blog password hash

src/freedombone-sec

@@ -959,6 +959,23 @@ function monkeysphere_sign_server_keys {
 	exit 0
 }
 
+function blog_hash {
+	# produces a hash corresponding to a blog password
+	pass="$1"
+	BLOGHASH_FILENAME=/usr/bin/bloghash
+
+	echo '<?php' > $BLOGHASH_FILENAME
+	echo 'parse_str(implode("&", array_slice($argv, 1)), $_GET);' >> $BLOGHASH_FILENAME
+	echo '$password = $_GET["password"];' >> $BLOGHASH_FILENAME
+	echo '$hash = password_hash($password, PASSWORD_BCRYPT);' >> $BLOGHASH_FILENAME
+	echo 'if (password_verify($password, $hash)) {' >> $BLOGHASH_FILENAME
+	echo '  echo $hash;' >> $BLOGHASH_FILENAME
+	echo '}' >> $BLOGHASH_FILENAME
+	echo '?>' >> $BLOGHASH_FILENAME
+
+	php $BLOGHASH_FILENAME password="$pass"
+}
+
 function show_help {
   echo ''
   echo "${PROJECT_NAME}-sec"
@@ -972,6 +989,7 @@ function show_help {
   echo $'  -r --refresh             Refresh GPG keys for all users'
   echo $'  -s --sign                Sign monkeysphere server keys'
   echo $'     --register [domain]   Register a https domain with monkeysphere'
+  echo $'  -b --bloghash [password] Returns the hash of a password for the blog'
   echo ''
   exit 0
 }
@@ -1011,6 +1029,12 @@ case $key in
 	shift
 	monkeysphere_sign_server_keys
 	;;
+	# get a hash of the given blog password
+	-b|--bloghash)
+	shift
+	blog_hash "$1"
+	exit 0
+	;;
 	*)
 	# unknown option
 	;;