Port ColdFusion Java散列函数到Ruby

时间:2014-08-09 17:17:29

标签: java ruby encryption coldfusion sha256

我正在尝试将一个java哈希函数移植到Ruby,但最终会得到一个与预期不同的哈希。下面是相关的java函数(coldfusion):

 public string function hashAdministrator(required string pass) {
   MessageDigest = createObject('java','java.security.MessageDigest');
   for(i=1; i<=5; i++) {
     md = MessageDigest.getInstance('SHA-256');
     md.update(pass.getBytes('UTF-8'));
     pass = enc(md.digest());
   }
   return pass;
 }

 private string function enc(strArr) {
   //local.strArr = str.getBytes('UTF-8');
   local.hex = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'];

   savecontent variable="local.out" {
     for (local.item in strArr) {
       writeOutput(hex[bitshrn(bitAnd(240,local.item),4)+1]);
       writeOutput(hex[bitAnd(15,local.item)+1]);
     }
   };
   return local.out;
 }

以下是我的红宝石代码:

 # encoding: utf-8

 require 'digest/sha2'

 class RailoPassword

   attr_accessor :pass

   def admin_password
     password = ''
     5.times do
       md = Digest::SHA2.new
       md.update(self.pass)
       password = self.enc(md.digest.bytes.to_a)
     end
     password
   end


   def enc(strarr)
     hex = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f']

     a = ''
     strarr.each do |item|
       a << hex[((0xF0 & item) >> 4)]
       a << hex[(0x0F & item)]
     end
     a
   end
 end

ruby​​中的实际实现:

 a = RailoPassword.new
 a.pass = 'test1234'
 puts 'expected: 0be431aeebf55fdc30296e1224fb80b0edbebcddaedb65fcbad1315e906dde65'
 puts "actual:   #{a.admin_password}"

预期哈希:0be431aeebf55fdc30296e1224fb80b0edbebcddaedb65fcbad1315e906dde65

返回哈希:937e8d5fbb48bd4949536cd65b8d35c426b80d2f830c5c308e2cdec422ae2244

返回的哈希与我刚从Digest :: SHA2获取十六进制摘要:

相同 
 1.9.3-p547 :335 > Digest::SHA2.hexdigest('test1234')
  => "937e8d5fbb48bd4949536cd65b8d35c426b80d2f830c5c308e2cdec422ae2244"

非常感谢任何协助。

2 个答案:

答案 0 :(得分:1)

你不应该这样做:

password = self.pass

然后

md.update(password)

答案 1 :(得分:1)

此:

def admin_password
    password = ''
    5.times do
        md = Digest::SHA2.new
        md.update(self.pass)
        password = self.enc(md.digest.bytes.to_a)
    end
    password
end

与您的CFML逻辑不匹配。它应该是这个(我是一个Ruby新手,如果这不是完美的Ruby,那么道歉):

def admin_password
    # password = '' # get rid of this
    5.times do
        md = Digest::SHA2.new
        md.update(self.pass)
        self.pass = self.enc(md.digest.bytes.to_a) # update the correct variable here
    end
    self.pass # and return the correct variable here
end

完成后,两个代码块都返回相同的值0be431aeebf55fdc30296e1224fb80b0edbebcddaedb65fcbad1315e906dde65

而且,坦率地说,如果你也完成了@owlstead的建议并做了一些调试,这对你来说很明显。所以也有一个教训:如果你寻求帮助,请注意所提供的帮助。

相关问题
最新问题