bcrypt-ruby 2.1.3 → 2.1.4

data/bcrypt-ruby.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'bcrypt-ruby'
-  s.version = '2.1.3'
+  s.version = '2.1.4'
 
   s.summary = "OpenBSD's bcrypt() password hashing algorithm."
   s.description = <<-EOF

data/ext/jruby/bcrypt_jruby/BCrypt.java

@@ -63,7 +63,7 @@ import java.security.SecureRandom;
  */
 public class BCrypt {
 	// BCrypt parameters
-	private static int GENSALT_DEFAULT_LOG2_ROUNDS = 10;
+	private static final int GENSALT_DEFAULT_LOG2_ROUNDS = 10;
 	private static final int BCRYPT_SALT_LEN = 16;
 
 	// Blowfish parameters
@@ -655,13 +655,14 @@ public class BCrypt {
 
 		if (salt.charAt(0) != '$' || salt.charAt(1) != '2')
 			throw new IllegalArgumentException ("Invalid salt version");
-		if (salt.charAt(1) != '$') {
+		if (salt.charAt(2) == '$')
+			off = 3;
+		else {
 			minor = salt.charAt(2);
 			if (minor != 'a' || salt.charAt(3) != '$')
 				throw new IllegalArgumentException ("Invalid salt revision");
 			off = 4;
-		} else
-			off = 3;
+		}
 
 		// Extract number of rounds
 		if (salt.charAt(off + 2) > '$')
@@ -670,10 +671,9 @@ public class BCrypt {
 
 		real_salt = salt.substring(off + 3, off + 25);
 		try {
-			passwordb = (password + (minor >= 'a' ? "\000" : "")).getBytes("US-ASCII");
+			passwordb = (password + (minor >= 'a' ? "\000" : "")).getBytes("UTF-8");
 		} catch (UnsupportedEncodingException uee) {
-			// The JDK guarantees that US-ASCII is supported.
-			throw new AssertionError("US-ASCII is not supported");
+			throw new AssertionError("UTF-8 is not supported");
 		}
 
 		saltb = decode_base64(real_salt, BCRYPT_SALT_LEN);

data/spec/TestBCrypt.java

@@ -172,4 +172,23 @@ public class TestBCrypt extends TestCase {
 		}
 		System.out.println("");
 	}
+
+	/**
+	 * Test for correct hashing of non-US-ASCII passwords
+	 */
+	public void testInternationalChars() {
+		System.out.print("BCrypt.hashpw w/ international chars: ");
+		String pw1 = "ππππππππ";
+		String pw2 = "????????";
+
+		String h1 = BCrypt.hashpw(pw1, BCrypt.gensalt());
+		assertFalse(BCrypt.checkpw(pw2, h1));
+		System.out.print(".");
+
+		String h2 = BCrypt.hashpw(pw2, BCrypt.gensalt());
+		assertFalse(BCrypt.checkpw(pw1, h2));
+		System.out.print(".");
+		System.out.println("");
+	}
+
 }

metadata

@@ -1,12 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: bcrypt-ruby
 version: !ruby/object:Gem::Version 
-  prerelease: false
+  hash: 3
+  prerelease: 
   segments: 
   - 2
   - 1
-  - 3
-  version: 2.1.3
+  - 4
+  version: 2.1.4
 platform: ruby
 authors: 
 - Coda Hale
@@ -14,16 +15,18 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-12-20 00:00:00 -08:00
+date: 2011-01-08 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rake-compiler
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 3
         segments: 
         - 0
         version: "0"
@@ -33,9 +36,11 @@ dependencies:
   name: rspec
   prerelease: false
   requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 3
         segments: 
         - 0
         version: "0"
@@ -88,23 +93,27 @@ rdoc_options:
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 requirements: []
 
 rubyforge_project: bcrypt-ruby
-rubygems_version: 1.3.6
+rubygems_version: 1.4.0
 signing_key: 
 specification_version: 3
 summary: OpenBSD's bcrypt() password hashing algorithm.