go_secure 0.2 → 0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/go_secure.rb +16 -4
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6df2e5055235de7fb8e1f4ffa24f139f608d99da
|
|
4
|
+
data.tar.gz: d324a65339e5f79aa7397ac3a70eb29595ed7330
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3d9fe792505c3dc4a2aa70a5d28dd61d55962b8ed414ead63ca143e9e68e4b56a59c773ee1615551ce67212e15f94c61649cbb111fd4af3186b0126d26659de8
|
|
7
|
+
data.tar.gz: 78dd5d713327f3dfcbbcd79582008a0b25a5d80b3aaa3de010ae1e4da6169abd03e38fbbff013aecd9cf7cb9799b24cd38468cd41e4be4269f9ecc83ca036326
|
data/lib/go_secure.rb
CHANGED
|
@@ -1,10 +1,18 @@
|
|
|
1
1
|
require 'openssl'
|
|
2
|
+
require 'base64'
|
|
2
3
|
|
|
3
4
|
module GoSecure
|
|
4
5
|
def self.sha512(str, salt, encryption_key=nil)
|
|
5
6
|
Digest::SHA512.hexdigest(str.to_s + salt.to_s + (encryption_key || self.encryption_key))
|
|
6
7
|
end
|
|
7
8
|
|
|
9
|
+
def self.hmac(str, salt, level, encryption_key=nil)
|
|
10
|
+
# level is here so we can upgrade in the future without breaking backwards compatibility
|
|
11
|
+
raise "invalid level" unless level == 1
|
|
12
|
+
digest = OpenSSL::Digest::SHA512.new(encryption_key || self.encryption_key)
|
|
13
|
+
res = Base64.urlsafe_encode64(OpenSSL::PKCS5.pbkdf2_hmac(str.to_s, salt.to_s, 100000, digest.digest_length, digest))
|
|
14
|
+
end
|
|
15
|
+
|
|
8
16
|
def self.nonce(str)
|
|
9
17
|
Digest::SHA512.hexdigest(str.to_s + Time.now.to_i.to_s + rand(999999).to_s + self.encryption_key)[0, 24]
|
|
10
18
|
end
|
|
@@ -37,18 +45,18 @@ module GoSecure
|
|
|
37
45
|
pw = {}
|
|
38
46
|
# pw['hash_type'] = 'sha512'
|
|
39
47
|
# pw['hash_type'] = 'bcrypt'
|
|
40
|
-
pw['hash_type'] = 'pbkdf2-sha256'
|
|
48
|
+
pw['hash_type'] = 'pbkdf2-sha256-2'
|
|
41
49
|
pw['salt'] = Digest::MD5.hexdigest(OpenSSL::Random.pseudo_bytes(4) + Time.now.to_i.to_s + self.encryption_key + "pw" + OpenSSL::Random.pseudo_bytes(16))
|
|
42
50
|
# pw['hashed_password'] = Digest::SHA512.hexdigest(self.encryption_key + pw['salt'] + password.to_s)
|
|
43
51
|
# salted = Digest::SHA256.hexdigest(self.encryption_key + pw['salt'] + password.to_s)
|
|
44
52
|
# pw['hashed_password'] = BCrypt::Password.create(salted)
|
|
45
|
-
digest = OpenSSL::Digest::
|
|
46
|
-
pw['hashed_password'] = Base64.
|
|
53
|
+
digest = OpenSSL::Digest::SHA512.new(self.encryption_key)
|
|
54
|
+
pw['hashed_password'] = Base64.urlsafe_encode64(OpenSSL::PKCS5.pbkdf2_hmac(password.to_s, pw['salt'], 100000, digest.digest_length, digest))
|
|
47
55
|
pw
|
|
48
56
|
end
|
|
49
57
|
|
|
50
58
|
def self.outdated_password?(password_hash)
|
|
51
|
-
return password_hash && password_hash['hash_type'] != 'pbkdf2-sha256'
|
|
59
|
+
return password_hash && password_hash['hash_type'] != 'pbkdf2-sha256-2'
|
|
52
60
|
end
|
|
53
61
|
|
|
54
62
|
def self.matches_password?(attempt, password_hash)
|
|
@@ -68,6 +76,10 @@ module GoSecure
|
|
|
68
76
|
digest = OpenSSL::Digest::SHA256.new
|
|
69
77
|
str = Base64.encode64(OpenSSL::PKCS5.pbkdf2_hmac(attempt.to_s, password_hash['salt'], 100000, digest.digest_length, digest))
|
|
70
78
|
res = str == password_hash['hashed_password']
|
|
79
|
+
elsif password_hash && password_hash['hash_type'] == 'pbkdf2-sha256-2' && password_hash['salt']
|
|
80
|
+
digest = OpenSSL::Digest::SHA512.new(self.encryption_key)
|
|
81
|
+
str = Base64.urlsafe_encode64(OpenSSL::PKCS5.pbkdf2_hmac(attempt.to_s, password_hash['salt'], 100000, digest.digest_length, digest))
|
|
82
|
+
res = str == password_hash['hashed_password']
|
|
71
83
|
else
|
|
72
84
|
false
|
|
73
85
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: go_secure
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: '0.
|
|
4
|
+
version: '0.3'
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Whitmer
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-04-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|