Class: Net::LDAP::Password
- Inherits:
-
Object
- Object
- Net::LDAP::Password
- Defined in:
- lib/net/ldap/password.rb
Class Method Summary collapse
-
.generate(type, str) ⇒ Object
Generate a password-hash suitable for inclusion in an LDAP attribute.
Class Method Details
.generate(type, str) ⇒ Object
Generate a password-hash suitable for inclusion in an LDAP attribute. Pass a hash type as a symbol (:md5, :sha, :ssha) and a plaintext password. This function will return a hashed representation.
– STUB: This is here to fulfill the requirements of an RFC, which one?
TODO:
-
maybe salted-md5
-
Should we provide sha1 as a synonym for sha1? I vote no because then should you also provide ssha1 for symmetry?
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'lib/net/ldap/password.rb', line 23 def generate(type, str) case type when :md5 '{MD5}' + Base64.strict_encode64(Digest::MD5.digest(str)) when :sha '{SHA}' + Base64.strict_encode64(Digest::SHA1.digest(str)) when :ssha salt = SecureRandom.random_bytes(16) '{SSHA}' + Base64.strict_encode64(Digest::SHA1.digest(str + salt) + salt) when :ssha256 salt = SecureRandom.random_bytes(16) '{SSHA256}' + Base64.strict_encode64(Digest::SHA256.digest(str + salt) + salt) else raise Net::LDAP::HashTypeUnsupportedError, "Unsupported password-hash type (#{type})" end end |