Class: Net::IMAP::SASL::CramMD5Authenticator
Relationships & Source Files | |
Inherits: | Object |
Defined in: | lib/net/imap/sasl/cram_md5_authenticator.rb |
Overview
Authenticator for the “CRAM-MD5
” ::Net::IMAP::SASL
mechanism, specified in RFC2195. See Net::IMAP#authenticate.
Deprecated
CRAM-MD5
is obsolete and insecure. It is included for compatibility with existing servers. draft-ietf-sasl-crammd5-to-historic recommends using SCRAM-*
or PLAIN
protected by TLS instead.
Additionally, RFC8314 discourage the use of cleartext and recommends TLS version 1.2 or greater be used for all traffic. With TLS CRAM-MD5
is okay, but so is PLAIN
Class Method Summary
Instance Attribute Summary
- #done? ⇒ Boolean readonly
- #initial_response? ⇒ Boolean readonly
Instance Method Summary
Constructor Details
.new(user = nil, pass = nil, authcid: nil, username: nil, password: nil, secret: nil, warn_deprecation: true) ⇒ CramMD5Authenticator
# File 'lib/net/imap/sasl/cram_md5_authenticator.rb', line 17
def initialize(user = nil, pass = nil, authcid: nil, username: nil, password: nil, secret: nil, warn_deprecation: true, **) if warn_deprecation warn "WARNING: CRAM-MD5 mechanism is deprecated.", category: :deprecated end require "digest/md5" @user = authcid || username || user @password = password || secret || pass @done = false end
Instance Attribute Details
#done? ⇒ Boolean
(readonly)
[ GitHub ]
# File 'lib/net/imap/sasl/cram_md5_authenticator.rb', line 40
def done?; @done end
#initial_response? ⇒ Boolean
(readonly)
[ GitHub ]
# File 'lib/net/imap/sasl/cram_md5_authenticator.rb', line 31
def initial_response?; false end
Instance Method Details
#hmac_md5(text, key) (private)
[ GitHub ]# File 'lib/net/imap/sasl/cram_md5_authenticator.rb', line 44
def hmac_md5(text, key) if key.length > 64 key = Digest::MD5.digest(key) end k_ipad = key + "\0" * (64 - key.length) k_opad = key + "\0" * (64 - key.length) for i in 0..63 k_ipad[i] = (k_ipad[i].ord ^ 0x36).chr k_opad[i] = (k_opad[i].ord ^ 0x5c).chr end digest = Digest::MD5.digest(k_ipad + text) return Digest::MD5.hexdigest(k_opad + digest) end
#process(challenge)
[ GitHub ]# File 'lib/net/imap/sasl/cram_md5_authenticator.rb', line 33
def process(challenge) digest = hmac_md5(challenge, @password) return @user + " " + digest ensure @done = true end