mram-phpbb_hash 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. data/.gitignore +17 -0
  2. data/Gemfile +4 -0
  3. data/LICENSE +22 -0
  4. data/README.md +22 -0
  5. data/Rakefile +2 -0
  6. data/lib/mram-phpbb_hash/version.rb +5 -0
  7. data/lib/mram-phpbb_hash.rb +70 -0
  8. data/mram-phpbb_hash.gemspec +17 -0
  9. metadata +53 -0
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in mram-phpbb_hash.gemspec
4
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2012 Markus Rambossek
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,22 @@
1
+ Mram::PhpbbHash
2
+ ===============
3
+
4
+ i'm not exactly sure what, and why, the phpBB people are doing this crazy custom hashing. but if you ever need to authenticate against a phpBB user table, this gem will help you do exactly that.
5
+
6
+ Usage
7
+ =====
8
+
9
+ just include mram-phpbb\_hash in your Gemfile, and use it like this:
10
+
11
+ > inputpass = params[:password] # from post variables, for example
12
+ > phpbbhash = get\_hash\_from\_phpbb\_database(params[:user]) # whatever you need to do to get the hash from the database
13
+ > if Mram::PhpbbHash.check\_hash(inputpass, phpbbhash) then
14
+ > puts "success!"
15
+ > else
16
+ > puts "hash does not match!"
17
+ > end
18
+
19
+ Other Info
20
+ ==========
21
+
22
+ the actual code was translated to ruby by me from [phpBB 3 Sources](https://github.com/phpbb/phpbb3/blob/develop/phpBB/includes/functions.php).
data/Rakefile ADDED
@@ -0,0 +1,2 @@
1
+ #!/usr/bin/env rake
2
+ require "bundler/gem_tasks"
data/lib/mram-phpbb_hash/version.rb ADDED
@@ -0,0 +1,5 @@
1
+ module Mram
2
+ module PhpbbHash
3
+ VERSION = "0.1.0"
4
+ end
5
+ end
data/lib/mram-phpbb_hash.rb ADDED
@@ -0,0 +1,70 @@
1
+ require "mram-phpbb_hash/version"
2
+
3
+ require 'digest/md5'
4
+
5
+ module Mram
6
+ module PhpbbHash
7
+ def self.check_hash(password, hash)
8
+ itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
9
+
10
+ if hash.length == 34 then
11
+ calc_phpbb_hash(password, hash, itoa64) == hash
12
+ else
13
+ calc_md5(password) == hash
14
+ end
15
+ end
16
+
17
+ def self.calc_md5(password)
18
+ return Digest::MD5.hexdigest(password)
19
+ end
20
+
21
+ def self.calc_phpbb_hash(password, setting, itoa64)
22
+ # Check for correct hash
23
+ hashtype = setting[0..2]
24
+ raise(Exception::WrongHashTypeError, "unknown hash type: '#{hashtype}'") unless [ "$H$", "$P$" ].include?(hashtype)
25
+
26
+ count_log2 = itoa64.index(setting[3])
27
+ raise(Exception::WtfError, "WTF: count_log2 is #{count_log2}") unless (7..30).include? count_log2
28
+
29
+ count = 1 << count_log2
30
+ salt = setting[4, 8]
31
+ raise(Exception::WtfError, "WTF: salt.length is not 8") unless salt.length == 8
32
+
33
+ hash = Digest::MD5.digest(salt + password)
34
+ count.times { hash = Digest::MD5.digest(hash + password) }
35
+
36
+ setting[0, 12] + _hash_encode64(hash, 16, itoa64)
37
+ end
38
+
39
+ def self._hash_encode64(input, count, itoa64)
40
+ output = ""
41
+
42
+ i = 0
43
+ begin
44
+ value = input[i].ord
45
+ i += 1
46
+
47
+ output += itoa64[value & 0x3f]
48
+ value |= (input[i].ord << 8) if i < count
49
+ output += itoa64[(value >> 6) & 0x3f]
50
+
51
+ break if i >= count
52
+ i += 1
53
+
54
+ value |= (input[i].ord << 16) if i < count
55
+ output += itoa64[(value >> 12) & 0x3f]
56
+
57
+ break if i >= count
58
+ i += 1
59
+
60
+ output += itoa64[(value >> 18) & 0x3f]
61
+ end while i < count
62
+
63
+ output
64
+ end
65
+ end
66
+
67
+ module Exception
68
+ class WrongHashTypeError < StandardError; end
69
+ end
70
+ end
data/mram-phpbb_hash.gemspec ADDED
@@ -0,0 +1,17 @@
1
+ # -*- encoding: utf-8 -*-
2
+ require File.expand_path('../lib/mram-phpbb_hash/version', __FILE__)
3
+
4
+ Gem::Specification.new do |gem|
5
+ gem.authors = ["Markus Rambossek"]
6
+ gem.email = ["git@rambossek.at"]
7
+ gem.description = %q{allows you to check a password against a phpBB 3.x hash}
8
+ gem.summary = %q{allows you to check a password against a phpBB 3.x hash}
9
+ gem.homepage = "https://github.com/mrambossek/mram-phpbb_hash"
10
+
11
+ gem.files = `git ls-files`.split($\)
12
+ gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
13
+ gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
14
+ gem.name = "mram-phpbb_hash"
15
+ gem.require_paths = ["lib"]
16
+ gem.version = Mram::PhpbbHash::VERSION
17
+ end
metadata ADDED
@@ -0,0 +1,53 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: mram-phpbb_hash
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Markus Rambossek
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2012-09-01 00:00:00.000000000 Z
13
+ dependencies: []
14
+ description: allows you to check a password against a phpBB 3.x hash
15
+ email:
16
+ - git@rambossek.at
17
+ executables: []
18
+ extensions: []
19
+ extra_rdoc_files: []
20
+ files:
21
+ - .gitignore
22
+ - Gemfile
23
+ - LICENSE
24
+ - README.md
25
+ - Rakefile
26
+ - lib/mram-phpbb_hash.rb
27
+ - lib/mram-phpbb_hash/version.rb
28
+ - mram-phpbb_hash.gemspec
29
+ homepage: https://github.com/mrambossek/mram-phpbb_hash
30
+ licenses: []
31
+ post_install_message:
32
+ rdoc_options: []
33
+ require_paths:
34
+ - lib
35
+ required_ruby_version: !ruby/object:Gem::Requirement
36
+ none: false
37
+ requirements:
38
+ - - ! '>='
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ required_rubygems_version: !ruby/object:Gem::Requirement
42
+ none: false
43
+ requirements:
44
+ - - ! '>='
45
+ - !ruby/object:Gem::Version
46
+ version: '0'
47
+ requirements: []
48
+ rubyforge_project:
49
+ rubygems_version: 1.8.11
50
+ signing_key:
51
+ specification_version: 3
52
+ summary: allows you to check a password against a phpBB 3.x hash
53
+ test_files: []