pike.git / lib / modules / Crypto.pmod / Password.pmod

version» Context lines:

pike.git/lib/modules/Crypto.pmod/Password.pmod:254:    return Crypto.SHA1.crypt_php(passwd, salt) == hash;    break;      #if constant(Crypto.SHA512)    case "S": // PHPass Portable Hash SHA512.    salt = hash[..8];    hash = hash[9..];    return Crypto.SHA512.crypt_php(passwd, salt) == hash;    break;   #endif +  +  case "sha1": // SHA1-HMAC +  rounds = (int)salt; +  sscanf(hash, "%s$%s", salt, hash); +  return Crypto.SHA1.HMAC.crypt_hash(password, salt, rounds) == +  [string(7bit)]hash; +  break;    }    break;    }    return 0;   }      //! Generate a hash of @[password] suitable for @[verify()].   //!   //! @param password   //! Password to hash.
pike.git/lib/modules/Crypto.pmod/Password.pmod:483:    salt_size = 0;    // FALL_THROUGH    case "smd5":    case "{smd5}":    crypt_hash = lambda(string(8bit) passwd, string(8bit) salt, int rounds) {    return Crypto.MD5.hash(passwd + salt);    };    render_hash = render_ldap_hash;    break;    +  case "sha1": +  case "$sha1$": +  // NetBSD-style crypt_sha1(). +  crypt_hash = Crypto.SHA1.HMAC.crypt_hash; +  render_hash = render_old_crypt_hash; +  // Defaults taken from PassLib. +  salt_size = 8; +  rounds = 480000; +  break; +     case "pbkdf2":    case "$pbkdf2$":    crypt_hash = Crypto.SHA1.crypt_pbkdf2;    render_hash = render_old_crypt_hash;    // Defaults taken from PassLib.    salt_size = 22; // 16 bytes after base64-encoding.    default_rounds = 29000; // NB: The Passlib example defaults to 6400.    scheme = "pbkdf2";    break;