Contents

# frozen_string_literal: true

require "digest/sha1"

module Authlogic
  module CryptoProviders
    # A poor choice. There are known attacks against this algorithm.
    class Sha1
      class << self
        def join_token
          @join_token ||= "--"
        end
        attr_writer :join_token

        # The number of times to loop through the encryption.
        def stretches
          @stretches ||= 10
        end
        attr_writer :stretches

        # Turns your raw password into a Sha1 hash.
        def encrypt(*tokens)
          tokens = tokens.flatten
          digest = tokens.shift
          stretches.times do
            digest = Digest::SHA1.hexdigest([digest, *tokens].join(join_token))
          end
          digest
        end

        # Does the crypted password match the tokens? Uses the same tokens that
        # were used to encrypt.
        def matches?(crypted, *tokens)
          encrypt(*tokens) == crypted
        end
      end
    end
  end
end

Version data entries

7 entries across 7 versions & 1 rubygems

Version	Path
authlogic-5.2.0	lib/authlogic/crypto_providers/sha1.rb
authlogic-5.1.0	lib/authlogic/crypto_providers/sha1.rb
authlogic-5.0.4	lib/authlogic/crypto_providers/sha1.rb
authlogic-5.0.3	lib/authlogic/crypto_providers/sha1.rb
authlogic-5.0.2	lib/authlogic/crypto_providers/sha1.rb
authlogic-5.0.1	lib/authlogic/crypto_providers/sha1.rb
authlogic-5.0.0	lib/authlogic/crypto_providers/sha1.rb