Class: PasswordPing::Hashing
- Inherits:
-
Object
- Object
- PasswordPing::Hashing
- Defined in:
- lib/passwordping/hashing.rb
Class Method Summary collapse
- .argon2(to_hash, salt) ⇒ Object
- .argon2_raw(to_hash, salt) ⇒ Object
- .bcrypt(to_hash, salt) ⇒ Object
- .bytes_to_hex(bytes) ⇒ Object
- .crc32(to_hash) ⇒ Object
- .custom_algorithm1(to_hash, salt) ⇒ Object
- .custom_algorithm2(to_hash, salt) ⇒ Object
- .custom_algorithm4(to_hash, salt) ⇒ Object
- .hex_to_bytes(hex) ⇒ Object
- .md5(to_hash) ⇒ Object
- .md5_binary(to_hash) ⇒ Object
- .md5_binary_array(to_hash_bytes) ⇒ Object
- .md5crypt(to_hash, salt) ⇒ Object
- .mybb(to_hash, salt) ⇒ Object
- .phpbb3(to_hash, salt) ⇒ Object
- .sha1(to_hash) ⇒ Object
- .sha256(to_hash) ⇒ Object
- .sha512(to_hash) ⇒ Object
- .sha512_binary(to_hash) ⇒ Object
- .sha512_binary_array(to_hash) ⇒ Object
- .vbulletin(to_hash, salt) ⇒ Object
- .whirlpool(to_hash) ⇒ Object
- .whirlpool_binary(to_hash) ⇒ Object
- .whirlpool_binary_array(to_hash) ⇒ Object
- .xor(byte_array1, byte_array2) ⇒ Object
Class Method Details
.argon2(to_hash, salt) ⇒ Object
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 |
# File 'lib/passwordping/hashing.rb', line 199 def self.argon2(to_hash, salt) time_cost = 3 mem_cost = 10 threads = 2 hash_length = 20 just_salt = salt #$argon2i$v=19$m=65536,t=2,p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG if (salt[0..6] == "$argon2") # looks like we specified algo info for argon2 in the salt salt_values = salt.split("$") just_salt = Base64URL.decode(salt_values[4]) cost_params = salt_values[3].split(",") for param in cost_params begin param_parts = param.split("=") if (param_parts[0] == "t") time_cost = Integer(param_parts[1]) elsif (param_parts[0] == "m") mem_cost = Math.log2(Integer(param_parts[1])).round elsif (param_parts[0] == "p") threads = Integer(param_parts[1]) elsif (param_parts[0] == "l") hash_length = Integer(param_parts[1]) end rescue ArgumentError # ignore invalid params and just use default end end if (salt_values[1] == "argon2i") return Argon2Wrapper.hash_argon2i_encode(to_hash, just_salt, time_cost, mem_cost, threads, hash_length) else return Argon2Wrapper.hash_argon2d_encode(to_hash, just_salt, time_cost, mem_cost, threads, hash_length) end else return Argon2Wrapper.hash_argon2d_encode(to_hash, just_salt, time_cost, mem_cost, threads, hash_length) end end |
.argon2_raw(to_hash, salt) ⇒ Object
158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 |
# File 'lib/passwordping/hashing.rb', line 158 def self.argon2_raw(to_hash, salt) time_cost = 3 mem_cost = 10 threads = 2 hash_length = 20 just_salt = salt #$argon2i$v=19$m=65536,t=2,p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG if (salt[0..6] == "$argon2") # looks like we specified algo info for argon2 in the salt salt_values = salt.split("$") just_salt = Base64URL.decode(salt_values[4]) cost_params = salt_values[3].split(",") for param in cost_params begin param_parts = param.split("=") if (param_parts[0] == "t") time_cost = Integer(param_parts[1]) elsif (param_parts[0] == "m") mem_cost = Math.log2(Integer(param_parts[1])).round elsif (param_parts[0] == "p") threads = Integer(param_parts[1]) elsif (param_parts[0] == "l") hash_length = Integer(param_parts[1]) end rescue ArgumentError # ignore invalid params and just use default end end if (salt_values[1] == "argon2i") return Argon2Wrapper.hash_argon2i(to_hash, just_salt, time_cost, mem_cost, threads, hash_length) else return Argon2Wrapper.hash_argon2d(to_hash, just_salt, time_cost, mem_cost, threads, hash_length) end else return Argon2Wrapper.hash_argon2d(to_hash, just_salt, time_cost, mem_cost, threads, hash_length) end end |
.bcrypt(to_hash, salt) ⇒ Object
67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/passwordping/hashing.rb', line 67 def self.bcrypt(to_hash, salt) # if salt starts with $2y$, first replace with $2a$ if salt[0..3] == "$2y$" y_variant = true checked_salt = "$2a$" + salt[4..-1] else y_variant = false checked_salt = salt end result = BCrypt::Engine.hash_secret(to_hash, checked_salt) if y_variant # replace with $2y$ result = "$2y$" + result[4..-1] end return result end |
.bytes_to_hex(bytes) ⇒ Object
250 251 252 |
# File 'lib/passwordping/hashing.rb', line 250 def self.bytes_to_hex(bytes) return bytes.pack('c*').unpack('H*')[0] end |
.crc32(to_hash) ⇒ Object
55 56 57 |
# File 'lib/passwordping/hashing.rb', line 55 def self.crc32(to_hash) return Zlib.crc32(to_hash, 0).to_s(16) end |
.custom_algorithm1(to_hash, salt) ⇒ Object
142 143 144 |
# File 'lib/passwordping/hashing.rb', line 142 def self.custom_algorithm1(to_hash, salt) return self.bytes_to_hex(self.xor(self.sha512_binary_array(to_hash + salt), self.whirlpool_binary_array(salt + to_hash))) end |
.custom_algorithm2(to_hash, salt) ⇒ Object
146 147 148 |
# File 'lib/passwordping/hashing.rb', line 146 def self.custom_algorithm2(to_hash, salt) return self.md5(to_hash + salt) end |
.custom_algorithm4(to_hash, salt) ⇒ Object
154 155 156 |
# File 'lib/passwordping/hashing.rb', line 154 def self.custom_algorithm4(to_hash, salt) return self.bcrypt(self.md5(to_hash), salt) end |
.hex_to_bytes(hex) ⇒ Object
254 255 256 |
# File 'lib/passwordping/hashing.rb', line 254 def self.hex_to_bytes(hex) hex.scan(/../).map { |x| x.hex }.pack('c*') end |
.md5(to_hash) ⇒ Object
11 12 13 |
# File 'lib/passwordping/hashing.rb', line 11 def self.md5(to_hash) return Digest::MD5.hexdigest to_hash end |
.md5_binary(to_hash) ⇒ Object
15 16 17 |
# File 'lib/passwordping/hashing.rb', line 15 def self.md5_binary(to_hash) return Digest::MD5.digest(to_hash).bytes end |
.md5_binary_array(to_hash_bytes) ⇒ Object
19 20 21 |
# File 'lib/passwordping/hashing.rb', line 19 def self.md5_binary_array(to_hash_bytes) return Digest::MD5.digest(to_hash_bytes.pack('c*')).bytes end |
.md5crypt(to_hash, salt) ⇒ Object
150 151 152 |
# File 'lib/passwordping/hashing.rb', line 150 def self.md5crypt(to_hash, salt) return UnixCrypt::MD5.build(to_hash, salt.start_with?("$1$") ? salt[3..salt.length] : salt); end |
.mybb(to_hash, salt) ⇒ Object
59 60 61 |
# File 'lib/passwordping/hashing.rb', line 59 def self.mybb(to_hash, salt) return self.md5(self.md5(salt) + self.md5(to_hash)) end |
.phpbb3(to_hash, salt) ⇒ Object
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 |
# File 'lib/passwordping/hashing.rb', line 87 def self.phpbb3(to_hash, salt) if !salt.start_with?("$H$") return "" end itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" to_hash_bytes = to_hash.bytes count = 2**itoa64.index(salt[3]) justsalt = salt[4..12] hash = self.md5_binary(justsalt + to_hash) loop do hash = self.md5_binary_array(hash.push(to_hash_bytes).flatten!) count = count - 1; break if count == 0 end hashout = "" i = 0 count = 16 value = 0 loop do value = hash[i] + (hash[i] < 0 ? 256 : 0) i = i + 1 hashout = hashout + itoa64[value & 63] if i < count value = value | (hash[i] + (hash[i] < 0 ? 256 : 0)) << 8; end hashout = hashout + itoa64[(value >> 6) & 63] i = i + 1 if (i >= count) break end if (i < count) value = value | (hash[i] + (hash[i] < 0 ? 256 : 0)) << 16 end hashout = hashout + itoa64[(value >> 12) & 63] i = i + 1 if (i >= count) break end hashout = hashout + itoa64[(value >> 18) & 63] break if i == count end return salt + hashout end |
.sha1(to_hash) ⇒ Object
23 24 25 |
# File 'lib/passwordping/hashing.rb', line 23 def self.sha1(to_hash) return Digest::SHA1.hexdigest to_hash end |
.sha256(to_hash) ⇒ Object
27 28 29 |
# File 'lib/passwordping/hashing.rb', line 27 def self.sha256(to_hash) return Digest::SHA256.hexdigest to_hash end |
.sha512(to_hash) ⇒ Object
31 32 33 |
# File 'lib/passwordping/hashing.rb', line 31 def self.sha512(to_hash) return Digest::SHA512.hexdigest to_hash end |
.sha512_binary(to_hash) ⇒ Object
35 36 37 |
# File 'lib/passwordping/hashing.rb', line 35 def self.sha512_binary(to_hash) return Digest::SHA512.digest to_hash end |
.sha512_binary_array(to_hash) ⇒ Object
39 40 41 |
# File 'lib/passwordping/hashing.rb', line 39 def self.sha512_binary_array(to_hash) return Digest::SHA512.digest(to_hash).bytes end |
.vbulletin(to_hash, salt) ⇒ Object
63 64 65 |
# File 'lib/passwordping/hashing.rb', line 63 def self.vbulletin(to_hash, salt) return self.md5(self.md5(to_hash) + salt) end |
.whirlpool(to_hash) ⇒ Object
43 44 45 |
# File 'lib/passwordping/hashing.rb', line 43 def self.whirlpool(to_hash) return Digest::Whirlpool.hexdigest(to_hash) end |
.whirlpool_binary(to_hash) ⇒ Object
47 48 49 |
# File 'lib/passwordping/hashing.rb', line 47 def self.whirlpool_binary(to_hash) return Digest::Whirlpool.digest(to_hash) end |
.whirlpool_binary_array(to_hash) ⇒ Object
51 52 53 |
# File 'lib/passwordping/hashing.rb', line 51 def self.whirlpool_binary_array(to_hash) return Digest::Whirlpool.digest(to_hash).bytes end |
.xor(byte_array1, byte_array2) ⇒ Object
240 241 242 243 244 245 246 247 248 |
# File 'lib/passwordping/hashing.rb', line 240 def self.xor(byte_array1, byte_array2) result = Array.new(byte_array1.length); for i in 0..byte_array1.length - 1 do result[i] = byte_array1[i] ^ byte_array2[i]; end return result; end |