Commit graph

97 commits

Author SHA1 Message Date
Shannon Wynter
fa49a73950
Merge a68273e21f into 758c046b43 2024-04-03 15:34:47 +10:00
Shannon Wynter
a68273e21f Add missing API 2024-04-03 15:31:21 +10:00
758c046b43
Merge pull request #32 from wneessen/fix_possible_out-of-index_access
Fix possible out of index access
2024-03-14 23:10:32 +01:00
b66183134d
Update Go versions in GitHub Actions workflows
This commit updates the Go versions specified in the GitHub Actions workflows. The versions in 'codecov_testonly.yml', 'golangci-lint.yml', 'codecov.yml', and 'sonarqube.yml' files have been updated to more recent versions. These updates ensure the workflows use up-to-date Go language features and maintain compatibility with the latest Go releases.
2024-03-14 22:23:07 +01:00
71b68f79a3
Update password hash count in test output
The expected output counts for password hash matches in the pwned passwords database have been updated in multiple test scenarios. The changes reflect recent statistics, ensuring the tests' output aligns with current data for greater test accuracy.
2024-03-14 22:19:50 +01:00
5a7b9012e6
Remove .idea directory from versioning and add to .gitignore
Deleted all .idea directory files from the repository as these files pertain to individual IDE settings and should not be versioned. The .idea directory has been added to the .gitignore file to keep local IDE settings private and maintain overall repository cleanliness.
2024-03-14 22:15:14 +01:00
e616a81c38
Add .idea to .gitignore file
The .idea directory, created by JetBrains IDEs, has been added to the .gitignore file. This prevents any local IDE settings from being added to the git repository, which is crucial for working with other developers and keeping the repository clean.
2024-03-14 22:15:00 +01:00
f387547749
Add sanity check for split strings in password handling
In order to avoid potential indexing issues in password handling, a conditional statement has been added. This ensures that there are two resultant parts after the string splitting operation; if the condition isn't met, the operation simply continues without processing further. This enhances code robustness and reliability.
2024-03-14 22:14:48 +01:00
f89cc5f629
Merge pull request #30 from wneessen/better_testcoverage
Improved test coverage
2023-02-09 22:29:58 +01:00
00d56b9ce3
Improved test coverage 2023-02-09 22:25:08 +01:00
2e1355761c
Merge pull request #28 from wneessen/27-add-ntlm-hash-support
#27: Implement NTLM hash support for PwnedPassAPI
2023-02-09 17:12:06 +01:00
179cd36d7f
#27: Implement NTLM hash support for PwnedPassAPI
This PR implements support for NTLM hashes as announced by Troy Hunt:
https://s.pebcak.de/@troyhunt@infosec.exchange/109833758367903768

For this we needed to be able to calculate MD4 hashes, as NTLM basically is calculated like this: `MD4(UTF-16LE(pw))`. For this we ported the official golang.org/x/crypto/md4 package, so we can still claim that "only depends on Go stdlib"

A new Client option has been introduced: `WithPwnedNTLMHash`. If the client is initalized with this option, all generic methods (`ListHashesPassword` and `CheckPassword`) will  operate on NTLM hashes.

Additionally, there are now equivalent methods for checking passwords and listing hashes for NTLM: `CheckNTLM` and `ListHashesNTLM`
2023-02-09 17:07:20 +01:00
2b0b51ae17
Merge pull request #25 from wneessen/fix/24-verify-and-overhaul-the-error-handling-of-the-different-apis
Fix/24 verify and overhaul the error handling of the different apis
2022-12-22 16:02:53 +01:00
f143794341
Overhauling error handling of the different APIs as part of #24
- More error generalization
- Fixed PwnedPasswords API errors
- Added SHA1 hash validation with corresponding error
- More tests for error handling
2022-12-22 15:59:48 +01:00
c5ea330401
Overhauling error handling of the different APIs as part of #24
- Generalized errors
- Updated version number and User-Agent string
- Made default timeout a const
2022-12-22 11:55:56 +01:00
9c4b20b01e
Overhauling error handling of the different APIs as part of #24
- Overhauled the breaches API
- Added more tests
2022-12-22 11:55:06 +01:00
ec5038a041
Merge pull request #23 from wneessen/fix/22-should-return-httpresponse-for-paste
Fix missing HTTP response return in PastedAccount method.
2022-12-22 10:02:55 +01:00
e42f8b3101
Fix missing HTTP response return in PastedAccount method.
Fixes #22

- In case of a HTTP error the PastedAccount method is supposed to return the HTTP response, since this can hold valuable information about the reason why the request failed. Instead, it was returning `nil`. This PR fixes this behaviour.
- Additionally, this PR introduces tests to catch such oversights
- Finally a proper `error.New()` error has been introduces, to that `error.Is()` can be used on common error that are detected by the module
2022-12-22 09:57:57 +01:00
8a77d77ee6
Merge pull request #20 from wneessen/testcoverage
Better test coverage
2022-10-29 17:02:40 +02:00
77a3b1f3c5
Better test coverage 2022-10-29 16:58:56 +02:00
f21e27fe8b
Merge pull request #19 from wneessen/golangci-lint
Implement a golangci-lint workflow and the accordingly GH action
2022-10-29 15:53:00 +02:00
20ebd4c965
Implement a golangci-lint workflow and the accordingly GH action 2022-10-29 15:32:12 +02:00
a931f4aef3
Merge pull request #18 from wneessen/test-coverage
Fixes and test coverage
2022-10-01 16:12:31 +02:00
f1d9046155
Fixed failing test 2022-10-01 16:10:25 +02:00
2a92929c20
Better test coverage for breaches API 2022-10-01 16:06:56 +02:00
a8623f1162
Fixed mixed pointer/copy assignment in ApiDate type 2022-10-01 16:05:50 +02:00
540e745c7f
Fixed output results in PwnedPassApi tests 2022-10-01 15:04:06 +02:00
bc1c5d0914
Merge pull request #16 from wneessen/14-prefix
Skip padding results
2022-06-09 16:22:14 +02:00
8fe5b208a5
#14: Skip padding results in the API response, which can be identified by having a zero count 2022-06-09 16:21:10 +02:00
3ab68b9110
Merge pull request #15 from wneessen/14-prefix
#14: Add `ListHashes*()` methods to get access to all returned hashes
2022-06-08 17:29:17 +02:00
05ea767ee1
#14: Add ListHashes*() methods to get access to all returned hashes
- This method replaces the previously private apiCall() method
- Added `ListHashesSHA1()` as well as `ListHashesPassword()` to keep consistency in the naming schema
- Added length checks for SHA1() methods
- Added length check for Prefix() method
2022-06-08 17:26:41 +02:00
1642ee7255
Update README.md
Added awesome-go badge
2022-05-09 09:14:11 +02:00
659a359ea0
Merge pull request #12 from wneessen/v1_0_2
v1.0.2
2022-05-08 12:49:14 +02:00
504c711df2
v1.0.2: Update README.md 2022-05-08 12:46:47 +02:00
70996a1415
v1.0.2: Update README.md 2022-05-08 12:46:00 +02:00
1c699aca31
v1.0.2: More tests and better README.md. 2022-05-08 12:44:20 +02:00
b326983899
Merge pull request #11 from wneessen/move_example_code_to_testfiles
Move example code to testfiles
2022-05-08 12:13:09 +02:00
5f40d8b8de
Make GoLinter happy 2022-05-08 12:09:39 +02:00
fc0ea3bd48
Updated README.md, package description and version number for v1.0.2 release 2022-05-08 12:07:33 +02:00
77e5a4345d
Moved all code examples into the test files using GoDoc syntax 2022-05-08 12:02:58 +02:00
43c99d2889
Merge remote-tracking branch 'origin/main' 2022-05-07 15:59:57 +02:00
49b2ac95f6
More test coverage 2022-05-07 15:59:20 +02:00
ce8872c72d
Merge pull request #10 from wneessen/codecov-rename
Codecov rename
2022-05-07 15:05:36 +02:00
90124586b8
Update codecov_testonly.yml 2022-05-07 15:05:09 +02:00
356b48bed7
Create codecov.yml 2022-05-07 15:04:51 +02:00
2cd451a84d
Update codecov_testonly.yml 2022-05-07 15:03:43 +02:00
27b95c19bc
Update and rename codecov.yml to codecov_testonly.yml 2022-05-07 15:03:09 +02:00
41c8f9eefc
Update codecov.yml 2022-05-07 14:59:31 +02:00
467f2961c6
Merge pull request #9 from wneessen/Add_RLS_to_all_test
Add rls to all test
2022-05-07 14:58:18 +02:00
2af48736df
Update sonarqube.yml 2022-05-07 14:57:14 +02:00