1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Password.Pbkdf2 do
7 This module implements Pbkdf2 passwords in terms of Plug.Crypto.
10 alias Plug.Crypto.KeyGenerator
14 |> String.replace(".", "+")
15 |> Base.decode64!(padding: false)
20 |> Base.encode64(padding: false)
21 |> String.replace("+", ".")
24 def verify_pass(password, hash) do
25 ["pbkdf2-" <> digest, iterations, salt, hash] = String.split(hash, "$", trim: true)
29 iterations = String.to_integer(iterations)
31 digest = String.to_existing_atom(digest)
34 KeyGenerator.generate(password, salt, digest: digest, iterations: iterations, length: 64)
36 encode64(binary_hash) == hash
39 def hash_pwd_salt(password, opts \\ []) do
41 Keyword.get_lazy(opts, :salt, fn ->
42 :crypto.strong_rand_bytes(16)
45 digest = Keyword.get(opts, :digest, :sha512)
48 Keyword.get(opts, :iterations, Pleroma.Config.get([:password, :iterations], 160_000))
51 KeyGenerator.generate(password, salt, digest: digest, iterations: iterations, length: 64)
53 "$pbkdf2-#{digest}$#{iterations}$#{encode64(salt)}$#{encode64(binary_hash)}"