mirror of
https://github.com/bjc/prosody.git
synced 2025-04-04 21:57:45 +03:00
util.hashes: Allow specifying output key length
This is not needed for SCRAM but PBKDF2 takes this argument.
This commit is contained in:
Kim Alvefur
parent
ffc422e2f6
commit
165ee3a5ef
2 changed files with 28 additions and 9 deletions
|
|
@ -33,5 +33,21 @@ describe("PBKDF2-SHA1", function ()
|
|||
local DK = "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984";
|
||||
assert.equal(DK, hex.to(hashes.scram_Hi_sha1(P, S, c)));
|
||||
end);
|
||||
it("test vector 5", function ()
|
||||
local P = "passwordPASSWORDpassword"
|
||||
local S = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
|
||||
local c = 4096
|
||||
local dkLen = 25
|
||||
local DK = "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
|
||||
assert.equal(DK, hex.to(hashes.scram_Hi_sha1(P, S, c, dkLen)));
|
||||
end);
|
||||
it("works", function ()
|
||||
local P = "pass\0word"
|
||||
local S = "sa\0lt"
|
||||
local c = 4096
|
||||
local dkLen = 16
|
||||
local DK = "56fa6aa75548099dcc37d7f03425e0c3"
|
||||
assert.equal(DK, hex.to(hashes.scram_Hi_sha1(P, S, c, dkLen)));
|
||||
end);
|
||||
end);
|
||||
|
||||
|
|
|
|||
|
|
@ -100,36 +100,39 @@ MAKE_HMAC_FUNCTION(Lhmac_sha512, EVP_sha512, SHA512_DIGEST_LENGTH, SHA512_CTX)
|
|||
MAKE_HMAC_FUNCTION(Lhmac_md5, EVP_md5, MD5_DIGEST_LENGTH, MD5_CTX)
|
||||
|
||||
static int Lpbkdf2_sha1(lua_State *L) {
|
||||
unsigned char out[SHA_DIGEST_LENGTH];
|
||||
|
||||
size_t pass_len, salt_len;
|
||||
const char *pass = luaL_checklstring(L, 1, &pass_len);
|
||||
const unsigned char *salt = (unsigned char *)luaL_checklstring(L, 2, &salt_len);
|
||||
const int iter = luaL_checkinteger(L, 3);
|
||||
const size_t len = luaL_optinteger(L, 4, SHA_DIGEST_LENGTH);
|
||||
|
||||
if(PKCS5_PBKDF2_HMAC(pass, pass_len, salt, salt_len, iter, EVP_sha1(), SHA_DIGEST_LENGTH, out) == 0) {
|
||||
luaL_Buffer b;
|
||||
unsigned char *out = (unsigned char *)luaL_buffinitsize(L, &b, len);
|
||||
|
||||
if(PKCS5_PBKDF2_HMAC(pass, pass_len, salt, salt_len, iter, EVP_sha1(), len, out) == 0) {
|
||||
return luaL_error(L, "PKCS5_PBKDF2_HMAC() failed");
|
||||
}
|
||||
|
||||
lua_pushlstring(L, (char *)out, SHA_DIGEST_LENGTH);
|
||||
|
||||
luaL_pushresultsize(&b, len);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
static int Lpbkdf2_sha256(lua_State *L) {
|
||||
unsigned char out[SHA256_DIGEST_LENGTH];
|
||||
|
||||
size_t pass_len, salt_len;
|
||||
const char *pass = luaL_checklstring(L, 1, &pass_len);
|
||||
const unsigned char *salt = (unsigned char *)luaL_checklstring(L, 2, &salt_len);
|
||||
const int iter = luaL_checkinteger(L, 3);
|
||||
const int len = luaL_optinteger(L, 4, SHA256_DIGEST_LENGTH);
|
||||
|
||||
if(PKCS5_PBKDF2_HMAC(pass, pass_len, salt, salt_len, iter, EVP_sha256(), SHA256_DIGEST_LENGTH, out) == 0) {
|
||||
luaL_Buffer b;
|
||||
unsigned char *out = (unsigned char *)luaL_buffinitsize(L, &b, len);
|
||||
|
||||
if(PKCS5_PBKDF2_HMAC(pass, pass_len, salt, salt_len, iter, EVP_sha256(), len, out) == 0) {
|
||||
return luaL_error(L, "PKCS5_PBKDF2_HMAC() failed");
|
||||
}
|
||||
|
||||
lua_pushlstring(L, (char *)out, SHA_DIGEST_LENGTH);
|
||||
luaL_pushresultsize(&b, len);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue