From c589f92ed0f6e462a976c64d533c1d8a21b2a3ba Mon Sep 17 00:00:00 2001
From: Amlal El Mahrouss <amlal@nekernel.org>
Date: Fri, 16 May 2025 13:35:50 +0200
Subject: feat(kernel): User doesn't store the password directly anymore, it is
 hashed under a 64-bit FNV algorithm.

why?

 - Better security, so that we're sure that no one else knows about the
   password.

also:

 - Rename super to MGMT (Management), as it manages a NeKernel machine.
 - Added a copy of cxxdrv in the nekernel source tree.
 - Working on the custom manual parser for NeKernel. (PoC)

Signed-off-by: Amlal El Mahrouss <amlal@nekernel.org>
---
 dev/kernel/src/FS/NeFS+FileSystemParser.cc |  7 ++-
 dev/kernel/src/User.cc                     | 77 +++++++-----------------------
 2 files changed, 21 insertions(+), 63 deletions(-)

(limited to 'dev/kernel/src')

diff --git a/dev/kernel/src/FS/NeFS+FileSystemParser.cc b/dev/kernel/src/FS/NeFS+FileSystemParser.cc
index dae69a21..3622e711 100644
--- a/dev/kernel/src/FS/NeFS+FileSystemParser.cc
+++ b/dev/kernel/src/FS/NeFS+FileSystemParser.cc
@@ -878,7 +878,7 @@ namespace Kernel::NeFS {
 /// @brief Construct NeFS drives.
 /***********************************************************************************/
 Boolean fs_init_nefs(Void) noexcept {
-  kout << "Creating main disk...\r";
+  kout << "Creating HeFS disk...\r";
 
   kMountpoint.A() = io_construct_main_drive();
 
@@ -886,9 +886,8 @@ Boolean fs_init_nefs(Void) noexcept {
     ke_panic(RUNTIME_CHECK_FILESYSTEM, "Main disk cannot be mounted.");
 
   NeFileSystemParser parser;
-  parser.Format(&kMountpoint.A(), 0, kNeFSVolumeName);
-
-  return YES;
+  
+  return parser.Format(&kMountpoint.A(), 0, kNeFSVolumeName);
 }
 }  // namespace Kernel::NeFS
 
diff --git a/dev/kernel/src/User.cc b/dev/kernel/src/User.cc
index 3e6aeeba..c1a5ca94 100644
--- a/dev/kernel/src/User.cc
+++ b/dev/kernel/src/User.cc
@@ -29,20 +29,23 @@ namespace Detail {
   /// \param password password to hash.
   /// \return the hashed password
   ////////////////////////////////////////////////////////////
-  Int32 user_standard_token_generator(Char* password, const Char* in_password, User* user,
-                                      SizeT length) {
+  STATIC UInt64 user_fnv_generator(const Char* password, User* user) {
     if (!password || !user) return 1;
     if (*password == 0) return 1;
 
-    kout << "user_standard_token_generator: Hashing user password...\r";
+    kout << "user_fnv_generator: Hashing user password...\r";
 
-    for (SizeT i_pass = 0UL; i_pass < length; ++i_pass) {
-      Char cur_chr = in_password[i_pass];
+    const UInt64 FNV_OFFSET_BASIS = 0xcbf29ce484222325ULL;
+    const UInt64 FNV_PRIME        = 0x100000001b3ULL;
 
-      password[i_pass] = cur_chr | (user->IsStdUser() ? kStdUserType : kSuperUserType);
+    UInt64 hash = FNV_OFFSET_BASIS;
+
+    while (*password) {
+      hash ^= (Utf8Char) (*password++);
+      hash *= FNV_PRIME;
     }
 
-    kout << "user_standard_token_generator: Hashed user password.\r";
+    kout << "user_fnv_generator: Hashed user password.\r";
 
     return 0;
   }
@@ -68,70 +71,26 @@ User::User(const UserRingKind& ring_kind, const Char* user_name) : mUserRing(rin
 ////////////////////////////////////////////////////////////
 User::~User() = default;
 
-Bool User::Save(const UserPublicKey password_to_fill) noexcept {
-  if (!password_to_fill || *password_to_fill == 0) return No;
-
-  SizeT len = rt_string_len(password_to_fill);
-
-  UserPublicKey password = new UserPublicKeyType[len];
-
-  MUST_PASS(password);
-
-  rt_set_memory(password, 0, len);
-
-  // fill data first, generate hash.
-  // return false on error.
-
-  rt_copy_memory((VoidPtr) password_to_fill, password, len);
-
-  if (!Detail::user_standard_token_generator(password, password_to_fill, this, len)) {
-    delete[] password;
-    password = nullptr;
-
-    return No;
-  }
-
-  // then store password.
-
-  rt_copy_memory(password, this->mUserKey, rt_string_len(password_to_fill));
+Bool User::Save(const UserPublicKey password) noexcept {
+  if (!password || *password == 0) return No;
 
-  delete[] password;
-  password = nullptr;
+  this->mUserFNV = Detail::user_fnv_generator(password, this);
 
   kout << "User::Save: Saved password successfully...\r";
 
   return Yes;
 }
 
-Bool User::Matches(const UserPublicKey password_to_fill) noexcept {
-  if (!password_to_fill || *password_to_fill) return No;
-
-  SizeT len = rt_string_len(password_to_fill);
-
-  Char* password = new Char[len];
-  MUST_PASS(password);
-
-  // fill data first, generate hash.
-  // return false on error.
-
-  rt_copy_memory((VoidPtr) password_to_fill, password, len);
-
-  if (!Detail::user_standard_token_generator(password, password_to_fill, this, len)) {
-    delete[] password;
-    password = nullptr;
-
-    return No;
-  }
-
-  kout << "User::Matches: Validating hashed passwords...\r";
+Bool User::Login(const UserPublicKey password) noexcept {
+  if (!password || !*password) return No;
 
   // now check if the password matches.
-  if (rt_string_cmp(password, this->mUserKey, rt_string_len(this->mUserKey)) == 0) {
-    kout << "User::Matches: Password matches.\r";
+  if (this->mUserFNV == Detail::user_fnv_generator(password, this)) {
+    kout << "User::Login: Password matches.\r";
     return Yes;
   }
 
-  kout << "User::Matches: Password doesn't match.\r";
+  kout << "User::Login: Password doesn't match.\r";
   return No;
 }
 
-- 
cgit v1.2.3