bcrypt 3.1.11-java → 3.1.12-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.travis.yml +13 -8
- data/CHANGELOG +4 -0
- data/Gemfile.lock +4 -4
- data/README.md +57 -68
- data/Rakefile +4 -0
- data/appveyor.yml +50 -0
- data/bcrypt.gemspec +1 -1
- data/ext/mri/bcrypt_ext.c +1 -1
- metadata +34 -47
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: a1bd0f47d1a3a5073e23a4269baf9a294c972edc
|
4
|
+
data.tar.gz: b0cf8677f04f7830dd5c13bc75df6a3ea4a5d1b9
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 16b13fc03a3b87cae40577513c633b35b0f9f2696783bb01273afc138ccb42caafe2380829886d58a7ae6c4f458ce3cdb35d2043d278f03a7ca1e91f454e57e2
|
7
|
+
data.tar.gz: 981d4ab9048ae1054d6ebb8f2ed4f4e54e6f66d7eee2e230bc13d085ec90ff368fbf8dfd51eaa7d2ab7aaf247674a0bca9a4e173e01eafc03ff31d8b870ec127
|
data/.travis.yml
CHANGED
@@ -1,16 +1,21 @@
|
|
1
1
|
language: ruby
|
2
|
+
before_install:
|
3
|
+
- gem update --system
|
4
|
+
- gem install bundler
|
2
5
|
rvm:
|
3
|
-
- 1.8
|
4
|
-
- 1.9
|
5
|
-
-
|
6
|
-
- 2.
|
7
|
-
- 2.
|
8
|
-
- 2.
|
9
|
-
- 2.
|
6
|
+
- 1.8
|
7
|
+
- 1.9
|
8
|
+
- 2.0
|
9
|
+
- 2.1
|
10
|
+
- 2.2
|
11
|
+
- 2.3
|
12
|
+
- 2.4
|
13
|
+
- 2.5
|
14
|
+
- 2.6
|
10
15
|
- ruby-head
|
11
16
|
- jruby-18mode
|
12
17
|
- jruby-19mode
|
13
18
|
- jruby-head
|
14
|
-
- rbx-
|
19
|
+
- rbx-3
|
15
20
|
- ree
|
16
21
|
script: bundle exec rake
|
data/CHANGELOG
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
bcrypt (3.1.
|
4
|
+
bcrypt (3.1.12)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
8
8
|
specs:
|
9
9
|
diff-lcs (1.2.5)
|
10
|
-
json (1.8.
|
11
|
-
json (1.8.
|
10
|
+
json (1.8.6)
|
11
|
+
json (1.8.6-java)
|
12
12
|
rake (10.4.2)
|
13
13
|
rake-compiler (0.9.5)
|
14
14
|
rake
|
@@ -41,4 +41,4 @@ DEPENDENCIES
|
|
41
41
|
rspec (>= 3)
|
42
42
|
|
43
43
|
BUNDLED WITH
|
44
|
-
1.
|
44
|
+
1.16.1
|
data/README.md
CHANGED
@@ -30,8 +30,8 @@ re-hash those passwords. This vulnerability only affected the JRuby gem.
|
|
30
30
|
The bcrypt gem is available on the following ruby platforms:
|
31
31
|
|
32
32
|
* JRuby
|
33
|
-
* RubyInstaller 1.8, 1.9, 2.0, 2.1,
|
34
|
-
* Any 1.8, 1.9, 2.0, 2.1, 2.2, or 2.
|
33
|
+
* RubyInstaller 1.8, 1.9, 2.0, 2.1, 2.2, 2.3, 2.4, and 2.5 builds on Windows
|
34
|
+
* Any 1.8, 1.9, 2.0, 2.1, 2.2, 2.3, 2.4, or 2.5 Ruby on a BSD/OS X/Linux system with a compiler
|
35
35
|
|
36
36
|
## How to use `bcrypt()` in your Rails application
|
37
37
|
|
@@ -40,69 +40,58 @@ The bcrypt gem is available on the following ruby platforms:
|
|
40
40
|
implements a similar authentication strategy to the code below.
|
41
41
|
|
42
42
|
### The _User_ model
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
43
|
+
```ruby
|
44
|
+
require 'bcrypt'
|
45
|
+
|
46
|
+
class User < ActiveRecord::Base
|
47
|
+
# users.password_hash in the database is a :string
|
48
|
+
include BCrypt
|
49
|
+
|
50
|
+
def password
|
51
|
+
@password ||= Password.new(password_hash)
|
52
|
+
end
|
53
|
+
|
54
|
+
def password=(new_password)
|
55
|
+
@password = Password.create(new_password)
|
56
|
+
self.password_hash = @password
|
57
|
+
end
|
58
|
+
end
|
59
|
+
```
|
60
60
|
### Creating an account
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
61
|
+
```ruby
|
62
|
+
def create
|
63
|
+
@user = User.new(params[:user])
|
64
|
+
@user.password = params[:password]
|
65
|
+
@user.save!
|
66
|
+
end
|
67
|
+
```
|
68
68
|
### Authenticating a user
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
### If a user forgets their password?
|
80
|
-
|
81
|
-
# assign them a random one and mail it to them, asking them to change it
|
82
|
-
def forgot_password
|
83
|
-
@user = User.find_by_email(params[:email])
|
84
|
-
random_password = Array.new(10).map { (65 + rand(58)).chr }.join
|
85
|
-
@user.password = random_password
|
86
|
-
@user.save!
|
87
|
-
Mailer.create_and_deliver_password_change(@user, random_password)
|
88
|
-
end
|
89
|
-
|
69
|
+
```ruby
|
70
|
+
def login
|
71
|
+
@user = User.find_by_email(params[:email])
|
72
|
+
if @user.password == params[:password]
|
73
|
+
give_token
|
74
|
+
else
|
75
|
+
redirect_to home_url
|
76
|
+
end
|
77
|
+
end
|
78
|
+
```
|
90
79
|
## How to use bcrypt-ruby in general
|
80
|
+
```ruby
|
81
|
+
require 'bcrypt'
|
91
82
|
|
92
|
-
|
93
|
-
|
94
|
-
my_password = BCrypt::Password.create("my password")
|
95
|
-
#=> "$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa"
|
96
|
-
|
97
|
-
my_password.version #=> "2a"
|
98
|
-
my_password.cost #=> 10
|
99
|
-
my_password == "my password" #=> true
|
100
|
-
my_password == "not my password" #=> false
|
83
|
+
my_password = BCrypt::Password.create("my password")
|
84
|
+
#=> "$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa"
|
101
85
|
|
102
|
-
|
103
|
-
|
104
|
-
|
86
|
+
my_password.version #=> "2a"
|
87
|
+
my_password.cost #=> 10
|
88
|
+
my_password == "my password" #=> true
|
89
|
+
my_password == "not my password" #=> false
|
105
90
|
|
91
|
+
my_password = BCrypt::Password.new("$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa")
|
92
|
+
my_password == "my password" #=> true
|
93
|
+
my_password == "not my password" #=> false
|
94
|
+
```
|
106
95
|
Check the rdocs for more details -- BCrypt, BCrypt::Password.
|
107
96
|
|
108
97
|
## How `bcrypt()` works
|
@@ -171,15 +160,15 @@ stateless authentication architecture (e.g., HTTP Basic Auth), you will want to
|
|
171
160
|
server load and keep your request times down. This will lower the security provided you, but there are few alternatives.
|
172
161
|
|
173
162
|
To change the default cost factor used by bcrypt-ruby, use `BCrypt::Engine.cost = new_value`:
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
163
|
+
```ruby
|
164
|
+
BCrypt::Password.create('secret').cost
|
165
|
+
#=> 10, the default provided by bcrypt-ruby
|
166
|
+
|
167
|
+
# set a new default cost
|
168
|
+
BCrypt::Engine.cost = 8
|
169
|
+
BCrypt::Password.create('secret').cost
|
170
|
+
#=> 8
|
171
|
+
```
|
183
172
|
The default cost can be overridden as needed by passing an options hash with a different cost:
|
184
173
|
|
185
174
|
BCrypt::Password.create('secret', :cost => 6).cost #=> 6
|
data/Rakefile
CHANGED
data/appveyor.yml
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
###############################################################################
|
2
|
+
#
|
3
|
+
# This AppVeyor config is *NOT* for running the tests on Windows.
|
4
|
+
#
|
5
|
+
# This is to ensure that the latest version of the bcrypt gem can be installed
|
6
|
+
# on Windows across all of the currently supported versions of Ruby.
|
7
|
+
#
|
8
|
+
###############################################################################
|
9
|
+
|
10
|
+
version: "{branch}-{build}"
|
11
|
+
build: off
|
12
|
+
clone_depth: 1
|
13
|
+
|
14
|
+
init:
|
15
|
+
# Install Ruby 1.8.7
|
16
|
+
- if %RUBY_VERSION%==187 (
|
17
|
+
appveyor DownloadFile https://dl.bintray.com/oneclick/rubyinstaller/rubyinstaller-1.8.7-p374.exe -FileName C:\ruby_187.exe &
|
18
|
+
C:\ruby_187.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
|
19
|
+
)
|
20
|
+
|
21
|
+
environment:
|
22
|
+
matrix:
|
23
|
+
- RUBY_VERSION: "187"
|
24
|
+
- RUBY_VERSION: "193"
|
25
|
+
- RUBY_VERSION: "200"
|
26
|
+
- RUBY_VERSION: "200-x64"
|
27
|
+
- RUBY_VERSION: "21"
|
28
|
+
- RUBY_VERSION: "21-x64"
|
29
|
+
- RUBY_VERSION: "22"
|
30
|
+
- RUBY_VERSION: "22-x64"
|
31
|
+
- RUBY_VERSION: "23"
|
32
|
+
- RUBY_VERSION: "23-x64"
|
33
|
+
- RUBY_VERSION: "24"
|
34
|
+
- RUBY_VERSION: "24-x64"
|
35
|
+
- RUBY_VERSION: "25"
|
36
|
+
- RUBY_VERSION: "25-x64"
|
37
|
+
|
38
|
+
install:
|
39
|
+
- set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH%
|
40
|
+
- if %RUBY_VERSION%==187 (
|
41
|
+
gem update --system 2.0.17
|
42
|
+
)
|
43
|
+
|
44
|
+
before_test:
|
45
|
+
- ruby -v
|
46
|
+
- gem -v
|
47
|
+
|
48
|
+
test_script:
|
49
|
+
- gem install bcrypt --prerelease --no-ri --no-rdoc
|
50
|
+
- ruby -e "require 'rubygems'; require 'bcrypt'"
|
data/bcrypt.gemspec
CHANGED
data/ext/mri/bcrypt_ext.c
CHANGED
metadata
CHANGED
@@ -1,64 +1,57 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bcrypt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
|
5
|
-
version: 3.1.11
|
4
|
+
version: 3.1.12
|
6
5
|
platform: java
|
7
6
|
authors:
|
8
7
|
- Coda Hale
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2018-05-16 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
|
-
name: rake-compiler
|
16
|
-
version_requirements: !ruby/object:Gem::Requirement
|
17
|
-
requirements:
|
18
|
-
- - ~>
|
19
|
-
- !ruby/object:Gem::Version
|
20
|
-
version: 0.9.2
|
21
|
-
none: false
|
22
14
|
requirement: !ruby/object:Gem::Requirement
|
23
15
|
requirements:
|
24
|
-
- - ~>
|
16
|
+
- - "~>"
|
25
17
|
- !ruby/object:Gem::Version
|
26
18
|
version: 0.9.2
|
27
|
-
|
19
|
+
name: rake-compiler
|
28
20
|
prerelease: false
|
29
21
|
type: :development
|
30
|
-
- !ruby/object:Gem::Dependency
|
31
|
-
name: rspec
|
32
22
|
version_requirements: !ruby/object:Gem::Requirement
|
33
23
|
requirements:
|
34
|
-
- -
|
24
|
+
- - "~>"
|
35
25
|
- !ruby/object:Gem::Version
|
36
|
-
version:
|
37
|
-
|
26
|
+
version: 0.9.2
|
27
|
+
- !ruby/object:Gem::Dependency
|
38
28
|
requirement: !ruby/object:Gem::Requirement
|
39
29
|
requirements:
|
40
|
-
- -
|
30
|
+
- - ">="
|
41
31
|
- !ruby/object:Gem::Version
|
42
32
|
version: '3'
|
43
|
-
|
33
|
+
name: rspec
|
44
34
|
prerelease: false
|
45
35
|
type: :development
|
46
|
-
- !ruby/object:Gem::Dependency
|
47
|
-
name: rdoc
|
48
36
|
version_requirements: !ruby/object:Gem::Requirement
|
49
37
|
requirements:
|
50
|
-
- -
|
38
|
+
- - ">="
|
51
39
|
- !ruby/object:Gem::Version
|
52
|
-
version: '3
|
53
|
-
|
40
|
+
version: '3'
|
41
|
+
- !ruby/object:Gem::Dependency
|
54
42
|
requirement: !ruby/object:Gem::Requirement
|
55
43
|
requirements:
|
56
|
-
- - ~>
|
44
|
+
- - "~>"
|
57
45
|
- !ruby/object:Gem::Version
|
58
46
|
version: '3.12'
|
59
|
-
|
47
|
+
name: rdoc
|
60
48
|
prerelease: false
|
61
49
|
type: :development
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '3.12'
|
62
55
|
description: |2
|
63
56
|
bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD project
|
64
57
|
for hashing passwords. The bcrypt Ruby gem provides a simple wrapper for safely handling
|
@@ -71,19 +64,20 @@ extra_rdoc_files:
|
|
71
64
|
- COPYING
|
72
65
|
- CHANGELOG
|
73
66
|
- lib/bcrypt.rb
|
67
|
+
- lib/bcrypt/password.rb
|
74
68
|
- lib/bcrypt/engine.rb
|
75
69
|
- lib/bcrypt/error.rb
|
76
|
-
- lib/bcrypt/password.rb
|
77
70
|
files:
|
78
|
-
- .gitignore
|
79
|
-
- .rspec
|
80
|
-
- .travis.yml
|
71
|
+
- ".gitignore"
|
72
|
+
- ".rspec"
|
73
|
+
- ".travis.yml"
|
81
74
|
- CHANGELOG
|
82
75
|
- COPYING
|
83
76
|
- Gemfile
|
84
77
|
- Gemfile.lock
|
85
78
|
- README.md
|
86
79
|
- Rakefile
|
80
|
+
- appveyor.yml
|
87
81
|
- bcrypt.gemspec
|
88
82
|
- ext/jruby/bcrypt_jruby/BCrypt.java
|
89
83
|
- ext/mri/bcrypt_ext.c
|
@@ -98,47 +92,40 @@ files:
|
|
98
92
|
- lib/bcrypt/engine.rb
|
99
93
|
- lib/bcrypt/error.rb
|
100
94
|
- lib/bcrypt/password.rb
|
95
|
+
- lib/bcrypt_ext.jar
|
101
96
|
- spec/TestBCrypt.java
|
102
97
|
- spec/bcrypt/engine_spec.rb
|
103
98
|
- spec/bcrypt/error_spec.rb
|
104
99
|
- spec/bcrypt/password_spec.rb
|
105
100
|
- spec/spec_helper.rb
|
106
|
-
- lib/bcrypt_ext.jar
|
107
101
|
homepage: https://github.com/codahale/bcrypt-ruby
|
108
102
|
licenses:
|
109
103
|
- MIT
|
104
|
+
metadata: {}
|
110
105
|
post_install_message:
|
111
106
|
rdoc_options:
|
112
|
-
- --title
|
107
|
+
- "--title"
|
113
108
|
- bcrypt-ruby
|
114
|
-
- --line-numbers
|
115
|
-
- --inline-source
|
116
|
-
- --main
|
109
|
+
- "--line-numbers"
|
110
|
+
- "--inline-source"
|
111
|
+
- "--main"
|
117
112
|
- README.md
|
118
113
|
require_paths:
|
119
114
|
- lib
|
120
115
|
required_ruby_version: !ruby/object:Gem::Requirement
|
121
116
|
requirements:
|
122
|
-
- -
|
117
|
+
- - ">="
|
123
118
|
- !ruby/object:Gem::Version
|
124
|
-
segments:
|
125
|
-
- 0
|
126
|
-
hash: 2
|
127
119
|
version: '0'
|
128
|
-
none: false
|
129
120
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
130
121
|
requirements:
|
131
|
-
- -
|
122
|
+
- - ">="
|
132
123
|
- !ruby/object:Gem::Version
|
133
|
-
segments:
|
134
|
-
- 0
|
135
|
-
hash: 2
|
136
124
|
version: '0'
|
137
|
-
none: false
|
138
125
|
requirements: []
|
139
126
|
rubyforge_project:
|
140
|
-
rubygems_version:
|
127
|
+
rubygems_version: 2.6.14.1
|
141
128
|
signing_key:
|
142
|
-
specification_version:
|
129
|
+
specification_version: 4
|
143
130
|
summary: OpenBSD's bcrypt() password hashing algorithm.
|
144
131
|
test_files: []
|