Support the password hash database from https://haveibeenpwned.com/passwords

Author: thomasmueller

src/main/java/org/fastfilter/tools/BuildFilterFile.java

@@ -0,0 +1,88 @@
+package org.fastfilter.tools;
+
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.LineNumberReader;
+import java.io.RandomAccessFile;
+import java.nio.charset.Charset;
+import java.util.ArrayList;
+
+import org.fastfilter.utils.StringUtils;
+import org.fastfilter.xorplus.XorPlus8;
+
+public class BuildFilterFile {
+
+    public static final int SEGMENT_BITS = 4;
+
+    public static void main(String... args) throws IOException {
+        if (args.length != 1) {
+            System.out.println("Usage: java " + BuildFilterFile.class.getName() + " <textFile>\n"
+                    + "Builds a .filter file from a text file that contains SHA-1 hashes and counts.");
+            return;
+        }
+        String textFile = args[0];
+        String filterFileName = textFile + ".filter";
+        long start = System.nanoTime();
+        LineNumberReader lineReader = new LineNumberReader(new FileReader(textFile, Charset.forName("LATIN1")));
+        new File(filterFileName).delete();
+        RandomAccessFile out = new RandomAccessFile(filterFileName, "rw");
+        int lines = 0;
+        // header
+        out.write(new byte[8 << SEGMENT_BITS]);
+        int currentSegment = 0;
+        long lastHash = 0;
+        ArrayList<Long> keys = new ArrayList<Long>();
+        while (true) {
+            String line = lineReader.readLine();
+            if (line == null) {
+                break;
+            }
+            lines++;
+            long hash = 0;
+            for (int i = 0; i < 16; i++) {
+                hash <<= 4;
+                hash |= StringUtils.getHex(line.charAt(i));
+            }
+            if (lastHash == hash) {
+                System.out.println("Warning: duplicate hash detected, ignoring: " + line);
+                continue;
+            }
+            lastHash = hash;
+            int dot = line.lastIndexOf(':');
+            int count = Integer.parseInt(line, dot + 1, line.length(), 10);
+            // set the lowest bit to 0
+            long key = hash ^ (hash & 1);
+            // if common, set the lowest bit
+            if (count > 9) {
+                key |= 1;
+            }
+            int segment = (int) (key >>> (64 - SEGMENT_BITS));
+            if (segment != currentSegment) {
+                writeSegment(keys, currentSegment, out);
+                long time = System.nanoTime() - start;
+                System.out.println("Lines processed: " + lines + " " + (time / lines) + " ns/line");
+                currentSegment = segment;
+            }
+            keys.add(key);
+        }
+        writeSegment(keys, currentSegment, out);
+        lineReader.close();
+        out.close();
+    }
+
+    private static void writeSegment(ArrayList<Long> keys, int segment, RandomAccessFile out) throws IOException {
+        long[] array = new long[keys.size()];
+        for(int i=0; i<keys.size(); i++) {
+            array[i] = keys.get(i);
+        }
+        long start = out.length();
+        out.seek(segment * 8);
+        out.writeLong(start);
+        out.seek(start);
+        XorPlus8 filter = XorPlus8.construct(array);
+        out.write(filter.getData());
+        keys.clear();
+    }
+
+}

src/main/java/org/fastfilter/tools/PasswordLookup.java

@@ -0,0 +1,79 @@
+package org.fastfilter.tools;
+
+import java.io.BufferedInputStream;
+import java.io.Console;
+import java.io.DataInputStream;
+import java.io.FileInputStream;
+import java.io.RandomAccessFile;
+import java.nio.charset.Charset;
+import java.security.MessageDigest;
+import java.util.Scanner;
+
+import org.fastfilter.xorplus.XorPlus8;
+
+public class PasswordLookup {
+
+    public static void main(String... args) throws Exception {
+        if (args.length != 1) {
+            System.out.println("Usage: java " + PasswordLookup.class.getName() + " <filterFileName>\n"
+                    + "Requires a filter file generated by " + BuildFilterFile.class.getName());
+            return;
+        }
+        String filterFileName = args[0];
+        Scanner scanner = new Scanner(System.in);
+        while (true) {
+            Console console = System.console();
+            String password;
+            if (console != null) {
+                password = new String(console.readPassword("Password? "));
+            } else {
+                System.out.println("Password? ");
+                password = scanner.nextLine();
+            }
+            if (password.length() == 0) {
+                break;
+            }
+            testPassword(filterFileName, password);
+        }
+        scanner.close();
+    }
+
+    private static void testPassword(String filterFileName, String password) throws Exception {
+        byte[] passwordBytes = password.getBytes(Charset.forName("ISO-8859-1"));
+        MessageDigest md = MessageDigest.getInstance("SHA-1");
+        byte[] sha1 = md.digest(passwordBytes);
+        long hash = 0;
+        for (int i = 0; i < 8; i++) {
+            hash = (hash << 8) | (sha1[i] & 0xff);
+        }
+        // set the lowest bit to 0
+        long key = hash ^ (hash & 1);
+        RandomAccessFile f = new RandomAccessFile(filterFileName, "r");
+        int segment = (int) (key >>> (64 - BuildFilterFile.SEGMENT_BITS));
+        f.seek(segment * 8);
+        long skip = f.readLong();
+        f.close();
+        DataInputStream in = new DataInputStream(new BufferedInputStream(new FileInputStream(filterFileName)));
+        while (skip > 0) {
+            long skipped = in.skip(skip);
+            if (skipped <= 0) {
+                break;
+            }
+            skip -= skipped;
+        }
+        XorPlus8 filter = new XorPlus8(in);
+        in.close();
+        boolean found = filter.mayContain(key);
+        if (found) {
+            System.out.println("Found");
+        } else {
+            found = filter.mayContain(key | 1);
+            if (found) {
+                System.out.println("Found; common");
+            } else {
+                System.out.println("Not found");
+            }
+        }
+    }
+
+}

src/main/java/org/fastfilter/utils/Hash.java

@@ -6,6 +6,10 @@ public class Hash {
 
     private static Random random = new Random();
 
+    public static void setSeed(long seed) {
+        random.setSeed(seed);
+    }
+
     public static long hash64(long x, long seed) {
         x += seed;
         x = (x ^ (x >>> 33)) * 0xff51afd7ed558ccdL;
@@ -20,7 +24,7 @@ public static long randomSeed() {
 
     /**
      * Shrink the hash to a value 0..n. Kind of like modulo, but using
-     * multiplication.
+     * multiplication and shift, which are faster to compute.
      *
      * @param hash the hash
      * @param n the maximum of the result

src/main/java/org/fastfilter/utils/StringUtils.java

@@ -0,0 +1,22 @@
+package org.fastfilter.utils;
+
+public class StringUtils {
+    private static final int[] HEX_DECODE = new int['f' + 1];
+
+    static {
+        for (int i = 0; i < HEX_DECODE.length; i++) {
+            HEX_DECODE[i] = -1;
+        }
+        for (int i = 0; i <= 9; i++) {
+            HEX_DECODE[i + '0'] = i;
+        }
+        for (int i = 0; i <= 5; i++) {
+            HEX_DECODE[i + 'a'] = HEX_DECODE[i + 'A'] = i + 10;
+        }
+    }
+
+    public static int getHex(char c) {
+        return HEX_DECODE[c];
+    }
+
+}

src/main/java/org/fastfilter/xor/Xor8.java

@@ -1,5 +1,11 @@
 package org.fastfilter.xor;
 
+import java.io.ByteArrayOutputStream;
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
 import org.fastfilter.Filter;
 import org.fastfilter.utils.Hash;
 
@@ -160,4 +166,37 @@ private int fingerprint(long hash) {
         return (int) (hash & ((1 << BITS_PER_FINGERPRINT) - 1));
     }
 
+    public byte[] getData() {
+        try {
+            ByteArrayOutputStream out = new ByteArrayOutputStream();
+            DataOutputStream d = new DataOutputStream(out);
+            d.writeInt(size);
+            d.writeInt(arrayLength);
+            d.writeInt(blockLength);
+            d.writeLong(seed);
+            d.writeInt(bitCount);
+            d.writeInt(fingerprints.length);
+            d.write(fingerprints);
+            return out.toByteArray();
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public Xor8(InputStream in) {
+        try {
+            DataInputStream din = new DataInputStream(in);
+            size = din.readInt();
+            arrayLength = din.readInt();
+            blockLength = din.readInt();
+            seed = din.readLong();
+            bitCount = din.readInt();
+            int fingerprintLength = din.readInt();
+            fingerprints = new byte[fingerprintLength];
+            din.readFully(fingerprints);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
 }

src/main/java/org/fastfilter/xorplus/Rank9.java

@@ -18,6 +18,9 @@
  */
 package org.fastfilter.xorplus;
 
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.IOException;
 import java.util.Arrays;
 import java.util.BitSet;
 
@@ -114,4 +117,26 @@ public int getBitCount() {
         return bits.length * 64 + counts.length * 64;
     }
 
+    public void write(DataOutputStream d) throws IOException {
+        d.writeInt(bits.length);
+        for (int i = 0; i < bits.length; i++) {
+            d.writeLong(bits[i]);
+        }
+        d.writeInt(counts.length);
+        for (int i = 0; i < counts.length; i++) {
+            d.writeLong(counts[i]);
+        }
+    }
+
+    public Rank9(DataInputStream in) throws IOException {
+        bits = new long[in.readInt()];
+        for (int i = 0; i < bits.length; i++) {
+            bits[i] = in.readLong();
+        }
+        counts = new long[in.readInt()];
+        for (int i = 0; i < counts.length; i++) {
+            counts[i] = in.readLong();
+        }
+    }
+
 }

src/main/java/org/fastfilter/xorplus/XorPlus8.java

@@ -1,5 +1,10 @@
 package org.fastfilter.xorplus;
 
+import java.io.ByteArrayOutputStream;
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.util.BitSet;
 
 import org.fastfilter.Filter;
@@ -339,4 +344,40 @@ private int fingerprint(long hash) {
         return (int) (hash & ((1 << BITS_PER_FINGERPRINT) - 1));
     }
 
+    public byte[] getData() {
+        try {
+            ByteArrayOutputStream out = new ByteArrayOutputStream();
+            DataOutputStream d = new DataOutputStream(out);
+            d.writeInt(size);
+            d.writeInt(arrayLength);
+            d.writeInt(blockLength);
+            d.writeLong(seed);
+            d.writeInt(bitCount);
+            d.writeInt(fingerprints.length);
+            d.write(fingerprints);
+            rank.write(d);
+            return out.toByteArray();
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public XorPlus8(InputStream in) {
+        try {
+            DataInputStream din = new DataInputStream(in);
+            size = din.readInt();
+            arrayLength = din.readInt();
+            blockLength = din.readInt();
+            seed = din.readLong();
+            bitCount = din.readInt();
+            int fingerprintLength = din.readInt();
+            fingerprints = new byte[fingerprintLength];
+            din.readFully(fingerprints);
+            rank = new Rank9(din);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+
 }