2019-05-02 17:17:27 -05:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2021-05-20 20:43:47 -05:00
|
|
|
# Note: This logic was originally extracted from the Pbkdf2 gem to fix Ruby 2.0
|
2020-08-31 14:20:44 -05:00
|
|
|
# issues, but that gem has gone stale so we won't be returning to it.
|
2013-03-06 06:12:16 -06:00
|
|
|
|
2023-01-09 06:10:19 -06:00
|
|
|
require "openssl"
|
|
|
|
require "xorcist"
|
2013-03-06 06:12:16 -06:00
|
|
|
|
|
|
|
class Pbkdf2
|
2013-07-22 20:36:01 -05:00
|
|
|
def self.hash_password(password, salt, iterations, algorithm = "sha256")
|
2014-01-20 11:33:40 -06:00
|
|
|
h = OpenSSL::Digest.new(algorithm)
|
2013-07-22 20:36:01 -05:00
|
|
|
|
2013-03-06 06:12:16 -06:00
|
|
|
u = ret = prf(h, password, salt + [1].pack("N"))
|
|
|
|
|
2013-07-22 20:36:01 -05:00
|
|
|
2.upto(iterations) do
|
2017-07-27 20:20:09 -05:00
|
|
|
u = prf(h, password, u)
|
2022-02-02 23:19:30 -06:00
|
|
|
Xorcist.xor!(ret, u)
|
2013-03-06 06:12:16 -06:00
|
|
|
end
|
|
|
|
|
2017-07-27 20:20:09 -05:00
|
|
|
ret.bytes.map { |b| ("0" + b.to_s(16))[-2..-1] }.join("")
|
2013-03-06 06:12:16 -06:00
|
|
|
end
|
|
|
|
|
2013-07-22 20:36:01 -05:00
|
|
|
protected
|
2013-03-06 06:12:16 -06:00
|
|
|
|
|
|
|
def self.prf(hash_function, password, data)
|
|
|
|
OpenSSL::HMAC.digest(hash_function, password, data)
|
|
|
|
end
|
|
|
|
end
|