ruby-drupal-hash 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/ruby_drupal_hash.rb +124 -0
  3. metadata +44 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 119a2aaf1ed6dfa3d5c829e8057e29dc9459ca5a
4
+ data.tar.gz: 1bd7e3462d57af151f5809808078e38136cb3d10
5
+ SHA512:
6
+ metadata.gz: 0b1a90162d1414cbf74c1aaa815f8b26ecd55413befe6d303e1dcff3439e2538df05179284dfe4b2db3f8411497745d398eb54b279b88e48a261e2b5912360ce
7
+ data.tar.gz: 9b4a372223d60653db080afb05bb1f579934127ab46a7cae1415e77a77e3c0a6ca32885f058b1d2c70c345b275567a2a2fd6e5239c3dd588074d63054b7cffe5
data/lib/ruby_drupal_hash.rb ADDED
@@ -0,0 +1,124 @@
1
+ ###############################################################################
2
+ # Copyright 2013 Ben Walding
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
15
+ ###############################################################################
16
+
17
+ =begin
18
+ RubyDrupalHash.verify("password1234", "$S$DeIZ1KTE.VzRvudZ5.xgOakipuMFrVyPmRdWTjAdYieWj27NMglI")
19
+ =end
20
+ class RubyDrupalHash
21
+ DRUPAL_HASH_COUNT = 15
22
+ DRUPAL_MIN_HASH_COUNT = 7
23
+ DRUPAL_MAX_HASH_COUNT = 30
24
+ DRUPAL_HASH_LENGTH = 55
25
+ ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
26
+
27
+ HASH = Digest::SHA2.new(512)
28
+
29
+ def self.is_drupal_hash?(hashed_password)
30
+ hashed_password and (hashed_password[0..3] == 'U$S$' || hashed_password[0..2] == '$S$')
31
+ end
32
+
33
+ def self.verify(password, hashed_password)
34
+ return false if password.nil? or hashed_password.nil?
35
+ return false if not is_drupal_hash?(hashed_password)
36
+
37
+ # Known as an 'upgraded' Drupal hash
38
+ if hashed_password[0..1] == 'U$'
39
+ hashed_password = hashed_password[1..-1]
40
+ password = Digest::MD5.new().hexdigest(password)
41
+ end
42
+
43
+ setting = hashed_password[0..11]
44
+ if setting[0] != '$' or setting[2] != '$'
45
+ # Wrong hash format
46
+ return false
47
+ end
48
+
49
+ count_log2 = ITOA64.index(setting[3])
50
+
51
+ if count_log2 < DRUPAL_MIN_HASH_COUNT or count_log2 > DRUPAL_MAX_HASH_COUNT
52
+ return false
53
+ end
54
+
55
+ salt = setting[4..4+7]
56
+
57
+ if salt.length != 8
58
+ return false
59
+ end
60
+
61
+ count = 2 ** count_log2
62
+
63
+ pass_hash = HASH.digest(salt + password)
64
+
65
+ 1.upto(count) do |i|
66
+ pass_hash = HASH.digest(pass_hash + password)
67
+ end
68
+
69
+ hash_length = pass_hash.length
70
+
71
+ output = setting + password_base64_encode(pass_hash, hash_length)
72
+
73
+ if output.length != 98
74
+ return false
75
+ end
76
+
77
+ return output[0..(DRUPAL_HASH_LENGTH-1)] == hashed_password
78
+ end
79
+
80
+ private
81
+ def self.password_base64_encode(to_encode, count)
82
+ output = ''
83
+ i = 0
84
+ while true
85
+ value = (to_encode[i]).ord
86
+
87
+ i += 1
88
+
89
+ output = output + ITOA64[value & 0x3f]
90
+ if i < count
91
+ value |= (to_encode[i].ord) << 8
92
+ end
93
+
94
+ output = output + ITOA64[(value >> 6) & 0x3f]
95
+
96
+ if i >= count
97
+ break
98
+ end
99
+
100
+ i += 1
101
+
102
+ if i < count
103
+ value |= (to_encode[i].ord) << 16
104
+ end
105
+
106
+ output = output + ITOA64[(value >> 12) & 0x3f]
107
+
108
+ if i >= count
109
+ break
110
+ end
111
+
112
+ i += 1
113
+
114
+ output = output + ITOA64[(value >> 18) & 0x3f]
115
+
116
+ if i >= count
117
+ break
118
+ end
119
+
120
+ end
121
+ return output
122
+ end
123
+ end
124
+
metadata ADDED
@@ -0,0 +1,44 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: ruby-drupal-hash
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.3
5
+ platform: ruby
6
+ authors:
7
+ - Ben Walding
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2013-05-31 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: Basic replication of Drupal's hash routine in Ruby
14
+ email: ben@walding.com
15
+ executables: []
16
+ extensions: []
17
+ extra_rdoc_files: []
18
+ files:
19
+ - lib/ruby_drupal_hash.rb
20
+ homepage: http://github.com/bwalding/ruby-drupal-hash
21
+ licenses:
22
+ - ASL v2
23
+ metadata: {}
24
+ post_install_message:
25
+ rdoc_options: []
26
+ require_paths:
27
+ - lib
28
+ required_ruby_version: !ruby/object:Gem::Requirement
29
+ requirements:
30
+ - - '>='
31
+ - !ruby/object:Gem::Version
32
+ version: '0'
33
+ required_rubygems_version: !ruby/object:Gem::Requirement
34
+ requirements:
35
+ - - '>='
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ requirements: []
39
+ rubyforge_project:
40
+ rubygems_version: 2.0.2
41
+ signing_key:
42
+ specification_version: 4
43
+ summary: Ruby Drupal Hash
44
+ test_files: []