Added bcrypt module

modules/bcrypt/CFunctions.cpp

@@ -0,0 +1,101 @@
+/*********************************************************
+*
+*  Multi Theft Auto: San Andreas - Deathmatch
+*
+*  ml_base, External lua add-on module
+*
+*  Copyright © 2003-2008 MTA.  All Rights Reserved.
+*
+*  Grand Theft Auto is © 2002-2003 Rockstar North
+*
+*  THE FOLLOWING SOURCES ARE PART OF THE MULTI THEFT
+*  AUTO SOFTWARE DEVELOPMENT KIT AND ARE RELEASED AS
+*  OPEN SOURCE FILES. THESE FILES MAY BE USED AS LONG
+*  AS THE DEVELOPER AGREES TO THE LICENSE THAT IS
+*  PROVIDED WITH THIS PACKAGE.
+*
+*********************************************************/
+
+#include "CFunctions.h"
+#include "extra/CLuaArguments.h"
+#include <cstring>
+#include <random>
+#include <algorithm>
+
+namespace blowfish
+{
+    extern "C"
+    {
+        #include "libs/blowfish/ow-crypt.h"
+    }
+}
+
+#define HASH_SIZE 60
+#define SALT_SIZE 30 
+#define ENTROPY_SIZE 32
+
+
+int CFunctions::BcryptDigest ( lua_State* L )
+{
+    if ( L )
+    {
+        const char* key = luaL_checkstring ( L, 1 );
+        const char* salt = luaL_checkstring ( L, 2 );
+
+        char hash [HASH_SIZE+1];
+        blowfish::crypt_rn ( key, salt, hash, sizeof(hash) );
+        lua_pushlstring ( L, hash, HASH_SIZE );
+
+        return 1;
+    }
+
+    lua_pushboolean ( L, false );
+    return 1;
+}
+
+int CFunctions::BcryptSalt ( lua_State* L )
+{
+    if ( L )
+    {
+        unsigned long logRounds = luaL_checkinteger ( L, 1 );
+
+        char salt [SALT_SIZE];
+        char entropy [ENTROPY_SIZE];
+
+        std::random_device rd;
+        std::mt19937 gen ( rd ( ) );
+        std::generate_n ( entropy, ENTROPY_SIZE, gen );
+
+
+        blowfish::crypt_gensalt_rn ( "$2y$", logRounds, entropy, sizeof ( entropy ), salt, sizeof ( salt ) );
+        lua_pushlstring ( L, salt, sizeof ( salt ) );
+
+        return 1;
+    }
+
+    lua_pushboolean ( L, false );
+    return 1;
+}
+
+int CFunctions::BcryptVerify ( lua_State* L )
+{
+    if ( L )
+    {
+        const char* key = luaL_checkstring ( L, 1 );
+        const char* digest = luaL_checkstring ( L, 2 );
+
+        char hash [HASH_SIZE+1];
+        memset ( hash, 0, sizeof ( hash ) );
+
+        blowfish::crypt_rn ( key, digest, hash, sizeof ( hash ) );
+
+        int verified = strncmp ( hash, digest, sizeof ( hash ) ) == 0;
+
+        lua_pushboolean ( L, verified );
+
+        return 1;
+    }
+
+    lua_pushboolean ( L, false );
+    return 1;
+}

modules/bcrypt/CFunctions.h

@@ -0,0 +1,38 @@
+/*********************************************************
+*
+*  Multi Theft Auto: San Andreas - Deathmatch
+*
+*  ml_base, External lua add-on module
+*
+*  Copyright © 2003-2008 MTA.  All Rights Reserved.
+*
+*  Grand Theft Auto is © 2002-2003 Rockstar North
+*
+*  THE FOLLOWING SOURCES ARE PART OF THE MULTI THEFT
+*  AUTO SOFTWARE DEVELOPMENT KIT AND ARE RELEASED AS
+*  OPEN SOURCE FILES. THESE FILES MAY BE USED AS LONG
+*  AS THE DEVELOPER AGREES TO THE LICENSE THAT IS
+*  PROVIDED WITH THIS PACKAGE.
+*
+*********************************************************/
+
+class CFunctions;
+
+#ifndef __CFUNCTIONS_H
+#define __CFUNCTIONS_H
+
+#include <stdio.h>
+
+#include "include/ILuaModuleManager.h"
+extern ILuaModuleManager10 *pModuleManager;
+
+class CFunctions
+{
+public:
+
+        static int BcryptDigest ( lua_State* luaVM );
+        static int BcryptSalt   ( lua_State* luaVM );
+        static int BcryptVerify ( lua_State* luaVM );
+
+};
+#endif

modules/bcrypt/Common.h

@@ -0,0 +1,59 @@
+/*********************************************************
+*
+*  Multi Theft Auto: San Andreas - Deathmatch
+*
+*  ml_base, External lua add-on module
+*
+*  Copyright � 2003-2008 MTA.  All Rights Reserved.
+*
+*  Grand Theft Auto is � 2002-2003 Rockstar North
+*
+*  THE FOLLOWING SOURCES ARE PART OF THE MULTI THEFT
+*  AUTO SOFTWARE DEVELOPMENT KIT AND ARE RELEASED AS
+*  OPEN SOURCE FILES. THESE FILES MAY BE USED AS LONG
+*  AS THE DEVELOPER AGREES TO THE LICENSE THAT IS
+*  PROVIDED WITH THIS PACKAGE.
+*
+*********************************************************/
+
+extern "C"
+{
+    #include "lua.h"
+    #include "lualib.h"
+    #include "lauxlib.h"
+}
+
+#ifdef WIN32
+    #define MTAEXPORT extern "C" __declspec(dllexport)
+#else
+    #define MTAEXPORT extern "C"
+#endif
+
+using namespace std;
+
+#ifndef __COMMON_H
+#define __COMMON_H
+
+// used in the function argument vector
+#define MAX_ARGUMENTS 10
+struct FunctionArguments
+{
+    lua_State* luaVM;
+    unsigned char nArguments;
+    unsigned char Type[10];
+    void*   Arguments[10];
+};
+
+namespace FunctionArgumentType
+{
+    enum
+    {
+        TYPE_NUMBER = 1,
+        TYPE_STRING = 2,
+        TYPE_LIGHTUSERDATA = 3,
+        TYPE_BOOLEAN = 4,
+        TYPE_NIL = 5,
+        TYPE_TABLE = 6
+    };
+}
+#endif

modules/bcrypt/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2008 Multi Theft Auto
+
+This software is provided 'as-is', without any express or implied
+warranty. In no event will the authors be held liable for any damages
+arising from the use of this software.
+
+Permission is granted to anyone to use this software for any purpose,
+excluding commercial applications, and to alter it and redistribute it
+freely, subject to the following restrictions:
+
+1. The origin of this software must not be misrepresented; you must not
+claim that you wrote the original software. If you use this software
+in a product, an acknowledgment in the product documentation would be
+appreciated but is not required.
+
+2. Altered source versions must be plainly marked as such, and must not be
+misrepresented as being the original software.
+
+3. This notice may not be removed or altered from any source
+distribution.

modules/bcrypt/README.md

@@ -0,0 +1,55 @@
+# ml_bcrypt - MTA bcrypt module
+
+Bcrypt module for MTA:SA, for your passwords. Just three handy functions: `bcrypt_digest`, `bcrypt_salt`, and `bcrypt_verify`.
+
+## Compiling
+### Windows
+```
+premake5.exe vs2015
+```
+The project files are available in `Build/` then.
+
+### Linux
+```
+./premake5 gmake
+
+# Use either of the following commands
+make all # Builds all (both debug and release for x86 and x64 - you'll need gcc-multilib then, not recommended - use one of the commands below instead)
+make config=release_x86 all # Release build for the x86 platform
+make config=release_x64 all # Release build for the x86_64 platform
+```
+
+## Documentation
+### bcrypt_digest
+    string bcrypt_digest(string key, string salt)
+Returns the hash.
+
+### bcrypt_salt
+    string bcrypt_salt(int logRounds)
+Please visit [this link](http://security.stackexchange.com/questions/17207/recommended-of-rounds-for-bcrypt) to determine the number of rounds appropriate for your server.
+Returns the salt.
+
+### bcrypt_verify
+    bool bcrypt_verify(string key, string digest)
+Returns whether it is verified. [How does it get the salt?](http://stackoverflow.com/a/6833165/1517394)
+
+### Example
+Here's some code that explains the use of all these functions, remember that the database functions mentioned in this aren't real functions and are just for this demonstration.
+```lua
+-- Get this information by conventional means
+myName = "qaisjp"
+myRegisterPassword = "LoLIcon"
+
+-- When registering
+-- A higher amount of rounds might result in your server freezing for several seconds/minutes
+-- Dev notes: A rewrite of the resource should use a separate thread for the log rounds
+mySalt = bcrypt_salt(15) 
+hashedPassword = bcrypt_digest(myRegisterPassword, mySalt)
+savePasswordInDatabase(myName, hashedPassword)
+
+-- Now I want to login
+myLoginPassword = "LoLIcon"
+if bcrypt_verify(hashedPasswordFromDatabase, myLoginPassword) then
+    outputChatBox("Password verified")
+end
+```