summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xclient.js4
-rwxr-xr-xserverstore.js4
2 files changed, 5 insertions, 3 deletions
diff --git a/client.js b/client.js
index ef1812e..32c244b 100755
--- a/client.js
+++ b/client.js
@@ -235,9 +235,11 @@ function registerUser(userid,password){
process.stdout.write("Username? ");
userid=kbd.getLineSync().replace(/[^a-zA-Z0-9_-]/g,"");
process.stdout.write("Password? ");
+var hasher=crypto.createHash("sha512");
kbd.setEcho(false);
-password=kbd.getLineSync();
+hasher.update(kbd.getLineSync());
kbd.setEcho(true);
+password=hasher.digest("hex");
console.log("\nChecking existence...");
userExists(userid,function(exists){
diff --git a/serverstore.js b/serverstore.js
index b2d7085..e7ffee6 100755
--- a/serverstore.js
+++ b/serverstore.js
@@ -16,7 +16,7 @@ var challenge=null;
function renewChallenge(){
var entropy=crypto.randomBytes(256);
- var hasher=crypto.createHash("sha256");
+ var hasher=crypto.createHash("sha512");
hasher.update(entropy);
challenge=hasher.digest("hex");
}
@@ -71,7 +71,7 @@ app.param("userid",function(req,res,next,userid){
});
app.param("authhash",function(req,res,next,authhash){
var s=challenge+req.ssuser[1];
- var hasher=crypto.createHash("sha256");
+ var hasher=crypto.createHash("sha512");
hasher.update(s);
var hashres=hasher.digest("hex");
if(hashres!=authhash){
generated by cgit v1.2.3-70-g09d2 (git 2.47.0) at 2024-11-23 11:38:47 +0100