Password: Replace Pbkdf2 with Password.

diff --git a/benchmarks/load_testing/users.ex b/benchmarks/load_testing/users.ex
index 34a904ac2475f8ca369b65441e7b7e6e1f8849d9..1815490a4a3ca5f3a11f43fc9ebbddab193d7c7e 100644 (file)
--- a/benchmarks/load_testing/users.ex
+++ b/benchmarks/load_testing/users.ex
@@ -55,7 +55,7 @@ defmodule Pleroma.LoadTesting.Users do
       name: "Test テスト User #{i}",
       email: "user#{i}@example.com",
       nickname: "nick#{i}",
-      password_hash: Pbkdf2.hash_pwd_salt("test"),
+      password_hash: Pleroma.Password.hash_pwd_salt("test"),
       bio: "Tester Number #{i}",
       local: !remote
     }

diff --git a/lib/pleroma/mfa.ex b/lib/pleroma/mfa.ex
index f43e03a54dcae758f3ba6d975fdcde999197bd8d..29488c876c224317dc4fd7514039e46399de60cc 100644 (file)
--- a/lib/pleroma/mfa.ex
+++ b/lib/pleroma/mfa.ex
@@ -71,7 +71,7 @@ defmodule Pleroma.MFA do
   @spec generate_backup_codes(User.t()) :: {:ok, list(binary)} | {:error, String.t()}
   def generate_backup_codes(%User{} = user) do
     with codes <- BackupCodes.generate(),
-         hashed_codes <- Enum.map(codes, &Pbkdf2.hash_pwd_salt/1),
+         hashed_codes <- Enum.map(codes, &Pleroma.Password.hash_pwd_salt/1),
          changeset <- Changeset.cast_backup_codes(user, hashed_codes),
          {:ok, _} <- User.update_and_set_cache(changeset) do
       {:ok, codes}

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index cd0c64acc48df9e029f103ea08cef8fce95e29b5..04e6ffd51cec789d47923a68637ed54b810464bb 100644 (file)
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -2187,7 +2187,7 @@ defmodule Pleroma.User do
   defp put_password_hash(
          %Ecto.Changeset{valid?: true, changes: %{password: password}} = changeset
        ) do
-    change(changeset, password_hash: Pbkdf2.hash_pwd_salt(password))
+    change(changeset, password_hash: Pleroma.Password.hash_pwd_salt(password))
   end
 
   defp put_password_hash(changeset), do: changeset

diff --git a/lib/pleroma/web/plugs/authentication_plug.ex b/lib/pleroma/web/plugs/authentication_plug.ex
index c3e13858aaf46013ffa844f7313762cadc0310b2..f7a2a3ab7f39a8bd9c908976e5502b27c7b6e14d 100644 (file)
--- a/lib/pleroma/web/plugs/authentication_plug.ex
+++ b/lib/pleroma/web/plugs/authentication_plug.ex
@@ -48,7 +48,7 @@ defmodule Pleroma.Web.Plugs.AuthenticationPlug do
   end
 
   def checkpw(password, "$pbkdf2" <> _ = password_hash) do
-    Pbkdf2.verify_pass(password, password_hash)
+    Pleroma.Password.verify_pass(password, password_hash)
   end
 
   def checkpw(_password, _password_hash) do

diff --git a/mix.exs b/mix.exs
index f26a5391aa48ae35ddbbbfcd8aff3b344a36be6b..14448f12f9511361e1894587965340025cace090 100644 (file)
--- a/mix.exs
+++ b/mix.exs
@@ -125,7 +125,6 @@ defmodule Pleroma.Mixfile do
       {:postgrex, ">= 0.15.5"},
       {:oban, "~> 2.1.0"},
       {:gettext, "~> 0.18"},
-      {:pbkdf2_elixir, "~> 1.2"},
       {:bcrypt_elixir, "~> 2.2"},
       {:trailing_format_plug, "~> 0.0.7"},
       {:fast_sanitize, "~> 0.2.0"},

diff --git a/test/pleroma/mfa_test.exs b/test/pleroma/mfa_test.exs
index 29e47889293b6ee446662223035c5f57eaef45fd..db68fc1caa9530f2666cc8ba88e05ebeadabed14 100644 (file)
--- a/test/pleroma/mfa_test.exs
+++ b/test/pleroma/mfa_test.exs
@@ -30,8 +30,8 @@ defmodule Pleroma.MFATest do
       {:ok, [code1, code2]} = MFA.generate_backup_codes(user)
       updated_user = refresh_record(user)
       [hash1, hash2] = updated_user.multi_factor_authentication_settings.backup_codes
-      assert Pbkdf2.verify_pass(code1, hash1)
-      assert Pbkdf2.verify_pass(code2, hash2)
+      assert Pleroma.Password.verify_pass(code1, hash1)
+      assert Pleroma.Password.verify_pass(code2, hash2)
     end
   end
 

diff --git a/test/pleroma/web/auth/basic_auth_test.exs b/test/pleroma/web/auth/basic_auth_test.exs
index f732c7e270155153549b0ee20ac8a4ac955e8769..b74516dd647539581b24f0d0237f0a7592057b8f 100644 (file)
--- a/test/pleroma/web/auth/basic_auth_test.exs
+++ b/test/pleroma/web/auth/basic_auth_test.exs
@@ -11,7 +11,7 @@ defmodule Pleroma.Web.Auth.BasicAuthTest do
     conn: conn
   } do
     user = insert(:user)
-    assert Pbkdf2.verify_pass("test", user.password_hash)
+    assert Pleroma.Password.verify_pass("test", user.password_hash)
 
     basic_auth_contents =
       (URI.encode_www_form(user.nickname) <> ":" <> URI.encode_www_form("test"))

diff --git a/test/pleroma/web/auth/pleroma_authenticator_test.exs b/test/pleroma/web/auth/pleroma_authenticator_test.exs
index 477cf26ed3c0090d497622779cdca5c7cae61d3a..ec63e2d41fba51732b35a420f33db3bdfc73492f 100644 (file)
--- a/test/pleroma/web/auth/pleroma_authenticator_test.exs
+++ b/test/pleroma/web/auth/pleroma_authenticator_test.exs
@@ -11,7 +11,7 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticatorTest do
   setup do
     password = "testpassword"
     name = "AgentSmith"
-    user = insert(:user, nickname: name, password_hash: Pbkdf2.hash_pwd_salt(password))
+    user = insert(:user, nickname: name, password_hash: Pleroma.Password.hash_pwd_salt(password))
     {:ok, [user: user, name: name, password: password]}
   end
 

diff --git a/test/pleroma/web/auth/totp_authenticator_test.exs b/test/pleroma/web/auth/totp_authenticator_test.exs
index 583612454888196007468cdefc043edb3dda0e7d..6d2646b617d1c10c3fba38d074e98e5af2e437a0 100644 (file)
--- a/test/pleroma/web/auth/totp_authenticator_test.exs
+++ b/test/pleroma/web/auth/totp_authenticator_test.exs
@@ -34,7 +34,7 @@ defmodule Pleroma.Web.Auth.TOTPAuthenticatorTest do
 
     hashed_codes =
       backup_codes
-      |> Enum.map(&Pbkdf2.hash_pwd_salt(&1))
+      |> Enum.map(&Pleroma.Password.hash_pwd_salt(&1))
 
     user =
       insert(:user,

diff --git a/test/pleroma/web/mongoose_im_controller_test.exs b/test/pleroma/web/mongoose_im_controller_test.exs
index 031db53c8b7170e9d3cc3d9df39a8ae452ce278f..183a17a02c452a4e2c9db4eb954a049192f11448 100644 (file)
--- a/test/pleroma/web/mongoose_im_controller_test.exs
+++ b/test/pleroma/web/mongoose_im_controller_test.exs
@@ -41,13 +41,13 @@ defmodule Pleroma.Web.MongooseIMControllerTest do
   end
 
   test "/check_password", %{conn: conn} do
-    user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt("cool"))
+    user = insert(:user, password_hash: Pleroma.Password.hash_pwd_salt("cool"))
 
     _deactivated_user =
       insert(:user,
         nickname: "konata",
         deactivated: true,
-        password_hash: Pbkdf2.hash_pwd_salt("cool")
+        password_hash: Pleroma.Password.hash_pwd_salt("cool")
       )
 
     res =

diff --git a/test/pleroma/web/o_auth/ldap_authorization_test.exs b/test/pleroma/web/o_auth/ldap_authorization_test.exs
index 4a2e940fd3c2bc6c28a91285c1f0c3b5e6580939..9ebd084a5bbd6b721d8a1f9312b9b3315e69493a 100644 (file)
--- a/test/pleroma/web/o_auth/ldap_authorization_test.exs
+++ b/test/pleroma/web/o_auth/ldap_authorization_test.exs
@@ -18,7 +18,7 @@ defmodule Pleroma.Web.OAuth.LDAPAuthorizationTest do
   @tag @skip
   test "authorizes the existing user using LDAP credentials" do
     password = "testpassword"
-    user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt(password))
+    user = insert(:user, password_hash: Pleroma.Password.hash_pwd_salt(password))
     app = insert(:oauth_app, scopes: ["read", "write"])
 
     host = Pleroma.Config.get([:ldap, :host]) |> to_charlist
@@ -101,7 +101,7 @@ defmodule Pleroma.Web.OAuth.LDAPAuthorizationTest do
   @tag @skip
   test "disallow authorization for wrong LDAP credentials" do
     password = "testpassword"
-    user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt(password))
+    user = insert(:user, password_hash: Pleroma.Password.hash_pwd_salt(password))
     app = insert(:oauth_app, scopes: ["read", "write"])
 
     host = Pleroma.Config.get([:ldap, :host]) |> to_charlist

diff --git a/test/pleroma/web/o_auth/mfa_controller_test.exs b/test/pleroma/web/o_auth/mfa_controller_test.exs
index 9fc1e0ec2f40ac721b3a1a798eeaf0b2187bbb29..dacf03b2bdb9d3277a2651ec72dbb16802f65516 100644 (file)
--- a/test/pleroma/web/o_auth/mfa_controller_test.exs
+++ b/test/pleroma/web/o_auth/mfa_controller_test.exs
@@ -20,7 +20,7 @@ defmodule Pleroma.Web.OAuth.MFAControllerTest do
       insert(:user,
         multi_factor_authentication_settings: %MFA.Settings{
           enabled: true,
-          backup_codes: [Pbkdf2.hash_pwd_salt("test-code")],
+          backup_codes: [Pleroma.Password.hash_pwd_salt("test-code")],
           totp: %MFA.Settings.TOTP{secret: otp_secret, confirmed: true}
         }
       )
@@ -246,7 +246,7 @@ defmodule Pleroma.Web.OAuth.MFAControllerTest do
 
       hashed_codes =
         backup_codes
-        |> Enum.map(&Pbkdf2.hash_pwd_salt(&1))
+        |> Enum.map(&Pleroma.Password.hash_pwd_salt(&1))
 
       user =
         insert(:user,

diff --git a/test/pleroma/web/o_auth/o_auth_controller_test.exs b/test/pleroma/web/o_auth/o_auth_controller_test.exs
index f01fdf660439c6167227bb86e33d10458f173cc5..1c5438cc297d5a7d28ce37b92392842490e49725 100644 (file)
--- a/test/pleroma/web/o_auth/o_auth_controller_test.exs
+++ b/test/pleroma/web/o_auth/o_auth_controller_test.exs
@@ -316,7 +316,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
            app: app,
            conn: conn
          } do
-      user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt("testpassword"))
+      user = insert(:user, password_hash: Pleroma.Password.hash_pwd_salt("testpassword"))
       registration = insert(:registration, user: nil)
       redirect_uri = OAuthController.default_redirect_uri(app)
 
@@ -347,7 +347,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
            app: app,
            conn: conn
          } do
-      user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt("testpassword"))
+      user = insert(:user, password_hash: Pleroma.Password.hash_pwd_salt("testpassword"))
       registration = insert(:registration, user: nil)
       unlisted_redirect_uri = "http://cross-site-request.com"
 
@@ -790,7 +790,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
 
     test "issues a token for `password` grant_type with valid credentials, with full permissions by default" do
       password = "testpassword"
-      user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt(password))
+      user = insert(:user, password_hash: Pleroma.Password.hash_pwd_salt(password))
 
       app = insert(:oauth_app, scopes: ["read", "write"])
 
@@ -818,7 +818,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
 
       user =
         insert(:user,
-          password_hash: Pbkdf2.hash_pwd_salt(password),
+          password_hash: Pleroma.Password.hash_pwd_salt(password),
           multi_factor_authentication_settings: %MFA.Settings{
             enabled: true,
             totp: %MFA.Settings.TOTP{secret: otp_secret, confirmed: true}
@@ -927,7 +927,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
       password = "testpassword"
 
       {:ok, user} =
-        insert(:user, password_hash: Pbkdf2.hash_pwd_salt(password))
+        insert(:user, password_hash: Pleroma.Password.hash_pwd_salt(password))
         |> User.confirmation_changeset(need_confirmation: true)
         |> User.update_and_set_cache()
 
@@ -955,7 +955,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
 
       user =
         insert(:user,
-          password_hash: Pbkdf2.hash_pwd_salt(password),
+          password_hash: Pleroma.Password.hash_pwd_salt(password),
           deactivated: true
         )
 
@@ -983,7 +983,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
 
       user =
         insert(:user,
-          password_hash: Pbkdf2.hash_pwd_salt(password),
+          password_hash: Pleroma.Password.hash_pwd_salt(password),
           password_reset_pending: true
         )
 
@@ -1012,7 +1012,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
 
       user =
         insert(:user,
-          password_hash: Pbkdf2.hash_pwd_salt(password),
+          password_hash: Pleroma.Password.hash_pwd_salt(password),
           confirmation_pending: true
         )
 
@@ -1038,7 +1038,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
     test "rejects token exchange for valid credentials belonging to an unapproved user" do
       password = "testpassword"
 
-      user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt(password), approval_pending: true)
+      user = insert(:user, password_hash: Pleroma.Password.hash_pwd_salt(password), approval_pending: true)
 
       refute Pleroma.User.account_status(user) == :active
 

diff --git a/test/pleroma/web/plugs/authentication_plug_test.exs b/test/pleroma/web/plugs/authentication_plug_test.exs
index 9d66681ce1609996b1928931edfc31b132e37d87..4a0ff671099f44210a9ae83bf52d5588cddcfcd7 100644 (file)
--- a/test/pleroma/web/plugs/authentication_plug_test.exs
+++ b/test/pleroma/web/plugs/authentication_plug_test.exs
@@ -17,7 +17,7 @@ defmodule Pleroma.Web.Plugs.AuthenticationPlugTest do
     user = %User{
       id: 1,
       name: "dude",
-      password_hash: Pbkdf2.hash_pwd_salt("guy")
+      password_hash: Pleroma.Password.hash_pwd_salt("guy")
     }
 
     conn =

diff --git a/test/pleroma/web/twitter_api/password_controller_test.exs b/test/pleroma/web/twitter_api/password_controller_test.exs
index a552af4c3651c4554e38feed062aac7b55ce6ea1..880f097cb7ec23c4b13f8619bb345bcd1991b1dc 100644 (file)
--- a/test/pleroma/web/twitter_api/password_controller_test.exs
+++ b/test/pleroma/web/twitter_api/password_controller_test.exs
@@ -92,7 +92,7 @@ defmodule Pleroma.Web.TwitterAPI.PasswordControllerTest do
       assert response =~ "<h2>Password changed!</h2>"
 
       user = refresh_record(user)
-      assert Pbkdf2.verify_pass("test", user.password_hash)
+      assert Pleroma.Password.verify_pass("test", user.password_hash)
       assert Enum.empty?(Token.get_user_tokens(user))
     end
 

diff --git a/test/pleroma/web/twitter_api/util_controller_test.exs b/test/pleroma/web/twitter_api/util_controller_test.exs
index 882122848eb2b988aba6d16ea6c8eaf7d6987273..923be8fae9e98e4bb934c625d0d7935123bc11d0 100644 (file)
--- a/test/pleroma/web/twitter_api/util_controller_test.exs
+++ b/test/pleroma/web/twitter_api/util_controller_test.exs
@@ -397,7 +397,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
 
       assert json_response(conn, 200) == %{"status" => "success"}
       fetched_user = User.get_cached_by_id(user.id)
-      assert Pbkdf2.verify_pass("newpass", fetched_user.password_hash) == true
+      assert Pleroma.Password.verify_pass("newpass", fetched_user.password_hash) == true
     end
   end
 

diff --git a/test/support/builders/user_builder.ex b/test/support/builders/user_builder.ex
index 0c687c02944b93fd9c6641eda2ba0dc23fc4db01..27470498df2e1637faa8d020583edd7887a4fb69 100644 (file)
--- a/test/support/builders/user_builder.ex
+++ b/test/support/builders/user_builder.ex
@@ -7,7 +7,7 @@ defmodule Pleroma.Builders.UserBuilder do
       email: "test@example.org",
       name: "Test Name",
       nickname: "testname",
-      password_hash: Pbkdf2.hash_pwd_salt("test"),
+      password_hash: Pleroma.Password.hash_pwd_salt("test"),
       bio: "A tester.",
       ap_id: "some id",
       last_digest_emailed_at: NaiveDateTime.truncate(NaiveDateTime.utc_now(), :second),

diff --git a/test/support/factory.ex b/test/support/factory.ex
index bf7121901784420142a3e87312921827f7bb78eb..53b1dfd09a04a70a8cf1047432adec3956822bb1 100644 (file)
--- a/test/support/factory.ex
+++ b/test/support/factory.ex
@@ -29,7 +29,7 @@ defmodule Pleroma.Factory do
       name: sequence(:name, &"Test テスト User #{&1}"),
       email: sequence(:email, &"user#{&1}@example.com"),
       nickname: sequence(:nickname, &"nick#{&1}"),
-      password_hash: Pbkdf2.hash_pwd_salt("test"),
+      password_hash: Pleroma.Password.hash_pwd_salt("test"),
       bio: sequence(:bio, &"Tester Number #{&1}"),
       is_discoverable: true,
       last_digest_emailed_at: NaiveDateTime.utc_now(),