riverrun / pbkdf2_elixir

Pbkdf2 password hashing for Elixir
Other
54 stars 12 forks source link

Support all hmac hash algorithms that are available in crypto #14

Closed smt116 closed 2 years ago

smt116 commented 3 years ago

It allows decrypting data with other algorithms than SHA256 and SHA512. For example, it can be used to decrypt messages from the Rails app that uses the SHA1 HMAC digest by default.

See https://erlang.org/doc/man/crypto.html#type-hmac_hash_algorithm

riverrun commented 2 years ago

Sorry for not responding earlier.

I am afraid I am not going to accept this PR. The reason is that we want to restrict the available algorithms to only the strongest, and that limits it, in my opinion, to sha512 and sha256.

If you want to handle messages using sha1 (from a Rails app, for example), then you can use the Plug.Crypto version of pbkdf2 to do that.