Parameterize the PBKDF2 algorithm in application config

http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5
2025-02-25 18:55:32 -06:00 · 2013-07-22 21:36:01 -04:00
parent 4b269de724
commit 35a2bb7919
3 changed files with 11 additions and 11 deletions
--- a/lib/pbkdf2.rb
+++ b/lib/pbkdf2.rb
@@ -2,32 +2,32 @@
 #
 # Also PBKDF2 monkey patches string ... don't like that at all
 #
-# Happy to move back to PBKDF2 ruby gem provided: 
+# Happy to move back to PBKDF2 ruby gem provided:
 #
 # 1. It works on Ruby 2.0
-# 2. It works on 1.9.3 
+# 2. It works on 1.9.3
 # 3. It does not monkey patch string

 require 'openssl'
 require 'xor'

 class Pbkdf2
-  
-  def self.hash_password(password, salt, iterations)

-    h = OpenSSL::Digest::Digest.new("sha256")
-    
+  def self.hash_password(password, salt, iterations, algorithm = "sha256")
+
+    h = OpenSSL::Digest::Digest.new(algorithm)
+
    u = ret = prf(h, password, salt + [1].pack("N"))

-    2.upto(iterations) do 
+    2.upto(iterations) do
     u = prf(h, password, u)
-     ret.xor!(u) 
+     ret.xor!(u)
    end

    ret.bytes.map{|b| ("0" + b.to_s(16))[-2..-1]}.join("")
  end

-  protected 
+  protected

  # fallback xor in case we need it for jruby ... way slower
  def self.xor(x,y)