Class: Apr1Md5

Inherits:

Object

Object
Apr1Md5

show all

Defined in:: modules/wmflib/lib/apr1md5.rb

Overview

This class is a conversion to puppet of htauth's methods See github.com/copiousfreetime/htauth/blob/master/LICENSE for copying rights Original code Copyright © 2008 Jeremy Hinegardner Modifications Copyright © 2017 Giuseppe Lavagetto, Wikimedia Foundation, Inc.

Constant Summary collapse

DIGEST_LENGTH =

SALT_CHARS = from github.com/copiousfreetime/htauth/blob/master/lib/htauth/algorithm.rb this is not the Base64 encoding, this is the to64() method from apr

(%w( . / ) + ("0".."9").to_a + ('A'..'Z').to_a + ('a'..'z').to_a).freeze

Instance Method Summary collapse

#encode(password) ⇒ Object

this algorithm pulled straight from apr_md5_encode() and converted to ruby syntax.
#initialize(salt) ⇒ Apr1Md5 constructor

A new instance of Apr1Md5.
#prefix ⇒ Object
#to_64(number, rounds) ⇒ Object

Constructor Details

#initialize(salt) ⇒ `Apr1Md5`

Returns a new instance of Apr1Md5.



11
12
13

# File 'modules/wmflib/lib/apr1md5.rb', line 11

def initialize(salt)
  @salt = salt
end

Instance Method Details

#encode(password) ⇒ `Object`

this algorithm pulled straight from apr_md5_encode() and converted to ruby syntax

# File 'modules/wmflib/lib/apr1md5.rb', line 32

def encode(password)
  primary = ::Digest::MD5.new
  primary << password
  primary << prefix
  primary << @salt

  md5_t = ::Digest::MD5.digest("#{password}#{@salt}#{password}")

  l = password.length
  while l > 0 # rubocop:disable Style/NumericPredicate
    slice_size = (l > DIGEST_LENGTH) ? DIGEST_LENGTH : l
    primary << md5_t[0, slice_size]
    l -= DIGEST_LENGTH
  end

  # weirdness
  l = password.length
  while l != 0
    case (l & 1)
    when 1
      primary << 0.chr
    when 0
      primary << password[0, 1]
    end
    l >>= 1
  end

  pd = primary.digest

  encoded_password = "#{prefix}#{@salt}$"

  # apr_md5_encode has this comment about a 60Mhz Pentium above this loop.
  1000.times do |x|
    ctx = ::Digest::MD5.new
    ctx << (((x & 1) == 1) ? password : pd[0, DIGEST_LENGTH])
    (ctx << @salt) unless (x % 3).zero?
    (ctx << password) unless (x % 7).zero?
    ctx << (((x & 1).zero?) ? password : pd[0, DIGEST_LENGTH])
    pd = ctx.digest
  end

  pd = pd.bytes.to_a

  l = (pd[0] << 16) | (pd[6] << 8) | pd[12]
  encoded_password << to_64(l, 4)

  l = (pd[1] << 16) | (pd[7] << 8) | pd[13]
  encoded_password << to_64(l, 4)

  l = (pd[2] << 16) | (pd[8] << 8) | pd[14]
  encoded_password << to_64(l, 4)

  l = (pd[3] << 16) | (pd[9] << 8) | pd[15]
  encoded_password << to_64(l, 4)

  l = (pd[4] << 16) | (pd[10] << 8) | pd[5]
  encoded_password << to_64(l, 4)
  encoded_password << to_64(pd[11], 2)

  encoded_password
end

#prefix ⇒ `Object`



15
16
17

# File 'modules/wmflib/lib/apr1md5.rb', line 15

def prefix
  "$apr1$"
end

#to_64(number, rounds) ⇒ `Object`

# File 'modules/wmflib/lib/apr1md5.rb', line 22

def to_64(number, rounds)
  r = StringIO.new
  rounds.times do
    r.print(SALT_CHARS[number % 64])
    number >>= 6
  end
  r.string
end