Class: Net::LDAP::Password
- Inherits:
-
Object
- Object
- Net::LDAP::Password
- Defined in:
- lib/net/ldap/password.rb
Class Method Summary collapse
-
.generate(type, str) ⇒ Object
Generate a password-hash suitable for inclusion in an LDAP attribute.
Class Method Details
.generate(type, str) ⇒ Object
Generate a password-hash suitable for inclusion in an LDAP attribute. Pass a hash type as a symbol (:md5, :sha, :ssha) and a plaintext password. This function will return a hashed representation.
– STUB: This is here to fulfill the requirements of an RFC, which one?
TODO:
-
maybe salted-md5
-
Should we provide sha1 as a synonym for sha1? I vote no because then should you also provide ssha1 for symmetry?
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'lib/net/ldap/password.rb', line 23 def generate(type, str) case type when :md5 '{MD5}' + Base64.strict_encode64(Digest::MD5.digest(str)) when :sha '{SHA}' + Base64.strict_encode64(Digest::SHA1.digest(str)) when :ssha salt = SecureRandom.random_bytes(16) digest = Digest::SHA1.new digest << str << salt '{SSHA}' + Base64.strict_encode64(digest.digest + salt) when :ssha256 salt = SecureRandom.random_bytes(16) digest = Digest::SHA256.new digest << str << salt '{SSHA256}' + Base64.strict_encode64(digest.digest + salt) else raise Net::LDAP::HashTypeUnsupportedError, "Unsupported password-hash type (#{type})" end end |