try generating salt manually

2026-05-13 09:24:43 +00:00 · 2024-06-06 00:27:43 +02:00
parent 3f4989223d
commit b5d0b0ad9a
1 changed files with 9 additions and 2 deletions
--- a/chatmaild/src/chatmaild/doveauth.py
+++ b/chatmaild/src/chatmaild/doveauth.py
@@ -23,8 +23,15 @@ class UnknownCommand(ValueError):

 def encrypt_password(password: str):
    # https://doc.dovecot.org/configuration_manual/authentication/password_schemes/
-    passhash = hashlib.sha512(password.encode('UTF-8')).hexdigest()
-    return "{SHA512-CRYPT}" + passhash
+    salt = os.urandom(16)
+    iterations = 100000
+    hash_obj = hashlib.pbkdf2_hmac('sha512', password.encode(), salt, iterations)
+    hash_hex = hash_obj.hex()
+    salt_hex = salt.hex()
+    combined_hash = f"${iterations}${salt_hex}${hash_hex}"
+    
+    return "{SHA512-CRYPT}" + combined_hash
+


 def is_allowed_to_create(config: Config, user, cleartext_password) -> bool: