Commit graph

11 commits

Author SHA1 Message Date
179cd36d7f
#27: Implement NTLM hash support for PwnedPassAPI
This PR implements support for NTLM hashes as announced by Troy Hunt:
https://s.pebcak.de/@troyhunt@infosec.exchange/109833758367903768

For this we needed to be able to calculate MD4 hashes, as NTLM basically is calculated like this: `MD4(UTF-16LE(pw))`. For this we ported the official golang.org/x/crypto/md4 package, so we can still claim that "only depends on Go stdlib"

A new Client option has been introduced: `WithPwnedNTLMHash`. If the client is initalized with this option, all generic methods (`ListHashesPassword` and `CheckPassword`) will  operate on NTLM hashes.

Additionally, there are now equivalent methods for checking passwords and listing hashes for NTLM: `CheckNTLM` and `ListHashesNTLM`
2023-02-09 17:07:20 +01:00
77a3b1f3c5
Better test coverage 2022-10-29 16:58:56 +02:00
20ebd4c965
Implement a golangci-lint workflow and the accordingly GH action 2022-10-29 15:32:12 +02:00
af15c66865
Adding RateLimitSleep() to all tests 2022-05-07 14:55:33 +02:00
842cc122a5
Fix code smell in WithUserAgent() option detected by SonarQube 2022-04-12 22:52:24 +02:00
7da9c54633
Makes no sense to return a Client pointer. Also cleaned up examples directory 2021-09-22 15:46:36 +02:00
ed7f680919
Added BreachedAccount() to breaches API
Also added WithUserAgent() to the HIBP client for custom UA configuration
2021-09-22 13:59:22 +02:00
a50a8603eb Wrong type in Errorf() 2021-09-21 19:47:17 +02:00
277b45ec8d
Added breaches 2021-09-21 18:21:23 +02:00
15e1aed098
Make GoLinter happy 2021-09-21 11:26:48 +02:00
44451d4f76
v0.1.1: Complete refactor 2021-09-21 11:21:04 +02:00