Class: HTAuth::Md5
Overview
Internal: an implementation of the MD5 based encoding algorithm as used in the apache htpasswd -m option
Constant Summary collapse
- DIGEST_LENGTH =
16
- PAD_LENGTH =
6
- PREFIX =
"$apr1$".freeze
- SALT_CHARS_STR =
SALT_CHARS.join('')
- ENTRY_REGEX =
%r[ \A #{Regexp.escape(PREFIX)} [#{SALT_CHARS_STR}]{#{SALT_LENGTH}} #{Regexp.escape("$")} [#{SALT_CHARS_STR}]{#{DIGEST_LENGTH + PAD_LENGTH}} \z ]x
Constants inherited from Algorithm
Algorithm::ARGON2, Algorithm::BCRYPT, Algorithm::CRYPT, Algorithm::DEFAULT, Algorithm::EXISTING, Algorithm::MD5, Algorithm::PLAINTEXT, Algorithm::SALT_CHARS, Algorithm::SALT_LENGTH, Algorithm::SHA1
Class Method Summary collapse
Instance Method Summary collapse
-
#encode(password) ⇒ Object
this algorigthm pulled straight from apr_md5_encode() and converted to ruby syntax.
-
#initialize(params = {}) ⇒ Md5
constructor
A new instance of Md5.
Methods inherited from Algorithm
algorithm_from_field, algorithm_from_name, algorithm_name, #gen_salt, secure_compare, #to_64, #verify_password?
Methods included from DescendantTracker
#children, #find_child, #inherited
Constructor Details
#initialize(params = {}) ⇒ Md5
Returns a new instance of Md5.
31 32 33 34 35 36 37 |
# File 'lib/htauth/md5.rb', line 31 def initialize(params = {}) if existing = (params['existing'] || params[:existing]) then @salt = self.class.extract_salt_from_existing_password_field(existing) else @salt = params[:salt] || params['salt'] || gen_salt end end |
Class Method Details
.extract_salt_from_existing_password_field(existing) ⇒ Object
26 27 28 29 |
# File 'lib/htauth/md5.rb', line 26 def self.extract_salt_from_existing_password_field(existing) p = existing.split("$") return p[2] end |
.handles?(password_entry) ⇒ Boolean
22 23 24 |
# File 'lib/htauth/md5.rb', line 22 def self.handles?(password_entry) ENTRY_REGEX.match?(password_entry) end |
Instance Method Details
#encode(password) ⇒ Object
this algorigthm pulled straight from apr_md5_encode() and converted to ruby syntax
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 |
# File 'lib/htauth/md5.rb', line 40 def encode(password) primary = ::Digest::MD5.new primary << password primary << PREFIX primary << @salt md5_t = ::Digest::MD5.digest("#{password}#{@salt}#{password}") l = password.length while l > 0 do slice_size = ( l > DIGEST_LENGTH ) ? DIGEST_LENGTH : l primary << md5_t[0, slice_size] l -= DIGEST_LENGTH end # weirdness l = password.length while l != 0 case (l & 1) when 1 primary << 0.chr when 0 primary << password[0,1] end l >>= 1 end pd = primary.digest encoded_password = "#{PREFIX}#{@salt}$" # apr_md5_encode has this comment about a 60Mhz Pentium above this loop. 1000.times do |x| ctx = ::Digest::MD5.new ctx << (( ( x & 1 ) == 1 ) ? password : pd[0,DIGEST_LENGTH]) (ctx << @salt) unless ( x % 3 ) == 0 (ctx << password) unless ( x % 7 ) == 0 ctx << (( ( x & 1 ) == 0 ) ? password : pd[0,DIGEST_LENGTH]) pd = ctx.digest end pd = pd.bytes.to_a l = (pd[ 0]<<16) | (pd[ 6]<<8) | pd[12] encoded_password << to_64(l, 4) l = (pd[ 1]<<16) | (pd[ 7]<<8) | pd[13] encoded_password << to_64(l, 4) l = (pd[ 2]<<16) | (pd[ 8]<<8) | pd[14] encoded_password << to_64(l, 4) l = (pd[ 3]<<16) | (pd[ 9]<<8) | pd[15] encoded_password << to_64(l, 4) l = (pd[ 4]<<16) | (pd[10]<<8) | pd[ 5] encoded_password << to_64(l, 4) encoded_password << to_64(pd[11],2) return encoded_password end |