2 files changed, 33 insertions, 0 deletions

diff --git a/src/script/lua_api/l_util.cpp b/src/script/lua_api/l_util.cpp
index e90b7fbcf..d090fc91c 100644
--- a/src/script/lua_api/l_util.cpp
+++ b/src/script/lua_api/l_util.cpp
@@ -246,6 +246,35 @@ int ModApiUtil::l_get_hit_params(lua_State *L)
 	return 1;
 }
 
+// check_password_entry(name, entry, password)
+int ModApiUtil::l_check_password_entry(lua_State *L)
+{
+	NO_MAP_LOCK_REQUIRED;
+	std::string name = luaL_checkstring(L, 1);
+	std::string entry = luaL_checkstring(L, 2);
+	std::string password = luaL_checkstring(L, 3);
+
+	if (base64_is_valid(entry)) {
+		std::string hash = translate_password(name, password);
+		lua_pushboolean(L, hash == entry);
+		return 1;
+	}
+
+	std::string salt;
+	std::string verifier;
+
+	if (!decode_srp_verifier_and_salt(entry, &verifier, &salt)) {
+		// invalid format
+		warningstream << "Invalid password format for " << name << std::endl;
+		lua_pushboolean(L, false);
+		return 1;
+	}
+	std::string gen_verifier = generate_srp_verifier(name, password, salt);
+
+	lua_pushboolean(L, gen_verifier == verifier);
+	return 1;
+}
+
 // get_password_hash(name, raw_password)
 int ModApiUtil::l_get_password_hash(lua_State *L)
 {
@@ -449,6 +478,7 @@ void ModApiUtil::Initialize(lua_State *L, int top)
 	API_FCT(get_dig_params);
 	API_FCT(get_hit_params);
 
+	API_FCT(check_password_entry);
 	API_FCT(get_password_hash);
 
 	API_FCT(is_yes);
diff --git a/src/script/lua_api/l_util.h b/src/script/lua_api/l_util.h
index 779dbe281..3012d55aa 100644
--- a/src/script/lua_api/l_util.h
+++ b/src/script/lua_api/l_util.h
@@ -71,6 +71,9 @@ private:
 	// get_hit_params(groups, tool_capabilities[, time_from_last_punch])
 	static int l_get_hit_params(lua_State *L);
 
+	// check_password_entry(name, entry, password)
+	static int l_check_password_entry(lua_State *L);
+
 	// get_password_hash(name, raw_password)
 	static int l_get_password_hash(lua_State *L);