Module | ActiveLdap::UserPassword |
In: |
lib/active_ldap/user_password.rb
|
# File lib/active_ldap/user_password.rb, line 33 33: def crypt(password, salt=nil) 34: salt ||= "$1$#{Salt.generate(8)}" 35: "{CRYPT}#{password.crypt(salt)}" 36: end
# File lib/active_ldap/user_password.rb, line 38 38: def extract_salt_for_crypt(crypted_password) 39: if /^\$1\$/ =~ crypted_password 40: $MATCH + $POSTMATCH[0, 8].sub(/\$.*/, '') + "$" 41: else 42: crypted_password[0, 2] 43: end 44: end
# File lib/active_ldap/user_password.rb, line 59 59: def extract_salt_for_smd5(smd5ed_password) 60: Base64.decode64(smd5ed_password)[-4, 4] 61: end
# File lib/active_ldap/user_password.rb, line 76 76: def extract_salt_for_ssha(sshaed_password) 77: extract_salt_for_smd5(sshaed_password) 78: end
# File lib/active_ldap/user_password.rb, line 86 86: def generate(length) 87: salt = "" 88: length.times {salt << CHARS[rand(CHARS.length)]} 89: salt 90: end
# File lib/active_ldap/user_password.rb, line 46 46: def md5(password) 47: "{MD5}#{Base64.encode64(MD5.md5(password).digest).chomp}" 48: end
# File lib/active_ldap/user_password.rb, line 63 63: def sha(password) 64: "{SHA}#{Base64.encode64(SHA1.sha1(password).digest).chomp}" 65: end
# File lib/active_ldap/user_password.rb, line 50 50: def smd5(password, salt=nil) 51: if salt and salt.size != 4 52: raise ArgumentError, _("salt size must be == 4: %s") % salt.inspect 53: end 54: salt ||= Salt.generate(4) 55: md5_hash_with_salt = "#{MD5.md5(password + salt).digest}#{salt}" 56: "{SMD5}#{Base64.encode64(md5_hash_with_salt).chomp}" 57: end
# File lib/active_ldap/user_password.rb, line 67 67: def ssha(password, salt=nil) 68: if salt and salt.size != 4 69: raise ArgumentError, _("salt size must be == 4: %s") % salt.inspect 70: end 71: salt ||= Salt.generate(4) 72: sha1_hash_with_salt = "#{SHA1.sha1(password + salt).digest}#{salt}" 73: "{SSHA}#{Base64.encode64(sha1_hash_with_salt).chomp}" 74: end
# File lib/active_ldap/user_password.rb, line 9 9: def valid?(password, hashed_password) 10: unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password 11: raise ArgumentError, _("Invalid hashed password: %s") % hashed_password 12: end 13: type = $1 14: hashed_password_without_type = $POSTMATCH 15: normalized_type = type.downcase 16: unless respond_to?(normalized_type) 17: raise ArgumentError, _("Unknown Hash type: %s") % type 18: end 19: salt_extractor = "extract_salt_for_#{normalized_type}" 20: if respond_to?(salt_extractor) 21: salt = send(salt_extractor, hashed_password_without_type) 22: if salt.nil? 23: raise ArgumentError, 24: _("Can't extract salt from hashed password: %s") % hashed_password 25: end 26: generated_password = send(normalized_type, password, salt) 27: else 28: generated_password = send(normalized_type, password) 29: end 30: hashed_password == generated_password 31: end