class Net::LDAP::Password

Public Class Methods

generate(type, str) click to toggle source

Generate a password-hash suitable for inclusion in an LDAP attribute. Pass a hash type as a symbol (:md5, :sha, :ssha) and a plaintext password. This function will return a hashed representation.

# File lib/net/ldap/password.rb, line 22
def generate(type, str)
  case type
  when :md5
     '{MD5}' + Base64.strict_encode64(Digest::MD5.digest(str))
  when :sha
     '{SHA}' + Base64.strict_encode64(Digest::SHA1.digest(str))
  when :ssha
     salt = SecureRandom.random_bytes(16)
     '{SSHA}' + Base64.strict_encode64(Digest::SHA1.digest(str + salt) + salt)
  when :ssha256
    salt = SecureRandom.random_bytes(16)
    '{SSHA256}' + Base64.strict_encode64(Digest::SHA256.digest(str + salt) + salt)
  else
     raise Net::LDAP::HashTypeUnsupportedError, "Unsupported password-hash type (#{type})"
  end
end