wikk_password 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 19ad1b3c011f21c528f0768d52ca3506888a6233
-  data.tar.gz: e4da4cdd96b35f04d50d485f41ffc34960710581
+  metadata.gz: 2fffbdd9a85babdcd1d772562115dd37a0c37d02
+  data.tar.gz: c27e7637480d190624a963ecf670eedaed492e03
 SHA512:
-  metadata.gz: b5c4e05d87e354db09cbe4d95c100752609318da46ea6872046f7155f4184650047e32e2dbb1810da6390d390b5f607a3ed7dab2b47bbf4cd83eef1866863270
-  data.tar.gz: bb321619963fe5f17bf2200a95b5f5529490e9a3b605bd1ceeb8c2c6fe96cea0af85537bce6b0977eaf6b66b72cf80363ddb1876ce996e06ba076e6bb6d3ab78
+  metadata.gz: f6dd9964dd64a155a9fc9c537bd179831a7b4b32b735d13cb96383abea0732c792e636f98322a73c7a7a437d20487245d915202db66e2c639117f2caf9787907
+  data.tar.gz: 47d8c78a9b077cfb0f4cce88ca2a6bc253a5d83e6cbda979c6912ac2cb520cc84b046c37f87a4806e48a2afa5a2239c7e5cebd3498ac0a0c26ba61177186e4f5

data/History.txt

@@ -1,2 +1,14 @@
+robertburrowes	Wed Jun 22 22:53:58 2016 +1200
+	Wrong spelling of unix-crypt
+robertburrowes	Wed Jun 22 22:50:55 2016 +1200
+	Dropping this from tracking as auto generated
+robertburrowes	Wed Jun 22 22:49:47 2016 +1200
+	added MD5 and SHA512 test case to test password file
+robertburrowes	Wed Jun 22 22:49:03 2016 +1200
+	Noted lack of locking
+robertburrowes	Wed Jun 22 22:48:50 2016 +1200
+	Added dependencies, though hoe grumbles.
+robertburrowes	Wed Jun 22 22:48:32 2016 +1200
+	Tidy up, adding yard comments, bug fixes from library transition
 robertburrowes	Wed Jun 22 21:16:24 2016 +1200
 	first commit

data/lib/wikk_password.rb

@@ -8,7 +8,7 @@ module WIKK
   # @attr_reader [String] user the decrypted text
   # @attr_reader [String] password the encrypted password, in form $type$initial_vector$encrypted_text
   class Password
-    VERSION = '0.1.1'
+    VERSION = '0.1.2'
 
     attr_reader :user, :password
     
@@ -44,6 +44,18 @@ module WIKK
     def valid_sha256_response?(challenge, response)
       return response == Digest::SHA256.digest(decrypt + challenge).unpack('H*')[0]
     end
+    
+    #Compare an SHA256 hashed password + challenge with this users password
+    #  @param user [String] User name to fetch from password file, or to create, if new_user == true
+    #  @param config [WIKK:Configuration] or hash or class with attr_readers :passwordFile, :encryption, :key
+    #  @param challenge [String] a random string, sent to the remote client, added to the password, and SHA256 hashed
+    #  @param response [String] the remote clients hex_SHA256(password + challenge)
+    #  @return [Boolean] True if the users password matches the one that created the response.
+    #  @note The password entry must be decryptable, not a UNIX style hash.
+    #  @raise [ArgumentError] if the encryption method is unknown.
+    def self.valid_sha256_response?(user, config, challenge, response)
+      self.new(user, config).valid_sha256_response?(challenge, response)
+    end
       
     #Compares the password with the user's password by encrypting the password passed in
     #  @param password [String] The clear text password
@@ -51,7 +63,7 @@ module WIKK
     #  @raise [ArgumentError] if the encryption method is unknown.
     def valid?(ct_password)
       ignore,encryption,iv,password = @password.split('$')
-      encryption = DES if ignore != '' #No $'s in DES password, so ignore has text.
+      encryption = 'DES' if ignore != '' #No $'s in DES password, so ignore has text.
       case encryption
       when 'ct'; return ct_password == @password
       when 'aes256'; return encrypt(ct_password, encryption, iv) == @password

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wikk_password
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Rob Burrowes
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-06-22 00:00:00.000000000 Z
+date: 2016-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: unix-crypt