Module: Crypt3
- Defined in:
- lib/crypt3.rb
Overview
Crypt3 is a pure ruby version of crypt(3), a salted one-way hashing of a password.
The Ruby version was written by Poul-Henning Kamp.
Adapted by guillaume__dot__pierronnet_at__laposte__dot_net based on
which is based on FreeBSD src/lib/libcrypt/crypt.c 1.2
_Original License_
“THE BEER-WARE LICENSE” (Revision 42): <[email protected]> wrote this file. As long as you retain this notice you can do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
Copyright © 2002 Poul-Henning Kamp
Defined Under Namespace
Modules: ImpOrd2String
Constant Summary collapse
- VERSION =
Current version of the library.
'1.1.5'
- ITOA64 =
Base 64 character set.
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
Class Method Summary collapse
-
.check(password, hash, algo = :md5) ⇒ Boolean
Check the validity of a password against an hashed string.
-
.crypt(password, algo = :md5, salt = nil, magic = '$1$') ⇒ Object
A pure ruby version of crypt(3), a salted one-way hashing of a password.
-
.generate_salt(size) ⇒ String
Generate a random salt of the given ‘size`.
Class Method Details
.check(password, hash, algo = :md5) ⇒ Boolean
Check the validity of a password against an hashed string.
152 153 154 155 156 |
# File 'lib/crypt3.rb', line 152 def self.check(password, hash, algo = :md5) magic, salt = hash.split('$')[1,2] magic = '$' + magic + '$' self.crypt(password, algo, salt, magic) == hash end |
.crypt(password, algo = :md5, salt = nil, magic = '$1$') ⇒ Object
A pure ruby version of crypt(3), a salted one-way hashing of a password.
Supported hashing algorithms are: md5, sha1, sha256, sha384, sha512, rmd160.
Only the md5 hashing algorithm is standard and compatible with crypt(3), the others are not standard.
Automatically generates an 8-byte salt if none given.
Output a length hashed and salted string with size of ‘magic.size + salt.size + 23`.
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 |
# File 'lib/crypt3.rb', line 50 def self.crypt(password, algo=:md5, salt=nil, magic='$1$') salt ||= generate_salt(8) case algo when :md5 require "digest/md5" when :sha1 require "digest/sha1" when :rmd160 require "digest/rmd160" when :sha256, :sha384, :sha512 require "digest/sha2" else raise(ArgumentError, "unknown algorithm") end digest_class = Digest.const_get(algo.to_s.upcase) # The password first, since that is what is most unknown. Then our magic string. Then the raw salt. m = digest_class.new m.update(password + magic + salt) # Then just as many characters of the MD5(pw,salt,pw) mixin = digest_class.new.update(password + salt + password).digest password.length.times do |i| m.update(mixin[i % 16].chr) end # Then something really weird... # Also really broken, as far as I can tell. -m i = password.length while i != 0 if (i & 1) != 0 m.update("\x00") else m.update(password[0].chr) end i >>= 1 end final = m.digest # and now, just to make sure things don't run too fast 1000.times do |i| m2 = digest_class.new if (i & 1) != 0 m2.update(password) else m2.update(final) end if (i % 3) != 0 m2.update(salt) end if (i % 7) != 0 m2.update(password) end if (i & 1) != 0 m2.update(final) else m2.update(password) end final = m2.digest end # This is the bit that uses to64() in the original code. rearranged = "" if defined?("has_ord?".ord) final.extend ImpOrd2String end [ [0, 6, 12], [1, 7, 13], [2, 8, 14], [3, 9, 15], [4, 10, 5] ].each do |a, b, c| v = final[a] << 16 | final[b] << 8 | final[c] 4.times do rearranged += ITOA64[v & 0x3f].chr v >>= 6 end end v = final[11] 2.times do rearranged += ITOA64[v & 0x3f].chr v >>= 6 end magic + salt + '$' + rearranged end |