crypt3 1.1.6

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: a914f5fb4fd97435adf98c380e739b6c6591f288
+  data.tar.gz: 1f5090db3dcec5837d2e1315f0759d5b9b6566d4
+SHA512:
+  metadata.gz: 4a008f9ea380de3d6a46380d5b96c5c2428d2dcaed7f15f37003d127c623b9b15d632c1563623b641b011b2264b40006cf282916880385038087c6bd294b3628
+  data.tar.gz: 0703bf90c417f28e41d6e9af8ae93e74ecb8d3e728a3ed769d250d12d5ba469692d4824b57f0cd9e8c8092bee054faffa48cfabd3d0da04e110c42ad56b18dcb

data/.index

@@ -0,0 +1,58 @@
+---
+revision: 2013
+type: ruby
+sources:
+- var
+authors:
+- name: Thomas Sawyer
+  email: transfire@gmail.com
+- name: Poul-Henning Kamp
+organizations:
+- name: Rubyworks
+requirements:
+- groups:
+  - build
+  development: true
+  name: rake
+- groups:
+  - build
+  development: true
+  name: detroit
+- groups:
+  - test
+  development: true
+  name: minitest
+conflicts: []
+alternatives: []
+resources:
+- type: home
+  uri: http://rubyworks.github.com/crypt3
+  label: Homepage
+- type: code
+  uri: http://github.com/rubyworks/crypt3
+  label: Source Code
+- type: bugs
+  uri: http://github.com/rubyworks/crypt3/issues
+  label: Issue Tracker
+repositories:
+- name: upstream
+  scm: git
+  uri: git://github.com/rubyworks/crypt3.git
+categories: []
+copyrights:
+- holder: ''
+  year: '2002'
+  license: c) Poul-Henning Kamp (BSD-2-Clause
+customs: []
+paths:
+  lib:
+  - lib
+name: crypt3
+title: Crypt3
+summary: Crypt3 is a ruby version of crypt(3)
+created: '2002-06-01'
+description: |-
+  Crypt3 is a ruby version of crypt(3),
+  a salted one-way hashing of a password.
+version: 1.1.6
+date: '2013-08-09'

data/.yardopts

@@ -0,0 +1,9 @@
+--title Crypt3
+--readme README.md
+--protected
+--private
+--plugin tomdoc
+lib
+-
+*.txt
+*.md

data/HISTORY.md

@@ -0,0 +1,68 @@
+# RELEASE HISTORY
+
+## 1.1.5 / 2013-01-30
+
+This release adds TomDoc based documentation.
+
+Changes:
+
+* Add TomDoc documentation.
+
+
+## 1.1.4 / 2011-10-23
+
+This release fixes VERSION constant. That's it.
+
+Changes:
+
+* Fix VERSION constant.
+
+
+## 1.1.3 / 2011-10-22
+
+This release is simply an administrative release to modernize the 
+build tools and build configuration used for the project.
+
+Changes:
+
+* Modernize build.
+
+
+## 1.1.2 / 2010-09-03
+
+Well, it looks as if the String#^ (xor) method from Facets wasn't ever
+actually needed.
+
+Changes:
+
+* Removed String#^ extension.
+
+
+## 1.1.1 / 2010-09-02
+
+This release simply removes the dependency on Facets and updates
+project metadata.
+
+Changes:
+
+* Remove dependency on Ruby Facets.
+
+
+## 1.1.0 / 2009-07-27
+
+This release renames the Crypt module to Crypt3 --which is really
+what it should have been from the start.
+
+Changes:
+
+* Rename Crypt module to Crypt3.
+
+
+## 1.0.0 / 2009-07-20
+
+This is the initial release of Crypt3.
+
+Changes:
+
+* Happy Birthday!
+

data/LICENSE.txt

@@ -0,0 +1,22 @@
+BSD-2-Clause License
+
+Redistribution and use in source and binary forms, with or without modification, are
+permitted provided that the following conditions are met:
+
+   1. Redistributions of source code must retain the above copyright notice, this list of
+      conditions and the following disclaimer.
+
+   2. Redistributions in binary form must reproduce the above copyright notice, this list
+      of conditions and the following disclaimer in the documentation and/or other materials
+      provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY <COPYRIGHT HOLDER> ``AS IS'' AND ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+

data/README.md

@@ -0,0 +1,68 @@
+# Crypt3
+
+[Website](http://rubyworks.github.com/crypt3) /
+[Report Issue](http://github.com/rubyworks/crypt3/issues) /
+[Source Code](http://github.com/rubyworks/crypt3) /
+[![Gem Version](https://badge.fury.io/rb/crypt3.png)](http://badge.fury.io/rb/crypt3) /
+[![Build Status](https://secure.travis-ci.org/rubyworks/crypt3.png)](http://travis-ci.org/rubyworks/crypt3)
+
+
+## [About](#about)
+
+Crypt3 is a pure Ruby version of crypt(3) --a salted one-way
+hashing of a password.
+
+Supported hashing algorithms are: md5, sha1, sha256, sha384,
+sha512, rmd160. Only the md5 hashing algorithm is standard
+and compatible with crypt(3); the others are non-standard.
+
+
+## [Features](#features)
+
+* Standard compliant crypt(3) implementation
+* Supports alternate hashing algorithms
+* Written in Ruby (but depends on Ruby's standard digest libraries)
+
+
+## [Installing](#installing)
+
+To install with RubyGems simply open a console and type:
+
+    gem install crypt3
+
+Site installation requires Setup.rb (gem install setup),
+then download the tarball package and type:
+
+    tar -xvzf crypt3-1.0.0.tar.gz
+    cd crypt3-1.0.0
+    sudo setup.rb all
+
+Windows users use 'ruby setup.rb all'.
+
+
+## [Basic Usage](#usage)
+
+Crypt3 provides a module method call `crypt`.
+
+    Crypt3.crypt('pass')
+
+It will return an encypted string, something like:
+
+    '$1$YeNsbWdH$wvOF8JdqsoiLix754LTW90'
+
+The validitly of which can ensured it using `check`:
+
+    Crypt3.check('pass', '$1$YeNsbWdH$wvOF8JdqsoiLix754LTW90')
+
+See the [API Documentation](http://rubydoc.info/gems/crypt3/frames) for further
+details and options.
+
+
+## [Copyrights](#copyright)
+
+Copyright © 2009 Poul-Henning Kamp
+
+This program is ditributed under the terms of the [BSD-2-Clause](http://opensource.org/licenses/BSD-2-Clause)
+license.
+
+See LICENSE.txt for full text.

data/lib/crypt3.rb

@@ -0,0 +1,189 @@
+# Crypt3 is a pure ruby version of crypt(3), a salted one-way hashing of a password.
+#
+# The Ruby version was written by Poul-Henning Kamp.
+#
+# Adapted by guillaume__dot__pierronnet_at__laposte__dot_net based on
+# * http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/325204/index_txt
+# which is based on FreeBSD src/lib/libcrypt/crypt.c 1.2
+# * http://www.freebsd.org/cgi/cvsweb.cgi/~checkout~/src/lib/libcrypt/crypt.c?rev=1.2&content-type=text/plain
+#
+# _Original License_
+#
+# "THE BEER-WARE LICENSE" (Revision 42):
+# <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
+# can do whatever you want with this stuff. If we meet some day, and you think
+# this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
+#
+# Copyright (c) 2002 Poul-Henning Kamp
+
+module Crypt3
+
+  # Current version of the library.
+  VERSION = '1.1.5'  #:erb: VERSION = '<%= version %>'
+
+  # Base 64 character set.
+  ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+
+  # Extends strings in #crypt.
+  module ImpOrd2String
+    def [](*args) 
+      self.slice(*args).ord
+    end
+  end
+
+  # A pure ruby version of crypt(3), a salted one-way hashing of a password.
+  #
+  # Supported hashing algorithms are: md5, sha1, sha256, sha384, sha512, rmd160.
+  #
+  # Only the md5 hashing algorithm is standard and compatible with crypt(3),
+  # the others are not standard.
+  #
+  # Automatically generates an 8-byte salt if none given.
+  #
+  # Output a length hashed and salted string with size of `magic.size + salt.size + 23`.
+  #
+  # password - The pharse that was encrypted. [String]
+  # algo     - The algorithm used. [Symbol]
+  # salt     - Cryptographic salt, random if `nil`.
+  #
+  # Retuns the cryptogrphic hash. [String]
+  def self.crypt(password, algo=:md5, salt=nil, magic='$1$')
+
+    salt ||= generate_salt(8)
+
+    case algo
+      when :md5
+        require "digest/md5"
+      when :sha1
+        require "digest/sha1"
+      when :rmd160
+        require "digest/rmd160"
+      when :sha256, :sha384, :sha512
+        require "digest/sha2"
+    else
+      raise(ArgumentError, "unknown algorithm")
+    end
+    digest_class = Digest.const_get(algo.to_s.upcase)
+
+    # The password first, since that is what is most unknown. Then our magic string. Then the raw salt.
+    m = digest_class.new
+    m.update(password + magic + salt)
+
+    # Then just as many characters of the MD5(pw,salt,pw)
+    mixin = digest_class.new.update(password + salt + password).digest
+    password.length.times do |i|
+      m.update(mixin[i % 16].chr)
+    end
+
+    # Then something really weird...
+    # Also really broken, as far as I can tell.  -m
+    i = password.length
+    while i != 0
+      if (i & 1) != 0
+        m.update("\x00")
+      else
+        m.update(password[0].chr)
+      end
+      i >>= 1
+    end
+
+    final = m.digest
+
+    # and now, just to make sure things don't run too fast
+    1000.times do |i|
+      m2 = digest_class.new
+
+      if (i & 1) != 0
+        m2.update(password)
+      else
+        m2.update(final)
+      end
+
+      if (i % 3) != 0
+        m2.update(salt)
+      end
+      if (i % 7) != 0
+        m2.update(password)
+      end
+
+      if (i & 1) != 0
+        m2.update(final)
+      else
+        m2.update(password)
+      end
+
+      final = m2.digest
+    end
+
+    # This is the bit that uses to64() in the original code.
+
+    rearranged = ""
+
+    if defined?("has_ord?".ord)
+      final.extend ImpOrd2String
+    end
+    [ [0, 6, 12], [1, 7, 13], [2, 8, 14], [3, 9, 15], [4, 10, 5] ].each do |a, b, c|
+
+      v = final[a] << 16 | final[b] << 8 | final[c]
+
+      4.times do
+        rearranged += ITOA64[v & 0x3f].chr
+        v >>= 6
+      end
+    end
+
+    v = final[11]
+
+    2.times do
+      rearranged += ITOA64[v & 0x3f].chr
+      v >>= 6
+    end
+
+    magic + salt + '$' + rearranged
+  end
+
+  # Check the validity of a password against an hashed string.
+  #
+  # password - The pharse that was encrypted. [String]
+  # hash     - The cryptogrphic hash. [String]
+  # algo     - The algorithm used. [Symbol]
+  #
+  # Returns true if it checks out. [Boolean]
+  def self.check(password, hash, algo = :md5)
+    magic, salt = hash.split('$')[1,2]
+    magic = '$' + magic + '$'
+    self.crypt(password, algo, salt, magic) == hash
+  end
+
+  # Generate a random salt of the given `size`.
+  #
+  # size - The size of the salt. [Integer]
+  #
+  # Returns random salt. [String]
+  def self.generate_salt(size)
+    (1..size).collect { ITOA64[rand(ITOA64.size)].chr }.join("")
+  end
+
+  #  # Binary XOR of two strings. 
+  #  #
+  #  #   a = xor("\000\000\001\001", "\000\001\000\001")
+  #  #   b = xor("\003\003\003", "\000\001\002")
+  #  #
+  #  #   a  #=> "\000\001\001\000"
+  #  #   b  #=> "\003\002\001"
+  #  #
+  #  def xor(string1, string2)
+  #    a = string1.unpack('C'*(self.length))
+  #    b = string2.unpack('C'*(aString.length))
+  #    if (b.length < a.length)
+  #      (a.length - b.length).times { b << 0 }
+  #    end
+  #    xor = ""
+  #    0.upto(a.length-1) { |pos|
+  #      x = a[pos] ^ b[pos]
+  #      xor << x.chr()
+  #    }
+  #    return(xor)
+  #  end
+end
+

data/lib/crypt3.yml

@@ -0,0 +1,58 @@
+---
+revision: 2013
+type: ruby
+sources:
+- var
+authors:
+- name: Thomas Sawyer
+  email: transfire@gmail.com
+- name: Poul-Henning Kamp
+organizations:
+- name: Rubyworks
+requirements:
+- groups:
+  - build
+  development: true
+  name: rake
+- groups:
+  - build
+  development: true
+  name: detroit
+- groups:
+  - test
+  development: true
+  name: minitest
+conflicts: []
+alternatives: []
+resources:
+- type: home
+  uri: http://rubyworks.github.com/crypt3
+  label: Homepage
+- type: code
+  uri: http://github.com/rubyworks/crypt3
+  label: Source Code
+- type: bugs
+  uri: http://github.com/rubyworks/crypt3/issues
+  label: Issue Tracker
+repositories:
+- name: upstream
+  scm: git
+  uri: git://github.com/rubyworks/crypt3.git
+categories: []
+copyrights:
+- holder: ''
+  year: '2002'
+  license: c) Poul-Henning Kamp (BSD-2-Clause
+customs: []
+paths:
+  lib:
+  - lib
+name: crypt3
+title: Crypt3
+summary: Crypt3 is a ruby version of crypt(3)
+created: '2002-06-01'
+description: |-
+  Crypt3 is a ruby version of crypt(3),
+  a salted one-way hashing of a password.
+version: 1.1.6
+date: '2013-08-09'

data/test/test_crypt3.rb

@@ -0,0 +1,33 @@
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+
+require "crypt3.rb"
+require "minitest/autorun"
+
+class Crypt3Test < MiniTest::Unit::TestCase
+
+  def array_test(arr, algo)
+    arr.each do |password, hash|
+      assert(Crypt3.check(password, hash, algo))
+    end
+  end
+
+  def test_md5
+    a = [
+      [' ', '$1$yiiZbNIH$YiCsHZjcTkYd31wkgW8JF.'],
+      ['pass', '$1$YeNsbWdH$wvOF8JdqsoiLix754LTW90'],
+      ['____fifteen____', '$1$s9lUWACI$Kk1jtIVVdmT01p0z3b/hw1'],
+      ['____sixteen_____', '$1$dL3xbVZI$kkgqhCanLdxODGq14g/tW1'],
+      ['____seventeen____', '$1$NaH5na7J$j7y8Iss0hcRbu3kzoJs5V.'],
+      ['__________thirty-three___________', '$1$HO7Q6vzJ$yGwp2wbL5D7eOVzOmxpsy.'],
+      ['apache', '$apr1$J.w5a/..$IW9y6DR0oO/ADuhlMF5/X1']
+    ]
+    array_test(a, :md5)
+  end
+
+  def test_bad_algorithm
+    assert_raises(ArgumentError) do
+      Crypt3.crypt("qsdf", :qsdf)
+    end
+  end
+
+end

metadata

@@ -0,0 +1,101 @@
+--- !ruby/object:Gem::Specification
+name: crypt3
+version: !ruby/object:Gem::Version
+  version: 1.1.6
+platform: ruby
+authors:
+- Thomas Sawyer
+- Poul-Henning Kamp
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-08-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: detroit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |-
+  Crypt3 is a ruby version of crypt(3),
+  a salted one-way hashing of a password.
+email:
+- transfire@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE.txt
+- README.md
+- HISTORY.md
+files:
+- .index
+- .yardopts
+- lib/crypt3.rb
+- lib/crypt3.yml
+- test/test_crypt3.rb
+- LICENSE.txt
+- README.md
+- HISTORY.md
+homepage: http://rubyworks.github.com/crypt3
+licenses:
+- c) Poul-Henning Kamp (BSD-2-Clause
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Crypt3 is a ruby version of crypt(3)
+test_files:
+- test/test_crypt3.rb