crypt3 1.1.6

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: a914f5fb4fd97435adf98c380e739b6c6591f288
4
+ data.tar.gz: 1f5090db3dcec5837d2e1315f0759d5b9b6566d4
5
+ SHA512:
6
+ metadata.gz: 4a008f9ea380de3d6a46380d5b96c5c2428d2dcaed7f15f37003d127c623b9b15d632c1563623b641b011b2264b40006cf282916880385038087c6bd294b3628
7
+ data.tar.gz: 0703bf90c417f28e41d6e9af8ae93e74ecb8d3e728a3ed769d250d12d5ba469692d4824b57f0cd9e8c8092bee054faffa48cfabd3d0da04e110c42ad56b18dcb
data/.index ADDED
@@ -0,0 +1,58 @@
1
+ ---
2
+ revision: 2013
3
+ type: ruby
4
+ sources:
5
+ - var
6
+ authors:
7
+ - name: Thomas Sawyer
8
+ email: transfire@gmail.com
9
+ - name: Poul-Henning Kamp
10
+ organizations:
11
+ - name: Rubyworks
12
+ requirements:
13
+ - groups:
14
+ - build
15
+ development: true
16
+ name: rake
17
+ - groups:
18
+ - build
19
+ development: true
20
+ name: detroit
21
+ - groups:
22
+ - test
23
+ development: true
24
+ name: minitest
25
+ conflicts: []
26
+ alternatives: []
27
+ resources:
28
+ - type: home
29
+ uri: http://rubyworks.github.com/crypt3
30
+ label: Homepage
31
+ - type: code
32
+ uri: http://github.com/rubyworks/crypt3
33
+ label: Source Code
34
+ - type: bugs
35
+ uri: http://github.com/rubyworks/crypt3/issues
36
+ label: Issue Tracker
37
+ repositories:
38
+ - name: upstream
39
+ scm: git
40
+ uri: git://github.com/rubyworks/crypt3.git
41
+ categories: []
42
+ copyrights:
43
+ - holder: ''
44
+ year: '2002'
45
+ license: c) Poul-Henning Kamp (BSD-2-Clause
46
+ customs: []
47
+ paths:
48
+ lib:
49
+ - lib
50
+ name: crypt3
51
+ title: Crypt3
52
+ summary: Crypt3 is a ruby version of crypt(3)
53
+ created: '2002-06-01'
54
+ description: |-
55
+ Crypt3 is a ruby version of crypt(3),
56
+ a salted one-way hashing of a password.
57
+ version: 1.1.6
58
+ date: '2013-08-09'
@@ -0,0 +1,9 @@
1
+ --title Crypt3
2
+ --readme README.md
3
+ --protected
4
+ --private
5
+ --plugin tomdoc
6
+ lib
7
+ -
8
+ *.txt
9
+ *.md
@@ -0,0 +1,68 @@
1
+ # RELEASE HISTORY
2
+
3
+ ## 1.1.5 / 2013-01-30
4
+
5
+ This release adds TomDoc based documentation.
6
+
7
+ Changes:
8
+
9
+ * Add TomDoc documentation.
10
+
11
+
12
+ ## 1.1.4 / 2011-10-23
13
+
14
+ This release fixes VERSION constant. That's it.
15
+
16
+ Changes:
17
+
18
+ * Fix VERSION constant.
19
+
20
+
21
+ ## 1.1.3 / 2011-10-22
22
+
23
+ This release is simply an administrative release to modernize the
24
+ build tools and build configuration used for the project.
25
+
26
+ Changes:
27
+
28
+ * Modernize build.
29
+
30
+
31
+ ## 1.1.2 / 2010-09-03
32
+
33
+ Well, it looks as if the String#^ (xor) method from Facets wasn't ever
34
+ actually needed.
35
+
36
+ Changes:
37
+
38
+ * Removed String#^ extension.
39
+
40
+
41
+ ## 1.1.1 / 2010-09-02
42
+
43
+ This release simply removes the dependency on Facets and updates
44
+ project metadata.
45
+
46
+ Changes:
47
+
48
+ * Remove dependency on Ruby Facets.
49
+
50
+
51
+ ## 1.1.0 / 2009-07-27
52
+
53
+ This release renames the Crypt module to Crypt3 --which is really
54
+ what it should have been from the start.
55
+
56
+ Changes:
57
+
58
+ * Rename Crypt module to Crypt3.
59
+
60
+
61
+ ## 1.0.0 / 2009-07-20
62
+
63
+ This is the initial release of Crypt3.
64
+
65
+ Changes:
66
+
67
+ * Happy Birthday!
68
+
@@ -0,0 +1,22 @@
1
+ BSD-2-Clause License
2
+
3
+ Redistribution and use in source and binary forms, with or without modification, are
4
+ permitted provided that the following conditions are met:
5
+
6
+ 1. Redistributions of source code must retain the above copyright notice, this list of
7
+ conditions and the following disclaimer.
8
+
9
+ 2. Redistributions in binary form must reproduce the above copyright notice, this list
10
+ of conditions and the following disclaimer in the documentation and/or other materials
11
+ provided with the distribution.
12
+
13
+ THIS SOFTWARE IS PROVIDED BY <COPYRIGHT HOLDER> ``AS IS'' AND ANY EXPRESS OR IMPLIED
14
+ WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
15
+ FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> OR
16
+ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
17
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
18
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
19
+ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
20
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
21
+ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
22
+
@@ -0,0 +1,68 @@
1
+ # Crypt3
2
+
3
+ [Website](http://rubyworks.github.com/crypt3) /
4
+ [Report Issue](http://github.com/rubyworks/crypt3/issues) /
5
+ [Source Code](http://github.com/rubyworks/crypt3) /
6
+ [![Gem Version](https://badge.fury.io/rb/crypt3.png)](http://badge.fury.io/rb/crypt3) /
7
+ [![Build Status](https://secure.travis-ci.org/rubyworks/crypt3.png)](http://travis-ci.org/rubyworks/crypt3)
8
+
9
+
10
+ ## [About](#about)
11
+
12
+ Crypt3 is a pure Ruby version of crypt(3) --a salted one-way
13
+ hashing of a password.
14
+
15
+ Supported hashing algorithms are: md5, sha1, sha256, sha384,
16
+ sha512, rmd160. Only the md5 hashing algorithm is standard
17
+ and compatible with crypt(3); the others are non-standard.
18
+
19
+
20
+ ## [Features](#features)
21
+
22
+ * Standard compliant crypt(3) implementation
23
+ * Supports alternate hashing algorithms
24
+ * Written in Ruby (but depends on Ruby's standard digest libraries)
25
+
26
+
27
+ ## [Installing](#installing)
28
+
29
+ To install with RubyGems simply open a console and type:
30
+
31
+ gem install crypt3
32
+
33
+ Site installation requires Setup.rb (gem install setup),
34
+ then download the tarball package and type:
35
+
36
+ tar -xvzf crypt3-1.0.0.tar.gz
37
+ cd crypt3-1.0.0
38
+ sudo setup.rb all
39
+
40
+ Windows users use 'ruby setup.rb all'.
41
+
42
+
43
+ ## [Basic Usage](#usage)
44
+
45
+ Crypt3 provides a module method call `crypt`.
46
+
47
+ Crypt3.crypt('pass')
48
+
49
+ It will return an encypted string, something like:
50
+
51
+ '$1$YeNsbWdH$wvOF8JdqsoiLix754LTW90'
52
+
53
+ The validitly of which can ensured it using `check`:
54
+
55
+ Crypt3.check('pass', '$1$YeNsbWdH$wvOF8JdqsoiLix754LTW90')
56
+
57
+ See the [API Documentation](http://rubydoc.info/gems/crypt3/frames) for further
58
+ details and options.
59
+
60
+
61
+ ## [Copyrights](#copyright)
62
+
63
+ Copyright &copy; 2009 Poul-Henning Kamp
64
+
65
+ This program is ditributed under the terms of the [BSD-2-Clause](http://opensource.org/licenses/BSD-2-Clause)
66
+ license.
67
+
68
+ See LICENSE.txt for full text.
@@ -0,0 +1,189 @@
1
+ # Crypt3 is a pure ruby version of crypt(3), a salted one-way hashing of a password.
2
+ #
3
+ # The Ruby version was written by Poul-Henning Kamp.
4
+ #
5
+ # Adapted by guillaume__dot__pierronnet_at__laposte__dot_net based on
6
+ # * http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/325204/index_txt
7
+ # which is based on FreeBSD src/lib/libcrypt/crypt.c 1.2
8
+ # * http://www.freebsd.org/cgi/cvsweb.cgi/~checkout~/src/lib/libcrypt/crypt.c?rev=1.2&content-type=text/plain
9
+ #
10
+ # _Original License_
11
+ #
12
+ # "THE BEER-WARE LICENSE" (Revision 42):
13
+ # <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
14
+ # can do whatever you want with this stuff. If we meet some day, and you think
15
+ # this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
16
+ #
17
+ # Copyright (c) 2002 Poul-Henning Kamp
18
+
19
+ module Crypt3
20
+
21
+ # Current version of the library.
22
+ VERSION = '1.1.5' #:erb: VERSION = '<%= version %>'
23
+
24
+ # Base 64 character set.
25
+ ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
26
+
27
+ # Extends strings in #crypt.
28
+ module ImpOrd2String
29
+ def [](*args)
30
+ self.slice(*args).ord
31
+ end
32
+ end
33
+
34
+ # A pure ruby version of crypt(3), a salted one-way hashing of a password.
35
+ #
36
+ # Supported hashing algorithms are: md5, sha1, sha256, sha384, sha512, rmd160.
37
+ #
38
+ # Only the md5 hashing algorithm is standard and compatible with crypt(3),
39
+ # the others are not standard.
40
+ #
41
+ # Automatically generates an 8-byte salt if none given.
42
+ #
43
+ # Output a length hashed and salted string with size of `magic.size + salt.size + 23`.
44
+ #
45
+ # password - The pharse that was encrypted. [String]
46
+ # algo - The algorithm used. [Symbol]
47
+ # salt - Cryptographic salt, random if `nil`.
48
+ #
49
+ # Retuns the cryptogrphic hash. [String]
50
+ def self.crypt(password, algo=:md5, salt=nil, magic='$1$')
51
+
52
+ salt ||= generate_salt(8)
53
+
54
+ case algo
55
+ when :md5
56
+ require "digest/md5"
57
+ when :sha1
58
+ require "digest/sha1"
59
+ when :rmd160
60
+ require "digest/rmd160"
61
+ when :sha256, :sha384, :sha512
62
+ require "digest/sha2"
63
+ else
64
+ raise(ArgumentError, "unknown algorithm")
65
+ end
66
+ digest_class = Digest.const_get(algo.to_s.upcase)
67
+
68
+ # The password first, since that is what is most unknown. Then our magic string. Then the raw salt.
69
+ m = digest_class.new
70
+ m.update(password + magic + salt)
71
+
72
+ # Then just as many characters of the MD5(pw,salt,pw)
73
+ mixin = digest_class.new.update(password + salt + password).digest
74
+ password.length.times do |i|
75
+ m.update(mixin[i % 16].chr)
76
+ end
77
+
78
+ # Then something really weird...
79
+ # Also really broken, as far as I can tell. -m
80
+ i = password.length
81
+ while i != 0
82
+ if (i & 1) != 0
83
+ m.update("\x00")
84
+ else
85
+ m.update(password[0].chr)
86
+ end
87
+ i >>= 1
88
+ end
89
+
90
+ final = m.digest
91
+
92
+ # and now, just to make sure things don't run too fast
93
+ 1000.times do |i|
94
+ m2 = digest_class.new
95
+
96
+ if (i & 1) != 0
97
+ m2.update(password)
98
+ else
99
+ m2.update(final)
100
+ end
101
+
102
+ if (i % 3) != 0
103
+ m2.update(salt)
104
+ end
105
+ if (i % 7) != 0
106
+ m2.update(password)
107
+ end
108
+
109
+ if (i & 1) != 0
110
+ m2.update(final)
111
+ else
112
+ m2.update(password)
113
+ end
114
+
115
+ final = m2.digest
116
+ end
117
+
118
+ # This is the bit that uses to64() in the original code.
119
+
120
+ rearranged = ""
121
+
122
+ if defined?("has_ord?".ord)
123
+ final.extend ImpOrd2String
124
+ end
125
+ [ [0, 6, 12], [1, 7, 13], [2, 8, 14], [3, 9, 15], [4, 10, 5] ].each do |a, b, c|
126
+
127
+ v = final[a] << 16 | final[b] << 8 | final[c]
128
+
129
+ 4.times do
130
+ rearranged += ITOA64[v & 0x3f].chr
131
+ v >>= 6
132
+ end
133
+ end
134
+
135
+ v = final[11]
136
+
137
+ 2.times do
138
+ rearranged += ITOA64[v & 0x3f].chr
139
+ v >>= 6
140
+ end
141
+
142
+ magic + salt + '$' + rearranged
143
+ end
144
+
145
+ # Check the validity of a password against an hashed string.
146
+ #
147
+ # password - The pharse that was encrypted. [String]
148
+ # hash - The cryptogrphic hash. [String]
149
+ # algo - The algorithm used. [Symbol]
150
+ #
151
+ # Returns true if it checks out. [Boolean]
152
+ def self.check(password, hash, algo = :md5)
153
+ magic, salt = hash.split('$')[1,2]
154
+ magic = '$' + magic + '$'
155
+ self.crypt(password, algo, salt, magic) == hash
156
+ end
157
+
158
+ # Generate a random salt of the given `size`.
159
+ #
160
+ # size - The size of the salt. [Integer]
161
+ #
162
+ # Returns random salt. [String]
163
+ def self.generate_salt(size)
164
+ (1..size).collect { ITOA64[rand(ITOA64.size)].chr }.join("")
165
+ end
166
+
167
+ # # Binary XOR of two strings.
168
+ # #
169
+ # # a = xor("\000\000\001\001", "\000\001\000\001")
170
+ # # b = xor("\003\003\003", "\000\001\002")
171
+ # #
172
+ # # a #=> "\000\001\001\000"
173
+ # # b #=> "\003\002\001"
174
+ # #
175
+ # def xor(string1, string2)
176
+ # a = string1.unpack('C'*(self.length))
177
+ # b = string2.unpack('C'*(aString.length))
178
+ # if (b.length < a.length)
179
+ # (a.length - b.length).times { b << 0 }
180
+ # end
181
+ # xor = ""
182
+ # 0.upto(a.length-1) { |pos|
183
+ # x = a[pos] ^ b[pos]
184
+ # xor << x.chr()
185
+ # }
186
+ # return(xor)
187
+ # end
188
+ end
189
+
@@ -0,0 +1,58 @@
1
+ ---
2
+ revision: 2013
3
+ type: ruby
4
+ sources:
5
+ - var
6
+ authors:
7
+ - name: Thomas Sawyer
8
+ email: transfire@gmail.com
9
+ - name: Poul-Henning Kamp
10
+ organizations:
11
+ - name: Rubyworks
12
+ requirements:
13
+ - groups:
14
+ - build
15
+ development: true
16
+ name: rake
17
+ - groups:
18
+ - build
19
+ development: true
20
+ name: detroit
21
+ - groups:
22
+ - test
23
+ development: true
24
+ name: minitest
25
+ conflicts: []
26
+ alternatives: []
27
+ resources:
28
+ - type: home
29
+ uri: http://rubyworks.github.com/crypt3
30
+ label: Homepage
31
+ - type: code
32
+ uri: http://github.com/rubyworks/crypt3
33
+ label: Source Code
34
+ - type: bugs
35
+ uri: http://github.com/rubyworks/crypt3/issues
36
+ label: Issue Tracker
37
+ repositories:
38
+ - name: upstream
39
+ scm: git
40
+ uri: git://github.com/rubyworks/crypt3.git
41
+ categories: []
42
+ copyrights:
43
+ - holder: ''
44
+ year: '2002'
45
+ license: c) Poul-Henning Kamp (BSD-2-Clause
46
+ customs: []
47
+ paths:
48
+ lib:
49
+ - lib
50
+ name: crypt3
51
+ title: Crypt3
52
+ summary: Crypt3 is a ruby version of crypt(3)
53
+ created: '2002-06-01'
54
+ description: |-
55
+ Crypt3 is a ruby version of crypt(3),
56
+ a salted one-way hashing of a password.
57
+ version: 1.1.6
58
+ date: '2013-08-09'
@@ -0,0 +1,33 @@
1
+ $:.unshift(File.dirname(__FILE__) + '/../lib')
2
+
3
+ require "crypt3.rb"
4
+ require "minitest/autorun"
5
+
6
+ class Crypt3Test < MiniTest::Unit::TestCase
7
+
8
+ def array_test(arr, algo)
9
+ arr.each do |password, hash|
10
+ assert(Crypt3.check(password, hash, algo))
11
+ end
12
+ end
13
+
14
+ def test_md5
15
+ a = [
16
+ [' ', '$1$yiiZbNIH$YiCsHZjcTkYd31wkgW8JF.'],
17
+ ['pass', '$1$YeNsbWdH$wvOF8JdqsoiLix754LTW90'],
18
+ ['____fifteen____', '$1$s9lUWACI$Kk1jtIVVdmT01p0z3b/hw1'],
19
+ ['____sixteen_____', '$1$dL3xbVZI$kkgqhCanLdxODGq14g/tW1'],
20
+ ['____seventeen____', '$1$NaH5na7J$j7y8Iss0hcRbu3kzoJs5V.'],
21
+ ['__________thirty-three___________', '$1$HO7Q6vzJ$yGwp2wbL5D7eOVzOmxpsy.'],
22
+ ['apache', '$apr1$J.w5a/..$IW9y6DR0oO/ADuhlMF5/X1']
23
+ ]
24
+ array_test(a, :md5)
25
+ end
26
+
27
+ def test_bad_algorithm
28
+ assert_raises(ArgumentError) do
29
+ Crypt3.crypt("qsdf", :qsdf)
30
+ end
31
+ end
32
+
33
+ end
metadata ADDED
@@ -0,0 +1,101 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: crypt3
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.1.6
5
+ platform: ruby
6
+ authors:
7
+ - Thomas Sawyer
8
+ - Poul-Henning Kamp
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2013-08-10 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: rake
16
+ requirement: !ruby/object:Gem::Requirement
17
+ requirements:
18
+ - - '>='
19
+ - !ruby/object:Gem::Version
20
+ version: '0'
21
+ type: :development
22
+ prerelease: false
23
+ version_requirements: !ruby/object:Gem::Requirement
24
+ requirements:
25
+ - - '>='
26
+ - !ruby/object:Gem::Version
27
+ version: '0'
28
+ - !ruby/object:Gem::Dependency
29
+ name: detroit
30
+ requirement: !ruby/object:Gem::Requirement
31
+ requirements:
32
+ - - '>='
33
+ - !ruby/object:Gem::Version
34
+ version: '0'
35
+ type: :development
36
+ prerelease: false
37
+ version_requirements: !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - '>='
40
+ - !ruby/object:Gem::Version
41
+ version: '0'
42
+ - !ruby/object:Gem::Dependency
43
+ name: minitest
44
+ requirement: !ruby/object:Gem::Requirement
45
+ requirements:
46
+ - - '>='
47
+ - !ruby/object:Gem::Version
48
+ version: '0'
49
+ type: :development
50
+ prerelease: false
51
+ version_requirements: !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - '>='
54
+ - !ruby/object:Gem::Version
55
+ version: '0'
56
+ description: |-
57
+ Crypt3 is a ruby version of crypt(3),
58
+ a salted one-way hashing of a password.
59
+ email:
60
+ - transfire@gmail.com
61
+ executables: []
62
+ extensions: []
63
+ extra_rdoc_files:
64
+ - LICENSE.txt
65
+ - README.md
66
+ - HISTORY.md
67
+ files:
68
+ - .index
69
+ - .yardopts
70
+ - lib/crypt3.rb
71
+ - lib/crypt3.yml
72
+ - test/test_crypt3.rb
73
+ - LICENSE.txt
74
+ - README.md
75
+ - HISTORY.md
76
+ homepage: http://rubyworks.github.com/crypt3
77
+ licenses:
78
+ - c) Poul-Henning Kamp (BSD-2-Clause
79
+ metadata: {}
80
+ post_install_message:
81
+ rdoc_options: []
82
+ require_paths:
83
+ - lib
84
+ required_ruby_version: !ruby/object:Gem::Requirement
85
+ requirements:
86
+ - - '>='
87
+ - !ruby/object:Gem::Version
88
+ version: '0'
89
+ required_rubygems_version: !ruby/object:Gem::Requirement
90
+ requirements:
91
+ - - '>='
92
+ - !ruby/object:Gem::Version
93
+ version: '0'
94
+ requirements: []
95
+ rubyforge_project:
96
+ rubygems_version: 2.0.3
97
+ signing_key:
98
+ specification_version: 4
99
+ summary: Crypt3 is a ruby version of crypt(3)
100
+ test_files:
101
+ - test/test_crypt3.rb