wneessen/go-hibp
1
1
Fork 0
mirror of https://github.com/wneessen/go-hibp.git synced 2024-09-17 17:12:47 +02:00
Code Issues Projects Releases Packages Wiki Activity
89 commits 3 branches 12 tags 199 KiB
Commit graph

9 commits

Author SHA1 Message Date
Winni Neessen
179cd36d7f
#27: Implement NTLM hash support for PwnedPassAPI 
This PR implements support for NTLM hashes as announced by Troy Hunt:
https://s.pebcak.de/@troyhunt@infosec.exchange/109833758367903768

For this we needed to be able to calculate MD4 hashes, as NTLM basically is calculated like this: `MD4(UTF-16LE(pw))`. For this we ported the official golang.org/x/crypto/md4 package, so we can still claim that "only depends on Go stdlib"

A new Client option has been introduced: `WithPwnedNTLMHash`. If the client is initalized with this option, all generic methods (`ListHashesPassword` and `CheckPassword`) will  operate on NTLM hashes.

Additionally, there are now equivalent methods for checking passwords and listing hashes for NTLM: `CheckNTLM` and `ListHashesNTLM`
 2023-02-09 17:07:20 +01:00
Winni Neessen
f143794341
Overhauling error handling of the different APIs as part of #24 
- More error generalization
- Fixed PwnedPasswords API errors
- Added SHA1 hash validation with corresponding error
- More tests for error handling
 2022-12-22 15:59:48 +01:00
Winni Neessen
20ebd4c965
Implement a golangci-lint workflow and the accordingly GH action 2022-10-29 15:32:12 +02:00
Winni Neessen
8fe5b208a5
#14: Skip padding results in the API response, which can be identified by having a zero count 2022-06-09 16:21:10 +02:00
Winni Neessen
05ea767ee1
#14: Add ListHashes*() methods to get access to all returned hashes 
- This method replaces the previously private apiCall() method
- Added `ListHashesSHA1()` as well as `ListHashesPassword()` to keep consistency in the naming schema
- Added length checks for SHA1() methods
- Added length check for Prefix() method
 2022-06-08 17:26:41 +02:00
Winni Neessen
1c699aca31
v1.0.2: More tests and better README.md. 2022-05-08 12:44:20 +02:00
Winni Neessen
f7588a863c Introducing the breaches API 
So far only the "list all breaches" API is implemented, though
 2021-09-21 19:46:48 +02:00
Winni Neessen
277b45ec8d
Added breaches 2021-09-21 18:21:23 +02:00
Winni Neessen
44451d4f76
v0.1.1: Complete refactor 2021-09-21 11:21:04 +02:00