Parameterize the PBKDF2 algorithm in application config
http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5
This commit is contained in:
parent
4b269de724
commit
35a2bb7919
|
@ -542,7 +542,7 @@ class User < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def hash_password(password, salt)
|
||||
Pbkdf2.hash_password(password, salt, Rails.configuration.pbkdf2_iterations)
|
||||
Pbkdf2.hash_password(password, salt, Rails.configuration.pbkdf2_iterations, Rails.configuration.pbkdf2_algorithm)
|
||||
end
|
||||
|
||||
def add_trust_level
|
||||
|
@ -674,4 +674,3 @@ end
|
|||
# index_users_on_username (username) UNIQUE
|
||||
# index_users_on_username_lower (username_lower) UNIQUE
|
||||
#
|
||||
|
||||
|
|
|
@ -89,6 +89,7 @@ module Discourse
|
|||
|
||||
# per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
|
||||
config.pbkdf2_iterations = 64000
|
||||
config.pbkdf2_algorithm = "sha256"
|
||||
|
||||
# dumping rack lock cause the message bus does not work with it (throw :async, it catches Exception)
|
||||
# see: https://github.com/sporkrb/spork/issues/66
|
||||
|
|
|
@ -13,9 +13,9 @@ require 'xor'
|
|||
|
||||
class Pbkdf2
|
||||
|
||||
def self.hash_password(password, salt, iterations)
|
||||
def self.hash_password(password, salt, iterations, algorithm = "sha256")
|
||||
|
||||
h = OpenSSL::Digest::Digest.new("sha256")
|
||||
h = OpenSSL::Digest::Digest.new(algorithm)
|
||||
|
||||
u = ret = prf(h, password, salt + [1].pack("N"))
|
||||
|
||||
|
|
Loading…
Reference in New Issue