Mirrored_Repos/obs-websocket
1
0
Fork 0
mirror of https://github.com/Palakis/obs-websocket.git synced 2024-08-30 18:12:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Utils/Crypto: Use better method for GenerateSecret

Browse Source 
Thanks to micolous for the suggestion
This commit is contained in:
tt2468 2021-09-24 18:39:46 -07:00
parent 61973e75dc
commit c73a153c9a
1 changed files with 8 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/utils/Crypto.cpp
View File

@ -25,19 +25,15 @@ std::string Utils::Crypto::GenerateSalt()
std::string Utils::Crypto::GenerateSecret(std::string password, std::string salt) std::string Utils::Crypto::GenerateSecret(std::string password, std::string salt)
{ {
// Concatenate the password and the salt // Create challenge hash
QString passAndSalt = ""; auto challengeHash = QCryptographicHash(QCryptographicHash::Algorithm::Sha256);
passAndSalt += QString::fromStdString(password); // Add password bytes to hash
passAndSalt += QString::fromStdString(salt); challengeHash.addData(QByteArray::fromStdString(password));
// Add salt bytes to hash
challengeHash.addData(QByteArray::fromStdString(salt));
// Generate a SHA256 hash of the password and salt // Generate SHA256 hash then encode to Base64
auto challengeHash = QCryptographicHash::hash( return challengeHash.result().toBase64().toStdString();
passAndSalt.toUtf8(),
QCryptographicHash::Algorithm::Sha256
);
// Encode SHA256 hash to Base64
return challengeHash.toBase64().toStdString();
} }
bool Utils::Crypto::CheckAuthenticationString(std::string secret, std::string challenge, std::string authenticationString) bool Utils::Crypto::CheckAuthenticationString(std::string secret, std::string challenge, std::string authenticationString)