UPDATE 2016-6-27: Issue was previously named "PIX/ASA Has Incomplete Algorithm". This was fixed in 1.7, with the addtion of the "cisco_asa" hash; but the test vectors need verifying on an ASA firewall, see below.
Imported from Google Code
PIX/ASA code, 7.0 and later increases the maximum password length to 32 characters. When Cisco implemented this change in length they also altered the algorithm. The following explains the alterations to the algorithm.
My testing shows that it actually is slightly different than described here, and is as follows.
Password Length - Action
1-12 Characters - Original PIX implementation
13-27 Characters - Original but Pad/Trim to 32 bytes instead of 16
28-32 Characters - Do not append username, Pad/Trim to 32 bytes
I have implemented this in my clone of the repository and successfully tested this against ASA code bases.