blog password hash

2016-05-21 14:41:48 +01:00 · 2016-05-21 14:41:48 +01:00 · 490dcdac4a
parent 71636c07ae
commit 490dcdac4a
2 changed files with 24 additions and 0 deletions
--- a/man/freedombone-sec.1.gz
+++ b/man/freedombone-sec.1.gz
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@ -959,6 +959,23 @@ function monkeysphere_sign_server_keys {
 	exit 0
 }

+function blog_hash {
+	# produces a hash corresponding to a blog password
+	pass="$1"
+	BLOGHASH_FILENAME=/usr/bin/bloghash
+
+	echo '<?php' > $BLOGHASH_FILENAME
+	echo 'parse_str(implode("&", array_slice($argv, 1)), $_GET);' >> $BLOGHASH_FILENAME
+	echo '$password = $_GET["password"];' >> $BLOGHASH_FILENAME
+	echo '$hash = password_hash($password, PASSWORD_BCRYPT);' >> $BLOGHASH_FILENAME
+	echo 'if (password_verify($password, $hash)) {' >> $BLOGHASH_FILENAME
+	echo '  echo $hash;' >> $BLOGHASH_FILENAME
+	echo '}' >> $BLOGHASH_FILENAME
+	echo '?>' >> $BLOGHASH_FILENAME
+
+	php $BLOGHASH_FILENAME password="$pass"
+}
+
 function show_help {
  echo ''
  echo "${PROJECT_NAME}-sec"
@ -972,6 +989,7 @@ function show_help {
  echo $'  -r --refresh             Refresh GPG keys for all users'
  echo $'  -s --sign                Sign monkeysphere server keys'
  echo $'     --register [domain]   Register a https domain with monkeysphere'
+  echo $'  -b --bloghash [password] Returns the hash of a password for the blog'
  echo ''
  exit 0
 }
@ -1011,6 +1029,12 @@ case $key in
 	shift
 	monkeysphere_sign_server_keys
 	;;
+	# get a hash of the given blog password
+	-b|--bloghash)
+	shift
+	blog_hash "$1"
+	exit 0
+	;;
 	*)
 	# unknown option
 	;;