diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2014-09-03 11:03:27 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2014-09-03 11:03:27 +0200 |
| commit | 50b430ee7cadd6be1520d63acdac27bc06581e09 (patch) | |
| tree | c5ab65b1ac3e845bac58a452465f414584940758 /lib/private/security/crypto.php | |
| parent | 3329e0f2b22207a24ddb4953bbf11964b23682d9 (diff) | |
| download | nextcloud-server-50b430ee7cadd6be1520d63acdac27bc06581e09.tar.gz nextcloud-server-50b430ee7cadd6be1520d63acdac27bc06581e09.zip | |
Add char consts, hash the specified password for the HMAC
Diffstat (limited to 'lib/private/security/crypto.php')
| -rw-r--r-- | lib/private/security/crypto.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/private/security/crypto.php b/lib/private/security/crypto.php index 34f0d4e617d..6fdff8d92a2 100644 --- a/lib/private/security/crypto.php +++ b/lib/private/security/crypto.php @@ -52,6 +52,9 @@ class Crypto implements ICrypto { $password = $this->config->getSystemValue('secret'); } + // Append an "a" behind the password and hash it to prevent reusing the same password as for encryption + $password = hash('sha512', $password . 'a'); + $hash = new Crypt_Hash('sha512'); $hash->setKey($password); return $hash->hash($message); |