apg-go/hibp/hibp.go

46 lines
940 B
Go
Raw Normal View History

package hibp
import (
"bufio"
"crypto/sha1"
"fmt"
"log"
"net/http"
"strings"
"time"
)
// Check queries the HIBP database and checks if a given string is was found
func Check(p string) (bool, error) {
shaSum := fmt.Sprintf("%x", sha1.Sum([]byte(p)))
firstPart := shaSum[0:5]
secondPart := shaSum[5:]
isPwned := false
httpClient := &http.Client{Timeout: time.Second * 2}
httpRes, err := httpClient.Get("https://api.pwnedpasswords.com/range/" + firstPart)
if err != nil {
return false, err
}
defer func() {
err := httpRes.Body.Close()
if err != nil {
2021-04-29 12:22:31 +02:00
log.Printf("error while closing HTTP response body: %v\n", err)
}
}()
scanObj := bufio.NewScanner(httpRes.Body)
for scanObj.Scan() {
scanLine := strings.SplitN(scanObj.Text(), ":", 2)
if strings.ToLower(scanLine[0]) == secondPart {
isPwned = true
break
}
}
if err := scanObj.Err(); err != nil {
return isPwned, err
}
return isPwned, nil
}