ruby-drupal-hash 0.0.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 119a2aaf1ed6dfa3d5c829e8057e29dc9459ca5a
+  data.tar.gz: 1bd7e3462d57af151f5809808078e38136cb3d10
+SHA512:
+  metadata.gz: 0b1a90162d1414cbf74c1aaa815f8b26ecd55413befe6d303e1dcff3439e2538df05179284dfe4b2db3f8411497745d398eb54b279b88e48a261e2b5912360ce
+  data.tar.gz: 9b4a372223d60653db080afb05bb1f579934127ab46a7cae1415e77a77e3c0a6ca32885f058b1d2c70c345b275567a2a2fd6e5239c3dd588074d63054b7cffe5

data/lib/ruby_drupal_hash.rb

@@ -0,0 +1,124 @@
+###############################################################################
+#   Copyright 2013 Ben Walding
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+###############################################################################
+
+=begin
+RubyDrupalHash.verify("password1234", "$S$DeIZ1KTE.VzRvudZ5.xgOakipuMFrVyPmRdWTjAdYieWj27NMglI")
+=end
+class RubyDrupalHash
+  DRUPAL_HASH_COUNT = 15
+  DRUPAL_MIN_HASH_COUNT = 7
+  DRUPAL_MAX_HASH_COUNT = 30
+  DRUPAL_HASH_LENGTH = 55
+  ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+
+  HASH = Digest::SHA2.new(512)
+
+  def self.is_drupal_hash?(hashed_password)
+    hashed_password and (hashed_password[0..3] == 'U$S$' || hashed_password[0..2] == '$S$')
+  end
+
+  def self.verify(password, hashed_password)
+    return false if password.nil? or hashed_password.nil?
+    return false if not is_drupal_hash?(hashed_password)
+
+    # Known as an 'upgraded' Drupal hash
+    if hashed_password[0..1] == 'U$'
+      hashed_password = hashed_password[1..-1]
+      password = Digest::MD5.new().hexdigest(password)
+    end
+    
+    setting = hashed_password[0..11]
+    if setting[0] != '$' or setting[2] != '$'
+      # Wrong hash format
+      return false
+    end
+        
+    count_log2 = ITOA64.index(setting[3])
+    
+    if count_log2 < DRUPAL_MIN_HASH_COUNT or count_log2 > DRUPAL_MAX_HASH_COUNT
+      return false
+    end
+
+    salt = setting[4..4+7]
+    
+    if salt.length != 8
+      return false
+    end
+    
+    count = 2 ** count_log2
+       
+    pass_hash = HASH.digest(salt + password)
+
+    1.upto(count) do |i|
+      pass_hash = HASH.digest(pass_hash + password)
+    end
+
+    hash_length = pass_hash.length
+
+    output = setting + password_base64_encode(pass_hash, hash_length)
+
+    if output.length != 98
+      return false
+    end
+
+    return output[0..(DRUPAL_HASH_LENGTH-1)] == hashed_password      
+  end
+
+private
+  def self.password_base64_encode(to_encode, count)
+    output = ''
+    i = 0
+    while true
+      value = (to_encode[i]).ord
+          
+      i += 1
+          
+      output = output + ITOA64[value & 0x3f]
+      if i < count
+        value |= (to_encode[i].ord) << 8
+      end
+
+      output = output + ITOA64[(value >> 6) & 0x3f]
+  
+      if i >= count
+        break
+      end
+
+      i += 1
+  
+      if i < count
+        value |= (to_encode[i].ord) << 16
+      end
+          
+      output = output + ITOA64[(value >> 12) & 0x3f]
+  
+      if i >= count
+        break
+      end
+      
+      i += 1
+      
+      output = output + ITOA64[(value >> 18) & 0x3f]
+          
+      if i >= count
+        break
+      end
+      
+    end
+    return output
+  end
+end
+

metadata

@@ -0,0 +1,44 @@
+--- !ruby/object:Gem::Specification
+name: ruby-drupal-hash
+version: !ruby/object:Gem::Version
+  version: 0.0.3
+platform: ruby
+authors:
+- Ben Walding
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-05-31 00:00:00.000000000 Z
+dependencies: []
+description: Basic replication of Drupal's hash routine in Ruby
+email: ben@walding.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/ruby_drupal_hash.rb
+homepage: http://github.com/bwalding/ruby-drupal-hash
+licenses:
+- ASL v2
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.2
+signing_key: 
+specification_version: 4
+summary: Ruby Drupal Hash
+test_files: []