Module: ActiveLdap::UserPassword
- Defined in:
- lib/active_ldap/user_password.rb
Defined Under Namespace
Modules: Salt
Class Method Summary collapse
- .crypt(password, salt = nil) ⇒ Object
- .extract_salt_for_crypt(crypted_password) ⇒ Object
- .extract_salt_for_smd5(smd5ed_password) ⇒ Object
- .extract_salt_for_ssha(sshaed_password) ⇒ Object
- .md5(password) ⇒ Object
- .sha(password) ⇒ Object
- .smd5(password, salt = nil) ⇒ Object
- .ssha(password, salt = nil) ⇒ Object
- .valid?(password, hashed_password) ⇒ Boolean
Class Method Details
.crypt(password, salt = nil) ⇒ Object
32 33 34 35 |
# File 'lib/active_ldap/user_password.rb', line 32 def crypt(password, salt=nil) salt ||= "$1$#{Salt.generate(8)}" "{CRYPT}#{password.crypt(salt)}" end |
.extract_salt_for_crypt(crypted_password) ⇒ Object
37 38 39 40 41 42 43 |
# File 'lib/active_ldap/user_password.rb', line 37 def extract_salt_for_crypt(crypted_password) if /^\$1\$/ =~ crypted_password $MATCH + $POSTMATCH[0, 8].sub(/\$.*/, '') + "$" else crypted_password[0, 2] end end |
.extract_salt_for_smd5(smd5ed_password) ⇒ Object
58 59 60 |
# File 'lib/active_ldap/user_password.rb', line 58 def extract_salt_for_smd5(smd5ed_password) Base64.decode64(smd5ed_password)[-4, 4] end |
.extract_salt_for_ssha(sshaed_password) ⇒ Object
75 76 77 |
# File 'lib/active_ldap/user_password.rb', line 75 def extract_salt_for_ssha(sshaed_password) extract_salt_for_smd5(sshaed_password) end |
.md5(password) ⇒ Object
45 46 47 |
# File 'lib/active_ldap/user_password.rb', line 45 def md5(password) "{MD5}#{Base64.encode64(MD5.md5(password).digest).chomp}" end |
.sha(password) ⇒ Object
62 63 64 |
# File 'lib/active_ldap/user_password.rb', line 62 def sha(password) "{SHA}#{Base64.encode64(SHA1.sha1(password).digest).chomp}" end |
.smd5(password, salt = nil) ⇒ Object
49 50 51 52 53 54 55 56 |
# File 'lib/active_ldap/user_password.rb', line 49 def smd5(password, salt=nil) if salt and salt.size != 4 raise ArgumentError.new("salt size must be == 4") end salt ||= Salt.generate(4) md5_hash_with_salt = "#{MD5.md5(password + salt).digest}#{salt}" "{SMD5}#{Base64.encode64(md5_hash_with_salt).chomp}" end |
.ssha(password, salt = nil) ⇒ Object
66 67 68 69 70 71 72 73 |
# File 'lib/active_ldap/user_password.rb', line 66 def ssha(password, salt=nil) if salt and salt.size != 4 raise ArgumentError.new("salt size must be == 4") end salt ||= Salt.generate(4) sha1_hash_with_salt = "#{SHA1.sha1(password + salt).digest}#{salt}" "{SSHA}#{Base64.encode64(sha1_hash_with_salt).chomp}" end |
.valid?(password, hashed_password) ⇒ Boolean
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/active_ldap/user_password.rb', line 9 def valid?(password, hashed_password) unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password raise ArgumentError, "Invalid hashed password" end type = $1 hashed_password_without_type = $POSTMATCH normalized_type = type.downcase unless respond_to?(normalized_type) raise ArgumentError, "Unknown Hash type #{type}" end salt_extractor = "extract_salt_for_#{normalized_type}" if respond_to?(salt_extractor) salt = send(salt_extractor, hashed_password_without_type) if salt.nil? raise ArgumentError, "Can't extract salt from hashed password" end generated_password = send(normalized_type, password, salt) else generated_password = send(normalized_type, password) end hashed_password == generated_password end |