Commit graph

13 commits

Author SHA1 Message Date
71b68f79a3
Update password hash count in test output
The expected output counts for password hash matches in the pwned passwords database have been updated in multiple test scenarios. The changes reflect recent statistics, ensuring the tests' output aligns with current data for greater test accuracy.
2024-03-14 22:19:50 +01:00
00d56b9ce3
Improved test coverage 2023-02-09 22:25:08 +01:00
179cd36d7f
#27: Implement NTLM hash support for PwnedPassAPI
This PR implements support for NTLM hashes as announced by Troy Hunt:
https://s.pebcak.de/@troyhunt@infosec.exchange/109833758367903768

For this we needed to be able to calculate MD4 hashes, as NTLM basically is calculated like this: `MD4(UTF-16LE(pw))`. For this we ported the official golang.org/x/crypto/md4 package, so we can still claim that "only depends on Go stdlib"

A new Client option has been introduced: `WithPwnedNTLMHash`. If the client is initalized with this option, all generic methods (`ListHashesPassword` and `CheckPassword`) will  operate on NTLM hashes.

Additionally, there are now equivalent methods for checking passwords and listing hashes for NTLM: `CheckNTLM` and `ListHashesNTLM`
2023-02-09 17:07:20 +01:00
f143794341
Overhauling error handling of the different APIs as part of #24
- More error generalization
- Fixed PwnedPasswords API errors
- Added SHA1 hash validation with corresponding error
- More tests for error handling
2022-12-22 15:59:48 +01:00
20ebd4c965
Implement a golangci-lint workflow and the accordingly GH action 2022-10-29 15:32:12 +02:00
540e745c7f
Fixed output results in PwnedPassApi tests 2022-10-01 15:04:06 +02:00
05ea767ee1
#14: Add ListHashes*() methods to get access to all returned hashes
- This method replaces the previously private apiCall() method
- Added `ListHashesSHA1()` as well as `ListHashesPassword()` to keep consistency in the naming schema
- Added length checks for SHA1() methods
- Added length check for Prefix() method
2022-06-08 17:26:41 +02:00
1c699aca31
v1.0.2: More tests and better README.md. 2022-05-08 12:44:20 +02:00
77e5a4345d
Moved all code examples into the test files using GoDoc syntax 2022-05-08 12:02:58 +02:00
7da9c54633
Makes no sense to return a Client pointer. Also cleaned up examples directory 2021-09-22 15:46:36 +02:00
f7588a863c Introducing the breaches API
So far only the "list all breaches" API is implemented, though
2021-09-21 19:46:48 +02:00
277b45ec8d
Added breaches 2021-09-21 18:21:23 +02:00
44451d4f76
v0.1.1: Complete refactor 2021-09-21 11:21:04 +02:00