pike.git / lib / modules / Crypto.pmod / Password.pmod

version» Context lines:

pike.git/lib/modules/Crypto.pmod/Password.pmod:389:    // FALL_THROUGH    case "smd5":    case "{smd5}":    crypt_hash = lambda(string(8bit) passwd, string(8bit) salt, int rounds) {    return Crypto.MD5.hash(passwd + salt);    };    render_hash = render_ldap_hash;    break;       case "pbkdf2": +  case "$pbkdf2$":    crypt_hash = Crypto.SHA1.crypt_pbkdf2;    render_hash = render_old_crypt_hash;    // Defaults taken from PassLib.    salt_size = 22; // 16 bytes after base64-encoding.    default_rounds = 29000; // NB: The Passlib example defaults to 6400. -  +  scheme = "pbkdf2";    break;       case "pbkdf2-sha256": -  +  case "$pbkdf2-sha256$":    crypt_hash = Crypto.SHA256.crypt_pbkdf2;    render_hash = render_old_crypt_hash;    // Defaults taken from PassLib.    salt_size = 22; // 16 bytes after base64-encoding.    default_rounds = 29000; // NB: The Passlib example defaults to 6400. -  +  scheme = "pbkdf2-sha256";    break;      #if constant(Crypto.SHA512)    case "pbkdf2-sha512": -  +  case "$pbkdf2-sha512$":    crypt_hash = Crypto.SHA512.crypt_pbkdf2;    render_hash = render_old_crypt_hash;    // Defaults taken from Passlib.    salt_size = 22; // 16 bytes after base64-encoding.    default_rounds = 29000; // NB: The Passlib example defaults to 6400. -  +  scheme = "pbkdf2-sha512";    break;   #endif       default:    error("Unsupported hashing scheme: %O\n", scheme);    }       if (!rounds) rounds = default_rounds;       // NB: The salt must be printable.    string(7bit) salt =    [string(7bit)]replace(MIME.encode_base64(random_string(salt_size))[..salt_size-1], "+", ".");       string(8bit) hash = crypt_hash(password, salt, rounds);       return render_hash([string(7bit)]scheme, salt, hash, rounds);   }