Class: Authlogic::CryptoProviders::Wordpress

Inherits:

Object

• Object
• Authlogic::CryptoProviders::Wordpress

Defined in:

lib/authlogic/crypto_providers/wordpress.rb

Overview

Crypto provider to transition from wordpress user accounts. Written by Jeffry Degrande in 2009. First released in 2.1.3.

Problems:

• There are no tests.

• We can’t even figure out how to run this without it crashing.

• Presumably it implements some spec, but it doesn’t mention which.

• It is not documented anywhere.

• There is no PR associated with this, and no discussion about it could be found.

Constant Summary

ITOA64 =

"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz".freeze

Class Method Summary

• .encode_64(input, length) ⇒ Object
• .matches?(crypted, *tokens) ⇒ Boolean

Class Method Details

.encode_64(input, length) ⇒ Object

# File 'lib/authlogic/crypto_providers/wordpress.rb', line 47

def encode_64(input, length)
  output = ""
  i = 0
  while i < length
    value = input[i]
    i += 1
    break if value.nil?
    output += ITOA64[value & 0x3f, 1]
    value |= input[i] << 8 if i < length
    output += ITOA64[(value >> 6) & 0x3f, 1]

    i += 1
    break if i >= length
    value |= input[i] << 16 if i < length
    output += ITOA64[(value >> 12) & 0x3f, 1]

    i += 1
    break if i >= length
    output += ITOA64[(value >> 18) & 0x3f, 1]
  end
  output
end

.matches?(crypted, *tokens) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/authlogic/crypto_providers/wordpress.rb', line 37

def matches?(crypted, *tokens)
  stretches = 1 << ITOA64.index(crypted[3, 1])
  plain, salt = *tokens
  hashed = Digest::MD5.digest(salt + plain)
  stretches.times do
    hashed = Digest::MD5.digest(hashed + plain)
  end
  crypted[0, 12] + encode_64(hashed, 16) == crypted
end