Authlogic. What hash function?

Question

I have a ruby project. It use Authlogic lib. I can't understand how it's implemented hash function. In source coude I found than

crypted_password: Authlogic::CryptoProviders::Sha512.encrypt(password+salt)

In my db where is a row where

crypted_password = bd9caf437ea2bb50d34f3d6d6d01bbf8cd098261ba58422cec88d9bdcf46c27b8ba543dff0ed5cae415559d192434df4949880c0d28e9410d0fb62f8f0d92bed

password_salt = eP8xVI5TCuUDKpd7Z

I now that a password is

password = l2xHodwyri

But when I use sha512('l2xHodwyri' + 'eP8xVI5TCuUDKpd7Z') => 22352f2053e2286bcb5513aea8d79011abe04cd44ccc00d4983e51c119b19b8e02a39b6833e3b8b273b4eb97ad486a2e214a9ea0140247e3fd1b02cb267b01e1

What am I doing wrong?

score 2 · Accepted Answer · answered Apr 09 '15 at 10:16

2

Open source, you know, is so open.

Using the link above you could see, that the digesting is being performed 20 times unless you explicitly hack the code with:

Authlogic::CryptoProviders::Sha512.stretches = 1

answered Apr 09 '15 at 10:16

Aleksei Matiushkin

119,336
10
100
160

Authlogic. What hash function?

1 Answers1