Class: Apr1Md5

Inherits:
Object show all
Defined in:
modules/wmflib/lib/apr1md5.rb

Overview

This class is a conversion to puppet of htauth's methods See github.com/copiousfreetime/htauth/blob/master/LICENSE for copying rights Original code Copyright © 2008 Jeremy Hinegardner Modifications Copyright © 2017 Giuseppe Lavagetto, Wikimedia Foundation, Inc.

Constant Summary collapse

DIGEST_LENGTH =
16
SALT_CHARS =

from github.com/copiousfreetime/htauth/blob/master/lib/htauth/algorithm.rb this is not the Base64 encoding, this is the to64() method from apr

(%w( . / ) + ("0".."9").to_a + ('A'..'Z').to_a + ('a'..'z').to_a).freeze

Instance Method Summary collapse

Constructor Details

#initialize(salt) ⇒ Apr1Md5

Returns a new instance of Apr1Md5.



11
12
13
# File 'modules/wmflib/lib/apr1md5.rb', line 11

def initialize(salt)
  @salt = salt
end

Instance Method Details

#encode(password) ⇒ Object

this algorithm pulled straight from apr_md5_encode() and converted to ruby syntax



32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# File 'modules/wmflib/lib/apr1md5.rb', line 32

def encode(password)
  primary = ::Digest::MD5.new
  primary << password
  primary << prefix
  primary << @salt

  md5_t = ::Digest::MD5.digest("#{password}#{@salt}#{password}")

  l = password.length
  while l > 0 # rubocop:disable Style/NumericPredicate
    slice_size = (l > DIGEST_LENGTH) ? DIGEST_LENGTH : l
    primary << md5_t[0, slice_size]
    l -= DIGEST_LENGTH
  end

  # weirdness
  l = password.length
  while l != 0
    case (l & 1)
    when 1
      primary << 0.chr
    when 0
      primary << password[0, 1]
    end
    l >>= 1
  end

  pd = primary.digest

  encoded_password = "#{prefix}#{@salt}$"

  # apr_md5_encode has this comment about a 60Mhz Pentium above this loop.
  1000.times do |x|
    ctx = ::Digest::MD5.new
    ctx << (((x & 1) == 1) ? password : pd[0, DIGEST_LENGTH])
    (ctx << @salt) unless (x % 3).zero?
    (ctx << password) unless (x % 7).zero?
    ctx << (((x & 1).zero?) ? password : pd[0, DIGEST_LENGTH])
    pd = ctx.digest
  end

  pd = pd.bytes.to_a

  l = (pd[0] << 16) | (pd[6] << 8) | pd[12]
  encoded_password << to_64(l, 4)

  l = (pd[1] << 16) | (pd[7] << 8) | pd[13]
  encoded_password << to_64(l, 4)

  l = (pd[2] << 16) | (pd[8] << 8) | pd[14]
  encoded_password << to_64(l, 4)

  l = (pd[3] << 16) | (pd[9] << 8) | pd[15]
  encoded_password << to_64(l, 4)

  l = (pd[4] << 16) | (pd[10] << 8) | pd[5]
  encoded_password << to_64(l, 4)
  encoded_password << to_64(pd[11], 2)

  encoded_password
end

#prefixObject



15
16
17
# File 'modules/wmflib/lib/apr1md5.rb', line 15

def prefix
  "$apr1$"
end

#to_64(number, rounds) ⇒ Object



22
23
24
25
26
27
28
29
# File 'modules/wmflib/lib/apr1md5.rb', line 22

def to_64(number, rounds)
  r = StringIO.new
  rounds.times do
    r.print(SALT_CHARS[number % 64])
    number >>= 6
  end
  r.string
end