Start of the implementation of IsValidPassword for BCrypt.

Author: MHumm

Source/DECHash.pas

@@ -1102,6 +1102,24 @@   THash_BCrypt = class(TDECPasswordHash)
                      IncProc : TBFIncProc;
                    end;
 
+      /// <summary>
+      ///   Parts of the BSD/Crypt style password storage for BCrypt
+      /// </summary>
+      TBCryptBSDData = record
+        /// <summary>
+        ///   Algorithm ID
+        /// </summary>
+        ID       : string;
+        /// <summary>
+        ///   Salt in Crypt encoding
+        /// </summary>
+        Salt     : string;
+        /// <summary>
+        ///   Cost factor
+        /// </summary>
+        Cost     : UInt8;
+      end;
+
       var
         /// <summary>
         ///   The calculated hash value
@@ -1175,6 +1193,11 @@   THash_BCrypt = class(TDECPasswordHash)
     ///   Block to store the result in
     /// </param>
     procedure BF_XorBlock(const B1, B2: TBFBlock; var B3: TBFBlock);
+
+    /// <summary>
+    ///   Splits a given Crypt/BSD style password record into its parts
+    /// </summary>
+    function SplitTestVector(const Vector: string):TBCryptBSDData;
   strict protected
     procedure DoInit; override;
     procedure DoTransform(Buffer: PUInt32Array); override;
@@ -1261,6 +1284,23 @@   THash_BCrypt = class(TDECPasswordHash)
     /// </summary>
     class function MaxCost:UInt8;
 
+    /// <summary>
+    ///   Checks whether a given password is the correct one for a password
+    ///   storage "record"/entry in Crypt/BSD format.
+    /// </summary>
+    /// <param name="Password">
+    ///   Password to check for validity
+    /// </param>
+    /// <param name="CryptData">
+    ///   The data needed to "compare" the password against in Crypt/BSD like
+    ///   format: $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
+    /// </param>
+    /// <returns>
+    ///    True if the password given is correct.
+    /// </returns>
+    class function IsValidPassword(const Password  : string;
+                                   const CryptData : string): Boolean; override;
+
     /// <summary>
     ///   Processes one chunk of data to be hashed.
     /// </summary>
@@ -5238,6 +5278,12 @@ class function THash_BCrypt.GetCryptParams(
   Result := '$' + Result;
 end;
 
+class function THash_BCrypt.IsValidPassword(const Password,
+                                                  CryptData: string): Boolean;
+begin
+
+end;
+
 procedure THash_BCrypt.BF_Encrypt(const BI: TBFBlock; var BO: TBFBlock);
 var
   xl, xr : UInt32;
@@ -5356,6 +5402,16 @@ procedure THash_BCrypt.SetCost(const Value: UInt8);
     raise EDECHashException.CreateFmt(sCostFactorInvalid, [MinCost, MaxCost]);
 end;
 
+function THash_BCrypt.SplitTestVector(const Vector: string): TBCryptBSDData;
+var
+  Parts : TArray<string>;
+begin
+  Parts := Vector.Split(['$'], TStringSplitOptions.ExcludeEmpty);
+  Result.ID   := Parts[0];
+  Result.Cost := Copy(Parts[1], Low(Parts[1]), Length(Parts[1])).ToInteger;
+  Result.Salt := Copy(Parts[2], Low(Parts[2]), 22);
+end;
+
 {$IFDEF RESTORE_RANGECHECKS}{$R+}{$ENDIF}
 {$IFDEF RESTORE_OVERFLOWCHECKS}{$Q+}{$ENDIF}
 

Source/DECHashAuthentication.pas

@@ -798,6 +798,23 @@   TDECPasswordHash = class(TDECHashAuthentication)
                      SaltIsRaw      : Boolean;
                      Format         : TDECFormatClass):string; virtual;
 
+    /// <summary>
+    ///   Checks whether a given password is the correct one for a password
+    ///   storage "record"/entry in Crypt/BSD format.
+    /// </summary>
+    /// <param name="Password">
+    ///   Password to check for validity
+    /// </param>
+    /// <param name="CryptData">
+    ///   The data needed to "compare" the password against in Crypt/BSD like
+    ///   format: $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
+    /// </param>
+    /// <returns>
+    ///    True if the password given is correct.
+    /// </returns>
+    class function IsValidPassword(const Password  : string;
+                                   const CryptData : string): Boolean; virtual;
+
 //    /// <summary>
 //    ///   Calculates a passwort hash for the given password and returns it in
 //    ///   a BSDCrypt compatible format. This method only works for those hash
@@ -1588,4 +1605,10 @@ class function TDECPasswordHash.GetDigestInCryptFormat(
   SetLength(SaltBytes, 0);
 end;
 
+class function TDECPasswordHash.IsValidPassword(const Password  : string;
+                                                const CryptData : string): Boolean;
+begin
+  Result := false;
+end;
+
 end.

Unit Tests/Tests/TestDECHash.pas

@@ -676,7 +676,7 @@       TBCryptBSDTestData = record
         Cost     : UInt8;
       end;
 
-    function SplitTestVector(Vector: string):TBCryptBSDTestData;
+    function SplitTestVector(const Vector: string):TBCryptBSDTestData;
   protected
     procedure ConfigHashClass(aHashClass: TDECHash; aIdxTestData:Integer); override;
   public
@@ -6296,7 +6296,7 @@ procedure TestTHash_BCrypt.SetUp;
   lDataRow.AddInputVector('~!@#$%^&*()      ~!@#$%^&*()PNBFRD');
 end;
 
-function TestTHash_BCrypt.SplitTestVector(Vector: string): TBCryptBSDTestData;
+function TestTHash_BCrypt.SplitTestVector(const Vector: string): TBCryptBSDTestData;
 var
   Parts : TArray<string>;
 begin