Module: ActiveLdap::UserPassword

Defined in:: lib/active_ldap/user_password.rb

Defined Under Namespace

Modules: Salt

Class Method Summary collapse

Class Method Details

.crypt(password, salt = nil) ⇒ `Object`

# File 'lib/active_ldap/user_password.rb', line 32

def crypt(password, salt=nil)
  salt ||= "$1$#{Salt.generate(8)}"
  "{CRYPT}#{password.crypt(salt)}"
end

.extract_salt_for_crypt(crypted_password) ⇒ `Object`

# File 'lib/active_ldap/user_password.rb', line 37

def extract_salt_for_crypt(crypted_password)
  if /^\$1\$/ =~ crypted_password
    $MATCH + $POSTMATCH[0, 8].sub(/\$.*/, '') + "$"
  else
    crypted_password[0, 2]
  end
end

.extract_salt_for_smd5(smd5ed_password) ⇒ `Object`



58
59
60

# File 'lib/active_ldap/user_password.rb', line 58

def extract_salt_for_smd5(smd5ed_password)
  Base64.decode64(smd5ed_password)[-4, 4]
end

.extract_salt_for_ssha(sshaed_password) ⇒ `Object`



75
76
77

# File 'lib/active_ldap/user_password.rb', line 75

def extract_salt_for_ssha(sshaed_password)
  extract_salt_for_smd5(sshaed_password)
end

.md5(password) ⇒ `Object`



45
46
47

# File 'lib/active_ldap/user_password.rb', line 45

def md5(password)
  "{MD5}#{Base64.encode64(MD5.md5(password).digest).chomp}"
end

.sha(password) ⇒ `Object`



62
63
64

# File 'lib/active_ldap/user_password.rb', line 62

def sha(password)
  "{SHA}#{Base64.encode64(SHA1.sha1(password).digest).chomp}"
end

.smd5(password, salt = nil) ⇒ `Object`

# File 'lib/active_ldap/user_password.rb', line 49

def smd5(password, salt=nil)
  if salt and salt.size != 4
    raise ArgumentError.new("salt size must be == 4")
  end
  salt ||= Salt.generate(4)
  md5_hash_with_salt = "#{MD5.md5(password + salt).digest}#{salt}"
  "{SMD5}#{Base64.encode64(md5_hash_with_salt).chomp}"
end

.ssha(password, salt = nil) ⇒ `Object`

# File 'lib/active_ldap/user_password.rb', line 66

def ssha(password, salt=nil)
  if salt and salt.size != 4
    raise ArgumentError.new("salt size must be == 4")
  end
  salt ||= Salt.generate(4)
  sha1_hash_with_salt = "#{SHA1.sha1(password + salt).digest}#{salt}"
  "{SSHA}#{Base64.encode64(sha1_hash_with_salt).chomp}"
end

.valid?(password, hashed_password) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/active_ldap/user_password.rb', line 9

def valid?(password, hashed_password)
  unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password
    raise ArgumentError, "Invalid hashed password"
  end
  type = $1
  hashed_password_without_type = $POSTMATCH
  normalized_type = type.downcase
  unless respond_to?(normalized_type)
    raise ArgumentError, "Unknown Hash type #{type}"
  end
  salt_extractor = "extract_salt_for_#{normalized_type}"
  if respond_to?(salt_extractor)
    salt = send(salt_extractor, hashed_password_without_type)
    if salt.nil?
      raise ArgumentError, "Can't extract salt from hashed password"
    end
    generated_password = send(normalized_type, password, salt)
  else
    generated_password = send(normalized_type, password)
  end
  hashed_password == generated_password
end

Module: ActiveLdap::UserPassword

Defined Under Namespace

Class Method Summary collapse

Class Method Details

.crypt(password, salt = nil) ⇒ Object

.extract_salt_for_crypt(crypted_password) ⇒ Object

.extract_salt_for_smd5(smd5ed_password) ⇒ Object

.extract_salt_for_ssha(sshaed_password) ⇒ Object

.md5(password) ⇒ Object

.sha(password) ⇒ Object

.smd5(password, salt = nil) ⇒ Object

.ssha(password, salt = nil) ⇒ Object

.valid?(password, hashed_password) ⇒ Boolean

.crypt(password, salt = nil) ⇒ `Object`

.extract_salt_for_crypt(crypted_password) ⇒ `Object`

.extract_salt_for_smd5(smd5ed_password) ⇒ `Object`

.extract_salt_for_ssha(sshaed_password) ⇒ `Object`

.md5(password) ⇒ `Object`

.sha(password) ⇒ `Object`

.smd5(password, salt = nil) ⇒ `Object`

.ssha(password, salt = nil) ⇒ `Object`

.valid?(password, hashed_password) ⇒ `Boolean`