Module: Rack::Pubcookie::DES
- Included in:
- Auth
- Defined in:
- lib/rack/pubcookie/des.rb
Instance Method Summary collapse
Instance Method Details
#des_decrypt(bytes, index1, index2) ⇒ Object
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
# File 'lib/rack/pubcookie/des.rb', line 5 def des_decrypt bytes, index1, index2 # In the URL of #extract_username, the initial IVEC is defined around # line 63 and for some reason only the first byte is used in the xor'ing ivec = @key[index2, 8] ivec = ivec.map{ |i| i ^ 0x4c } key = @key[index1, 8] c = OpenSSL::Cipher.new('des-cfb') c.decrypt c.key = key.pack('c*') c.iv = ivec.pack('c*') # This should be offset by the size of the granting key? Not sure... signature = c.update(bytes[0..127].pack('c*')) decrypted = c.update(bytes[128..-1].pack('c*')) if OpenSSL::EVP.verify_md5(@granting, signature, decrypted) decrypted else nil end end |