class Net::SASL::CramMD5Authenticator
Authenticator
for the “CRAM-MD5
” SASL
mechanism, specified in RFC2195.
Deprecated¶ ↑
CRAM-MD5
is obsolete. It is included for compatibility with existing servers. draft-ietf-sasl-crammd5-to-historic recommends using SCRAM-*
or PLAIN
protected by TLS instead.
Attributes
done[R]
done?[R]
password[R]
username[R]
Public Class Methods
new(username, password, **_options)
click to toggle source
Provide the username
and password
credentials for authentication.
CRAM-MD5 doesn't support authzid
, and an ArgumentError will be raised if a third positional parameter is passed.
This should generally be instantiated via Net::SASL.authenticator
.
Calls superclass method
Net::SASL::Authenticator::new
# File lib/net/sasl/cram_md5_authenticator.rb, line 31 def initialize(username, password, **_options) super @username = username @password = password @done = false end
Public Instance Methods
process(challenge)
click to toggle source
responds to the server's challenge using the HMAC-MD5 algorithm.
# File lib/net/sasl/cram_md5_authenticator.rb, line 39 def process(challenge) digest = hmac_md5(challenge, password) "#{username} #{digest}" end
Private Instance Methods
hmac_md5(text, key)
click to toggle source
rubocop:disable Metrics/AbcSize, Metrics/MethodLength
# File lib/net/sasl/cram_md5_authenticator.rb, line 48 def hmac_md5(text, key) if key.length > 64 key = Digest::MD5.digest(key) end k_ipad = key + "\0" * (64 - key.length) k_opad = key + "\0" * (64 - key.length) (0..63).each do |i| k_ipad[i] = (k_ipad[i].ord ^ 0x36).chr k_opad[i] = (k_opad[i].ord ^ 0x5c).chr end digest = Digest::MD5.digest(k_ipad + text) Digest::MD5.hexdigest(k_opad + digest) end