Index: openacs-4/packages/acs-kernel/acs-kernel.info
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-kernel/acs-kernel.info,v
diff -u -r1.150.2.36 -r1.150.2.37
--- openacs-4/packages/acs-kernel/acs-kernel.info 1 Oct 2021 07:30:10 -0000 1.150.2.36
+++ openacs-4/packages/acs-kernel/acs-kernel.info 3 Oct 2021 18:13:39 -0000 1.150.2.37
@@ -9,15 +9,15 @@
f
t
-
+
OpenACS Core Team
Routines and data models providing the foundation for OpenACS-based Web services.
2021-09-15
OpenACS
The OpenACS kernel contains the core datamodel create and drop scripts for such things as objects, groups, parties and the supporting PL/SQL and PL/pgSQL procedures.
3
-
+
@@ -85,7 +85,7 @@
-
+
Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v
diff -u -r1.126.2.55 -r1.126.2.56
--- openacs-4/packages/acs-tcl/tcl/security-procs.tcl 1 Oct 2021 07:30:07 -0000 1.126.2.55
+++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl 3 Oct 2021 18:13:38 -0000 1.126.2.56
@@ -681,7 +681,7 @@
hash length. We use 15K iterations for PBKDF2 as
recommended in RFC 7677.
- @return hex encoded password hash
+ @return hex encoded password hash (64 bytes)
} {
return [::ns_crypto::pbkdf2_hmac \
-digest sha256 \
@@ -690,6 +690,19 @@
-salt $salt]
}
}
+
+ if {[::acs::icanuse "ns_crypto::scrypt"]} {
+ ad_proc -private scrypt-16384-8-1 {password salt} {
+
+ Compute a "password hash" using the scrypt password based
+ key derivation function (RFC 7914)
+
+ @return hex encoded password hash (128 bytes)
+ } {
+ return [::ns_crypto::scrypt -secret $password -salt $salt -n 16384 -r 8 -p 1]
+ }
+ }
+
}
ad_proc -public ad_check_password {