[GitHub] [couchdb] iilyak commented on a change in pull request #3568: Reformat src files with erlfmt

GitBox Wed, 19 May 2021 06:26:18 -0700


iilyak commented on a change in pull request #3568:
URL: https://github.com/apache/couchdb/pull/3568#discussion_r635235468




##########
File path: src/couch/src/couch_passwords.erl
##########
@@ -40,98 +40,144 @@ hash_admin_password(ClearPassword) when 
is_binary(ClearPassword) ->
     Scheme = config:get("couch_httpd_auth", "password_scheme", "pbkdf2"),
     hash_admin_password(Scheme, ClearPassword).
 
-hash_admin_password("simple", ClearPassword) -> % deprecated
+% deprecated
+hash_admin_password("simple", ClearPassword) ->
     Salt = couch_uuids:random(),
     Hash = crypto:hash(sha, <<ClearPassword/binary, Salt/binary>>),
     ?l2b("-hashed-" ++ couch_util:to_hex(Hash) ++ "," ++ ?b2l(Salt));
 hash_admin_password("pbkdf2", ClearPassword) ->
     Iterations = config:get("couch_httpd_auth", "iterations", "10000"),
     Salt = couch_uuids:random(),
-    DerivedKey = couch_passwords:pbkdf2(couch_util:to_binary(ClearPassword),
-                                        Salt ,list_to_integer(Iterations)),
-    ?l2b("-pbkdf2-" ++ ?b2l(DerivedKey) ++ ","
-        ++ ?b2l(Salt) ++ ","
-        ++ Iterations).
+    DerivedKey = couch_passwords:pbkdf2(
+        couch_util:to_binary(ClearPassword),
+        Salt,
+        list_to_integer(Iterations)
+    ),
+    ?l2b(
+        "-pbkdf2-" ++ ?b2l(DerivedKey) ++ "," ++
+            ?b2l(Salt) ++ "," ++
+            Iterations
+    ).
 
 -spec get_unhashed_admins() -> list().
 get_unhashed_admins() ->
     lists:filter(
-        fun({_User, "-hashed-" ++ _}) ->
-            false; % already hashed
-        ({_User, "-pbkdf2-" ++ _}) ->
-            false; % already hashed
-        ({_User, _ClearPassword}) ->
-            true
+        fun
+            ({_User, "-hashed-" ++ _}) ->
+                % already hashed
+                false;
+            ({_User, "-pbkdf2-" ++ _}) ->
+                % already hashed
+                false;
+            ({_User, _ClearPassword}) ->
+                true
         end,
-    config:get("admins")).
+        config:get("admins")
+    ).
 
 %% Current scheme, much stronger.
 -spec pbkdf2(binary(), binary(), integer()) -> binary().
-pbkdf2(Password, Salt, Iterations) when is_binary(Password),
-                                        is_binary(Salt),
-                                        is_integer(Iterations),
-                                        Iterations > 0 ->
+pbkdf2(Password, Salt, Iterations) when
+    is_binary(Password),
+    is_binary(Salt),
+    is_integer(Iterations),
+    Iterations > 0
+->
     {ok, Result} = pbkdf2(Password, Salt, Iterations, ?SHA1_OUTPUT_LENGTH),
     Result;
-pbkdf2(Password, Salt, Iterations) when is_binary(Salt),
-                                        is_integer(Iterations),
-                                        Iterations > 0 ->
+pbkdf2(Password, Salt, Iterations) when
+    is_binary(Salt),
+    is_integer(Iterations),
+    Iterations > 0
+->
     Msg = io_lib:format("Password value of '~p' is invalid.", [Password]),
     throw({forbidden, Msg});
-pbkdf2(Password, Salt, Iterations) when is_binary(Password),
-                                        is_integer(Iterations),
-                                        Iterations > 0 ->
+pbkdf2(Password, Salt, Iterations) when
+    is_binary(Password),
+    is_integer(Iterations),
+    Iterations > 0
+->
     Msg = io_lib:format("Salt value of '~p' is invalid.", [Salt]),
     throw({forbidden, Msg}).
 
--spec pbkdf2(binary(), binary(), integer(), integer())
-    -> {ok, binary()} | {error, derived_key_too_long}.
-pbkdf2(_Password, _Salt, _Iterations, DerivedLength)
-    when DerivedLength > ?MAX_DERIVED_KEY_LENGTH ->
+-spec pbkdf2(binary(), binary(), integer(), integer()) ->
+    {ok, binary()} | {error, derived_key_too_long}.
+pbkdf2(_Password, _Salt, _Iterations, DerivedLength) when
+    DerivedLength > ?MAX_DERIVED_KEY_LENGTH
+->
     {error, derived_key_too_long};
-pbkdf2(Password, Salt, Iterations, DerivedLength) when is_binary(Password),
-                                                       is_binary(Salt),
-                                                       is_integer(Iterations),
-                                                       Iterations > 0,
-                                                       
is_integer(DerivedLength) ->
+pbkdf2(Password, Salt, Iterations, DerivedLength) when
+    is_binary(Password),
+    is_binary(Salt),
+    is_integer(Iterations),
+    Iterations > 0,
+    is_integer(DerivedLength)
+->
     L = ceiling(DerivedLength / ?SHA1_OUTPUT_LENGTH),
-    <<Bin:DerivedLength/binary,_/binary>> =
+    <<Bin:DerivedLength/binary, _/binary>> =
         iolist_to_binary(pbkdf2(Password, Salt, Iterations, L, 1, [])),
     {ok, ?l2b(couch_util:to_hex(Bin))}.
 
--spec pbkdf2(binary(), binary(), integer(), integer(), integer(), iolist())
-    -> iolist().
-pbkdf2(_Password, _Salt, _Iterations, BlockCount, BlockIndex, Acc)
-    when BlockIndex > BlockCount ->
+-spec pbkdf2(binary(), binary(), integer(), integer(), integer(), iolist()) ->
+    iolist().
+pbkdf2(_Password, _Salt, _Iterations, BlockCount, BlockIndex, Acc) when
+    BlockIndex > BlockCount
+->
     lists:reverse(Acc);
 pbkdf2(Password, Salt, Iterations, BlockCount, BlockIndex, Acc) ->
     Block = pbkdf2(Password, Salt, Iterations, BlockIndex, 1, <<>>, <<>>),
-    pbkdf2(Password, Salt, Iterations, BlockCount, BlockIndex + 1, 
[Block|Acc]).
+    pbkdf2(Password, Salt, Iterations, BlockCount, BlockIndex + 1, [Block | 
Acc]).
 
--spec pbkdf2(binary(), binary(), integer(), integer(), integer(),
-    binary(), binary()) -> binary().
-pbkdf2(_Password, _Salt, Iterations, _BlockIndex, Iteration, _Prev, Acc)
-    when Iteration > Iterations ->
+-spec pbkdf2(
+    binary(),
+    binary(),
+    integer(),
+    integer(),
+    integer(),
+    binary(),
+    binary()
+) -> binary().
+pbkdf2(_Password, _Salt, Iterations, _BlockIndex, Iteration, _Prev, Acc) when
+    Iteration > Iterations
+->
     Acc;
 pbkdf2(Password, Salt, Iterations, BlockIndex, 1, _Prev, _Acc) ->
-    InitialBlock = couch_util:hmac(sha, Password,
-        <<Salt/binary,BlockIndex:32/integer>>),
-    pbkdf2(Password, Salt, Iterations, BlockIndex, 2,
-        InitialBlock, InitialBlock);
+    InitialBlock = couch_util:hmac(
+        sha,
+        Password,
+        <<Salt/binary, BlockIndex:32/integer>>
+    ),
+    pbkdf2(
+        Password,
+        Salt,
+        Iterations,
+        BlockIndex,
+        2,
+        InitialBlock,
+        InitialBlock
+    );
 pbkdf2(Password, Salt, Iterations, BlockIndex, Iteration, Prev, Acc) ->
     Next = couch_util:hmac(sha, Password, Prev),
-    pbkdf2(Password, Salt, Iterations, BlockIndex, Iteration + 1,
-                   Next, crypto:exor(Next, Acc)).
+    pbkdf2(
+        Password,
+        Salt,
+        Iterations,
+        BlockIndex,
+        Iteration + 1,
+        Next,
+        crypto:exor(Next, Acc)
+    ).
 
 %% verify two lists for equality without short-circuits to avoid timing 
attacks.
 -spec verify(string(), string(), integer()) -> boolean().
-verify([X|RestX], [Y|RestY], Result) ->
+verify([X | RestX], [Y | RestY], Result) ->
     verify(RestX, RestY, (X bxor Y) bor Result);
 verify([], [], Result) ->
     Result == 0.
 
--spec verify(binary(), binary()) -> boolean();
-            (list(), list()) -> boolean().
+-spec verify

Review comment:
       +1




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

[GitHub] [couchdb] iilyak commented on a change in pull request #3568: Reformat src files with erlfmt

Reply via email to