mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 03:40:00 +08:00
43ffd4d28f
* DEV: Switch our fast_xor gem for xorcist We use the `xor` function as part of password hashing and we want to use a faster version than the native ruby xor'ing feature so we use a gem for this. fast_xor has been abandoned, and xorcist fixed our initial holdup for switching in https://github.com/fny/xorcist/issues/4 xorcist also has jruby support so we can remove our jruby fallback logic. * Move using statement inside of class
34 lines
739 B
Ruby
34 lines
739 B
Ruby
# frozen_string_literal: true
|
|
|
|
# Note: This logic was originaly extracted from the Pbkdf2 gem to fix Ruby 2.0
|
|
# issues, but that gem has gone stale so we won't be returning to it.
|
|
|
|
require 'openssl'
|
|
require 'xorcist'
|
|
require 'xorcist/refinements'
|
|
|
|
class Pbkdf2
|
|
using Xorcist::Refinements
|
|
|
|
def self.hash_password(password, salt, iterations, algorithm = "sha256")
|
|
|
|
h = OpenSSL::Digest.new(algorithm)
|
|
|
|
u = ret = prf(h, password, salt + [1].pack("N"))
|
|
|
|
2.upto(iterations) do
|
|
u = prf(h, password, u)
|
|
ret.xor!(u)
|
|
end
|
|
|
|
ret.bytes.map { |b| ("0" + b.to_s(16))[-2..-1] }.join("")
|
|
end
|
|
|
|
protected
|
|
|
|
def self.prf(hash_function, password, data)
|
|
OpenSSL::HMAC.digest(hash_function, password, data)
|
|
end
|
|
|
|
end
|