains binary data - we will convert it to 
+		   hexadecimal data and store in file */
+
+		to_hexadecimal (p->hashed_password, hashedpwd, len);
+		printf ("%s\n", p->hashed_password);
+		
 		strcpy (p->salt, "\0");
-		OPENSSL_free (hashedpwd);
+
 	}
 }