… | |
… | |
16 | |
16 | |
17 | package Deliantra::Util; |
17 | package Deliantra::Util; |
18 | |
18 | |
19 | use common::sense; |
19 | use common::sense; |
20 | |
20 | |
21 | use Digest::SHA; |
|
|
22 | use Digest::SHA3; |
21 | use Digest::SHA3; |
23 | |
22 | |
24 | =item Deliantra::Util::hash_pw $cleartext |
23 | =item Deliantra::Util::hash_pw $cleartext |
25 | |
24 | |
26 | Hashes a cleartext password into the binary password used in the protocol. |
25 | Hashes a cleartext password into the binary password used in the protocol. |
… | |
… | |
28 | =cut |
27 | =cut |
29 | |
28 | |
30 | sub hash_pw($) { |
29 | sub hash_pw($) { |
31 | # we primarily want to protect the password itself, and |
30 | # we primarily want to protect the password itself, and |
32 | # secondarily want to protect us against pre-image attacks. |
31 | # secondarily want to protect us against pre-image attacks. |
33 | # we trust nist, but not a single hash function, so we |
32 | # we don't want to overdo it, to keep implementation simple. |
34 | # use both sha and sha3 |
|
|
35 | |
33 | |
36 | my $pw = shift; |
34 | my $pw = shift; |
37 | |
35 | |
38 | for (0..20) { |
36 | for (0..10) { |
|
|
37 | $pw = "deliantrakdf$pw" x 32; |
39 | $pw = Digest::SHA3::sha3_512 $pw; |
38 | $pw = Digest::SHA3::sha3_512 $pw; |
40 | $pw = "deliantrakdf$pw" x 32; |
|
|
41 | $pw = Digest::SHA::sha512 $pw; |
|
|
42 | } |
39 | } |
43 | |
40 | |
44 | $pw |
41 | $pw |
45 | } |
42 | } |
46 | |
43 | |