Module | ActiveLdap::UserPassword |
In: |
lib/active_ldap/user_password.rb
|
# File lib/active_ldap/user_password.rb, line 32 32: def crypt(password, salt=nil) 33: salt ||= "$1$#{Salt.generate(8)}" 34: "{CRYPT}#{password.crypt(salt)}" 35: end
# File lib/active_ldap/user_password.rb, line 37 37: def extract_salt_for_crypt(crypted_password) 38: if /^\$1\$/ =~ crypted_password 39: $MATCH + $POSTMATCH[0, 8].sub(/\$.*/, '') + "$" 40: else 41: crypted_password[0, 2] 42: end 43: end
# File lib/active_ldap/user_password.rb, line 58 58: def extract_salt_for_smd5(smd5ed_password) 59: Base64.decode64(smd5ed_password)[-4, 4] 60: end
# File lib/active_ldap/user_password.rb, line 75 75: def extract_salt_for_ssha(sshaed_password) 76: extract_salt_for_smd5(sshaed_password) 77: end
# File lib/active_ldap/user_password.rb, line 85 85: def generate(length) 86: salt = "" 87: length.times {salt << CHARS[rand(CHARS.length)]} 88: salt 89: end
# File lib/active_ldap/user_password.rb, line 45 45: def md5(password) 46: "{MD5}#{Base64.encode64(MD5.md5(password).digest).chomp}" 47: end
# File lib/active_ldap/user_password.rb, line 62 62: def sha(password) 63: "{SHA}#{Base64.encode64(SHA1.sha1(password).digest).chomp}" 64: end
# File lib/active_ldap/user_password.rb, line 49 49: def smd5(password, salt=nil) 50: if salt and salt.size != 4 51: raise ArgumentError, _("salt size must be == 4: %s") % salt.inspect 52: end 53: salt ||= Salt.generate(4) 54: md5_hash_with_salt = "#{MD5.md5(password + salt).digest}#{salt}" 55: "{SMD5}#{Base64.encode64(md5_hash_with_salt).chomp}" 56: end
# File lib/active_ldap/user_password.rb, line 66 66: def ssha(password, salt=nil) 67: if salt and salt.size != 4 68: raise ArgumentError, _("salt size must be == 4: %s") % salt.inspect 69: end 70: salt ||= Salt.generate(4) 71: sha1_hash_with_salt = "#{SHA1.sha1(password + salt).digest}#{salt}" 72: "{SSHA}#{Base64.encode64(sha1_hash_with_salt).chomp}" 73: end
# File lib/active_ldap/user_password.rb, line 8 8: def valid?(password, hashed_password) 9: unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password 10: raise ArgumentError, _("Invalid hashed password: %s") % hashed_password 11: end 12: type = $1 13: hashed_password_without_type = $POSTMATCH 14: normalized_type = type.downcase 15: unless respond_to?(normalized_type) 16: raise ArgumentError, _("Unknown Hash type: %s") % type 17: end 18: salt_extractor = "extract_salt_for_#{normalized_type}" 19: if respond_to?(salt_extractor) 20: salt = send(salt_extractor, hashed_password_without_type) 21: if salt.nil? 22: raise ArgumentError, 23: _("Can't extract salt from hashed password: %s") % hashed_password 24: end 25: generated_password = send(normalized_type, password, salt) 26: else 27: generated_password = send(normalized_type, password) 28: end 29: hashed_password == generated_password 30: end