2021-09-19 17:47:50 +02:00
|
|
|
package hibp
|
2021-04-29 12:22:10 +02:00
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
|
|
|
"crypto/sha1"
|
|
|
|
"fmt"
|
|
|
|
"log"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
2021-09-19 17:47:50 +02:00
|
|
|
// Check queries the HIBP database and checks if a given string is was found
|
|
|
|
func Check(p string) (bool, error) {
|
2021-04-29 12:22:10 +02:00
|
|
|
shaSum := fmt.Sprintf("%x", sha1.Sum([]byte(p)))
|
|
|
|
firstPart := shaSum[0:5]
|
|
|
|
secondPart := shaSum[5:]
|
|
|
|
isPwned := false
|
|
|
|
|
|
|
|
httpClient := &http.Client{Timeout: time.Second * 2}
|
|
|
|
httpRes, err := httpClient.Get("https://api.pwnedpasswords.com/range/" + firstPart)
|
|
|
|
if err != nil {
|
|
|
|
return false, err
|
|
|
|
}
|
|
|
|
defer func() {
|
|
|
|
err := httpRes.Body.Close()
|
|
|
|
if err != nil {
|
2021-04-29 12:22:31 +02:00
|
|
|
log.Printf("error while closing HTTP response body: %v\n", err)
|
2021-04-29 12:22:10 +02:00
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
scanObj := bufio.NewScanner(httpRes.Body)
|
|
|
|
for scanObj.Scan() {
|
|
|
|
scanLine := strings.SplitN(scanObj.Text(), ":", 2)
|
|
|
|
if strings.ToLower(scanLine[0]) == secondPart {
|
|
|
|
isPwned = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if err := scanObj.Err(); err != nil {
|
|
|
|
return isPwned, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return isPwned, nil
|
|
|
|
}
|