enzoic 1.2.0 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/enzoic.gemspec +1 -1
  3. data/lib/enzoic/hashing.rb +36 -12
  4. data/lib/enzoic/password_type.rb +2 -1
  5. data/lib/enzoic/version.rb +1 -1
  6. data/lib/enzoic.rb +4 -0
  7. metadata +9 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2af7917c4ee90414cdffeda3948ce2a0642f523f6c44fe07db64deab4f5b6e25
4
- data.tar.gz: 4cdfeb61e75c47f95132e9a0c644f89a987597a48685038ac7308dba66e008ee
3
+ metadata.gz: a9299615755ffc582bb35414b6851ba06c11f236565542ef1d7b5d8b681ec776
4
+ data.tar.gz: 12e91e3208c526598672ecbf066af5734237345954e76320ae7163691d4f25e7
5
5
  SHA512:
6
- metadata.gz: 557fadc6dab20d5d76d2098466c31728ecba0a1fcd16ce9cd13a798817239bb791012691b37130b7e64dd7275728d83c9f89bdfeda10dbde0b369faf705f8ecf
7
- data.tar.gz: 420af16ed93a7696969a74fbfcd13e491e23f934a9f15712fe42fc3eb777e6cdcf51751ac4ebc2bfa28b250fc7d17c3107f10989a524c4f1779811254423cc50
6
+ metadata.gz: 888318919c30799a05c6cb91ddf0d986a5b86ac9d0a4ca0db76ed725fac7f4e91dd2d8a9a9353af0bd375b9c3e4284a979a3391d1649292521a145b04f9e577f
7
+ data.tar.gz: dad8311f61c0bdadd39436e53db8ec02e0f61313233aba3f0337c7cf403ec3cbe0b04d2b97a16194c3c4d1c2e578cdf0233bfea560046208f0c692e08a73497b
data/enzoic.gemspec CHANGED
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
20
20
  spec.bindir = "exe"
21
21
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
22
22
  spec.require_paths = ["lib"]
23
- spec.add_dependency 'ffi', '~> 1.11.1'
23
+ spec.add_dependency 'ffi', '~> 1.15.5'
24
24
  spec.add_dependency 'ffi-compiler', '~> 1.0.1'
25
25
  spec.add_dependency 'rest-client', '~> 2.0', '>= 2.0.2'
26
26
  spec.add_dependency 'bcrypt', '~> 3.1', '>= 3.1.11'
data/lib/enzoic/hashing.rb CHANGED
@@ -3,7 +3,8 @@ require 'digest'
3
3
  require 'bcrypt'
4
4
  require 'unix_crypt'
5
5
  require 'zlib'
6
- require 'digest/whirlpool'
6
+ require 'digest/whirlpool.bundle'
7
+ #require 'open_ssl'
7
8
  require 'base64url'
8
9
 
9
10
  module Enzoic
@@ -272,24 +273,47 @@ module Enzoic
272
273
  return result
273
274
  end
274
275
 
276
+ def self.sha256crypt(to_hash, salt)
277
+ return self.sha_crypt("5", UnixCrypt::SHA256, to_hash, salt)
278
+ end
279
+
275
280
  def self.sha512crypt(to_hash, salt)
276
- return UnixCrypt::SHA512.build(to_hash, salt.start_with?("$6$") ? salt[3..salt.length] : salt)
281
+ return self.sha_crypt("6", UnixCrypt::SHA512, to_hash, salt)
282
+ end
283
+
284
+ def self.sha_crypt(crypt_version, crypter, to_hash, salt)
285
+ # special handling if the salt contains an embedded rounds specifier
286
+ if salt.start_with?("$" + crypt_version + "$") && salt.include?("$rounds=")
287
+ # extract rounds
288
+ rounds_starting_idx = salt.index("$rounds=") + 8
289
+ rounds = salt[rounds_starting_idx..salt.length]
290
+ salt_portion = rounds[rounds.index("$") + 1..rounds.length]
291
+
292
+ begin
293
+ rounds = Integer(rounds[0..rounds.index("$") - 1])
294
+ rescue ArgumentError
295
+ rounds = 5000
296
+ end
297
+
298
+ result = crypter.build(to_hash, salt_portion, rounds)
299
+
300
+ # if the default rounds of 5000 was used, add this back in to the resultant hash as this library, unlike most,
301
+ # will strip it out.
302
+ if rounds == 5000
303
+ result = result[0..2] + "rounds=5000$" + result[3..result.length]
304
+ end
305
+
306
+ return result
307
+ end
308
+ return crypter.build(to_hash, salt.start_with?("$" + crypt_version + "$") ? salt[3..salt.length] : salt)
277
309
  end
278
310
 
279
311
  def self.custom_algorithm10(to_hash, salt)
280
312
  return self.sha512(to_hash + ":" + salt)
281
313
  end
282
314
 
283
- def self.sha256crypt(to_hash, salt)
284
- salt_to_use = salt
285
- if salt_to_use.start_with?("$5$")
286
- salt_to_use = salt_to_use[3..salt.length];
287
- end
288
- if salt_to_use.start_with?("rounds=")
289
- salt_to_use = salt_to_use[salt_to_use.index("$") + 1..salt_to_use.length]
290
- end
291
-
292
- return UnixCrypt::SHA256.build(to_hash, salt_to_use)
315
+ def self.hmac_sha1_salt_as_hash(to_hash, salt)
316
+ return OpenSSL::HMAC.hexdigest("sha1", salt, to_hash)
293
317
  end
294
318
 
295
319
  def self.authMeSHA256(to_hash, salt)
data/lib/enzoic/password_type.rb CHANGED
@@ -41,8 +41,9 @@ module Enzoic
41
41
  CustomAlgorithm9 = 38
42
42
  SHA512Crypt = 39
43
43
  CustomAlgorithm10 = 40
44
- SHA256Crypt = 41
44
+ HMACSHA1_SaltAsHash = 41
45
45
  AuthMeSHA256 = 42
46
+ SHA256Crypt = 43
46
47
 
47
48
  Unknown = 97
48
49
  UnusablePassword = 98
data/lib/enzoic/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
  # Standard Gem version constant.
3
3
  module Enzoic
4
- VERSION = "1.2.0".freeze
4
+ VERSION = "1.3.0".freeze
5
5
  end
data/lib/enzoic.rb CHANGED
@@ -301,6 +301,10 @@ module Enzoic
301
301
  if salt != nil && salt.length > 0
302
302
  return Hashing.authMeSHA256(password, salt)
303
303
  end
304
+ when PasswordType::HMACSHA1_SaltAsHash
305
+ if salt != nil && salt.length > 0
306
+ return Hashing.hmac_sha1_salt_as_hash(password, salt)
307
+ end
304
308
  else
305
309
  return nil
306
310
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: enzoic
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.0
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Enzoic
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-10-22 00:00:00.000000000 Z
11
+ date: 2023-05-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 1.11.1
19
+ version: 1.15.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 1.11.1
26
+ version: 1.15.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: ffi-compiler
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -116,20 +116,20 @@ dependencies:
116
116
  name: bundler
117
117
  requirement: !ruby/object:Gem::Requirement
118
118
  requirements:
119
- - - ">="
119
+ - - "~>"
120
120
  - !ruby/object:Gem::Version
121
121
  version: 2.2.11
122
- - - "~>"
122
+ - - ">="
123
123
  - !ruby/object:Gem::Version
124
124
  version: 2.2.11
125
125
  type: :development
126
126
  prerelease: false
127
127
  version_requirements: !ruby/object:Gem::Requirement
128
128
  requirements:
129
- - - ">="
129
+ - - "~>"
130
130
  - !ruby/object:Gem::Version
131
131
  version: 2.2.11
132
- - - "~>"
132
+ - - ">="
133
133
  - !ruby/object:Gem::Version
134
134
  version: 2.2.11
135
135
  - !ruby/object:Gem::Dependency
@@ -361,7 +361,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
361
361
  - !ruby/object:Gem::Version
362
362
  version: '0'
363
363
  requirements: []
364
- rubygems_version: 3.0.3.1
364
+ rubygems_version: 3.1.6
365
365
  signing_key:
366
366
  specification_version: 4
367
367
  summary: Ruby library for Enzoic API