Skip to content
Browse files

Merge pull request #2 from rgeber/master

Added param option to password generation
  • Loading branch information...
2 parents 105893f + 5240ba4 commit 288043acff169e18df2a5adbd7f9734823150b70 @andris9 committed Jul 14, 2012
Showing with 32 additions and 20 deletions.
  1. +31 −19 pass.js
  2. +1 −1 test.js
View
50 pass.js
@@ -5,37 +5,44 @@ var crypto = require("crypto"),
* pass.generate(password, callback) -> undefined
* - password (String): password to be used as hash source
* - callback (Function): callback
- *
- * Generates an Apache htpasswd password (SHA1)
+ * - param (object): used for algorithm and digest parameter
+ *
+ * Generates an Apache htpasswd password
**/
-exports.generate = function(password, callback){
+exports.generate = function(password, callback, param){
+ if (!param) param = {};
var c;
+ var algorithm = param.algorithm ? param.algorithm : 'sha1';
+ var digest = param.digest ? param.digest : 'base64';
+
+ var hash_prefix = {sha1: '{SHA}', md5: '$apr1$'};
+
try{
- var c = crypto.createHash("sha1");
+ var c = crypto.createHash(algorithm);
c.update(password);
- c = c.digest("base64");
+ c = c.digest(digest);
}catch(E){
return callback && callback(E, null);
}
- callback && callback(null, "{SHA}"+c);
+ callback && callback(null, hash_prefix[algorithm] + c);
}
/**
* pass.validate(password, hash, callback) -> undefined
* - password (String): password to be validated
* - hash (String): password hash to be checked against
* - callback (Function): callback
- *
+ *
* Checks if an Apache htpasswd password matches with its hash.
**/
exports.validate = function(password, hash, callback){
-
+
callback = callback || function(){};
password = password || "";
hash = hash && hash.trim() || "";
-
+
var salt = "", parts;
-
+
//SHA - {SHA}VBPuJHI7uixaa6LQGWx4s+5GKNE= (myPassword)
if(hash.substr(0,5)=="{SHA}"){
hash = hash.substr(5);
@@ -58,7 +65,7 @@ exports.validate = function(password, hash, callback){
hash = hash.substr(2);
return validate_crypt(password, hash, salt, callback);
}
-
+
// PLAIN
return callback(null, password==hash);
}
@@ -69,27 +76,32 @@ exports.validate = function(password, hash, callback){
* - password (String): password to be validated
* - hash (String): password hash to be checked against
* - callback (Function): callback
- *
+ * - param (object): used to specify algorithm
+ *
* Validates a SHA1 password
**/
-function validate_sha(password, hash, callback){
+function validate_sha(password, hash, callback, param){
+ if (!param) param = {};
var c;
+ var algorithm = param.algorithm ? param.algorithm : 'sha1';
+ var digest = param.digest ? param.digest : 'base64';
+
try{
- c = crypto.createHash("sha1");
+ c = crypto.createHash(algorithm);
c.update(password);
- c = c.digest("base64");
+ c = c.digest(digest);
}catch(E){
return callback(E, null);
}
- callback(null, c==hash);
+ callback(null, c==hash);
}
/**
* validate_sha(password, hash, callback) -> undefined
* - password (String): password to be validated
* - hash (String): password hash to be checked against
* - callback (Function): callback
- *
+ *
* Validates an APR1/MD5 password
**/
function validate_md5(password, hash, salt, callback){
@@ -109,7 +121,7 @@ function validate_md5(password, hash, salt, callback){
* - password (String): password to be validated
* - hash (String): password hash to be checked against
* - callback (Function): callback
- *
+ *
* Validates a Linux crypt(3) password
**/
function validate_crypt(password, hash, salt, callback){
@@ -122,4 +134,4 @@ function validate_crypt(password, hash, salt, callback){
callback(null, stdout && stdout.trim()==salt+hash);
}
);
-}
+}
View
2 test.js
@@ -20,4 +20,4 @@ pass.validate("myPassword", "$apr1$r31.....$HqJZimcKQFAMYayBlzkrA/", response.bi
pass.validate("myPass", "$apr1$r31.....$HqJZimcKQFAMYayBlzkrA/", response.bind(this, "MD5 False", false));
pass.validate("myPassword", "rqXexS6ZhobKA", response.bind(this, "CRYPT True ", true));
-pass.validate("myPass", "rqXexS6ZhobKA", response.bind(this, "CRYPT False", false));
+pass.validate("myPass", "rqXexS6ZhobKA", response.bind(this, "CRYPT False", false));

0 comments on commit 288043a

Please sign in to comment.
Something went wrong with that request. Please try again.