return result;
}
-String PBKDF2_SHA512(const String& password, const String& salt, int iterations)
+String PBKDF2_SHA1(const String& password, const String& salt, int iterations)
{
- unsigned char digest[SHA512_DIGEST_LENGTH];
- PKCS5_PBKDF2_HMAC(password.CStr(), password.GetLength(), reinterpret_cast<const unsigned char *>(salt.CStr()), salt.GetLength(),
- iterations, EVP_sha512(), sizeof(digest), digest);
+ unsigned char digest[SHA_DIGEST_LENGTH];
+ PKCS5_PBKDF2_HMAC_SHA1(password.CStr(), password.GetLength(), reinterpret_cast<const unsigned char *>(salt.CStr()), salt.GetLength(),
+ iterations, sizeof(digest), digest);
- char output[SHA512_DIGEST_LENGTH*2+1];
- for (int i = 0; i < 32; i++)
+ char output[SHA_DIGEST_LENGTH*2+1];
+ for (int i = 0; i < SHA_DIGEST_LENGTH; i++)
sprintf(output + 2 * i, "%02x", digest[i]);
return output;
#include <openssl/comp.h>
#include <openssl/sha.h>
#include <openssl/x509v3.h>
+#include <openssl/evp.h>
namespace icinga
{
String I2_BASE_API GetIcingaCADir(void);
String I2_BASE_API CertificateToString(const shared_ptr<X509>& cert);
shared_ptr<X509> I2_BASE_API CreateCertIcingaCA(EVP_PKEY *pubkey, X509_NAME *subject);
-String I2_BASE_API PBKDF2_SHA512(const String& password, const String& salt, int iterations);
+String I2_BASE_API PBKDF2_SHA1(const String& password, const String& salt, int iterations);
String I2_BASE_API SHA256(const String& s);
class I2_BASE_API openssl_error : virtual public std::exception, virtual public boost::exception { };
return 1;
}
- std::cout << PBKDF2_SHA512(vm["cn"].as<std::string>(), vm["salt"].as<std::string>(), 50000) << std::endl;
+ std::cout << PBKDF2_SHA1(vm["cn"].as<std::string>(), vm["salt"].as<std::string>(), 50000) << std::endl;
return 0;
}
}
String ticket = params->Get("ticket");
- String realTicket = PBKDF2_SHA512(origin.FromClient->GetIdentity(), salt, 50000);
+ String realTicket = PBKDF2_SHA1(origin.FromClient->GetIdentity(), salt, 50000);
if (ticket != realTicket) {
result->Set("error", "Invalid ticket.");