bcrypt 3.1.13 → 3.1.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +6 -0
- data/CHANGELOG +71 -67
- data/Gemfile.lock +15 -16
- data/bcrypt.gemspec +1 -1
- data/ext/mri/bcrypt_ext.c +71 -19
- data/ext/mri/crypt_blowfish.c +6 -10
- data/ext/mri/crypt_gensalt.c +1 -1
- data/ext/mri/crypt_gensalt.h +1 -1
- data/ext/mri/wrapper.c +3 -0
- data/ext/mri/x86.S +1 -1
- data/lib/bcrypt/engine.rb +3 -1
- data/lib/bcrypt/password.rb +1 -1
- data/spec/bcrypt/engine_spec.rb +10 -0
- metadata +9 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 91feef6cbd30f7651c84a8b01e8c89e0072314bef8d3d980df592c74646945fe
|
4
|
+
data.tar.gz: 612ec7a098b11202dcee1e2a1d24dbe5c0d00c07938e69d4bf2c26c6f4767edc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '08e1645f62b5b0bf9211a74d47f7660d6491ae218c073e11f135177476d33d36b267994e2ada56c10cd66e45157d3237fd3ed275f369f105e345b6e17b1cccc7'
|
7
|
+
data.tar.gz: 59d0d18110c202e8fddb58c97f3c6e33cafe767e6a567e02b8b0aff7ce6e9af345d723df8d59d4f7aa557a8dcc9ac22863b298e9cb37c990f5bf1514cbc32526
|
data/.travis.yml
CHANGED
data/CHANGELOG
CHANGED
@@ -1,94 +1,98 @@
|
|
1
|
-
1.
|
2
|
-
|
1
|
+
3.1.14 July 21 2020
|
2
|
+
- Start calibration from the minimum cost supported by the algorithm [GH #206 by @sergey-alekseev]
|
3
3
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
4
|
+
3.1.13 May 31 2019
|
5
|
+
- No longer include compiled binaries for Windows. See GH #173.
|
6
|
+
- Update C and Java implementations to latest versions [GH #182 by @fonica]
|
7
|
+
- Bump default cost to 12 [GH #181 by @bdewater]
|
8
|
+
- Remove explicit support for Rubies 1.8 and 1.9
|
9
|
+
- Define SKIP_GNU token when building extension (Fixes FreeBSD >= 12) [GH #189 by @adam12]
|
9
10
|
|
10
|
-
|
11
|
-
|
12
|
-
|
11
|
+
3.1.12 May 16 2018
|
12
|
+
- Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
|
13
|
+
- Fix compatibility with libxcrypt [GH #164 by @besser82]
|
13
14
|
|
14
|
-
|
15
|
-
|
16
|
-
- Fixed Solaris compatibility [Jeremy LaTrasse, Twitter crew]
|
15
|
+
3.1.11 Mar 06 2016
|
16
|
+
- Add support for Ruby 2.2 in compiled Windows binaries
|
17
17
|
|
18
|
-
|
19
|
-
|
20
|
-
- Changed BCrypt::Engine.hash to BCrypt::Engine.hash_secret to avoid Merb
|
21
|
-
sorting issues. [Lee Pope]
|
18
|
+
3.1.10 Jan 28 2015
|
19
|
+
- Fix issue with dumping a BCrypt::Password instance to YAML in Ruby 2.2 [GH #107 by @mattwildig]
|
22
20
|
|
23
|
-
|
24
|
-
-
|
25
|
-
- Fixed segfaults on some different types of empty strings. [Mike Pomraning]
|
21
|
+
3.1.9 Oct 23 2014
|
22
|
+
- Rebuild corrupt binaries
|
26
23
|
|
27
|
-
|
28
|
-
-
|
24
|
+
3.1.8 Oct 23 2014
|
25
|
+
- Add support for Ruby 2.1 in compiled Windows binaries [GH #102]
|
29
26
|
|
30
|
-
|
31
|
-
-
|
32
|
-
-
|
33
|
-
- JRuby support, using Damien Miller's jBCrypt. [Hongli Lai]
|
34
|
-
- Ruby 1.9 GIL releasing for high-cost hashes. [Hongli Lai]
|
27
|
+
3.1.7 Feb 24 2014
|
28
|
+
- Rebuild corrupt Java binary version of gem [GH #90]
|
29
|
+
- The 2.1 support for Windows binaries alleged in 3.1.3 was a lie -- documentation removed
|
35
30
|
|
36
|
-
|
37
|
-
-
|
31
|
+
3.1.6 Feb 21 2014
|
32
|
+
- Dummy version of "bcrypt-ruby" needed a couple version bumps to fix some
|
33
|
+
bugs. It felt wrong to have that at a higher version than the real gem, so
|
34
|
+
the real gem is getting bumped to 3.1.6.
|
38
35
|
|
39
|
-
|
40
|
-
-
|
36
|
+
3.1.3 Feb 21 2014
|
37
|
+
- Add support for Ruby 2.1 in compiled Windows binaries
|
38
|
+
- Rename gem from "bcrypt-ruby" to just "bcrypt". [GH #86 by @sferik]
|
41
39
|
|
42
|
-
3.
|
43
|
-
-
|
44
|
-
-
|
40
|
+
3.1.2 Aug 26 2013
|
41
|
+
- Add support for Ruby 1.8 and 2.0 (in addition to 1.9) in compiled Windows binaries
|
42
|
+
- Add support for 64-bit Windows
|
45
43
|
|
46
|
-
3.
|
47
|
-
-
|
44
|
+
3.1.1 Jul 10 2013
|
45
|
+
- Remove support for Ruby 1.8 in compiled win32 binaries
|
48
46
|
|
49
47
|
3.1.0 May 07 2013
|
50
48
|
- Add BCrypt::Password.valid_hash?(str) to check if a string is a valid bcrypt password hash
|
51
49
|
- BCrypt::Password cost should be set to DEFAULT_COST if nil
|
52
50
|
- Add BCrypt::Engine.cost attribute for getting/setting a default cost externally
|
53
51
|
|
54
|
-
3.
|
55
|
-
-
|
52
|
+
3.0.1 Sep 12 2011
|
53
|
+
- create raises an exception if the cost is higher than 31. GH #27
|
56
54
|
|
57
|
-
3.
|
58
|
-
-
|
59
|
-
-
|
55
|
+
3.0.0 Aug 24 2011
|
56
|
+
- Bcrypt C implementation replaced with a public domain implementation.
|
57
|
+
- License changed to MIT
|
60
58
|
|
61
|
-
|
62
|
-
-
|
63
|
-
- Rename gem from "bcrypt-ruby" to just "bcrypt". [GH #86 by @sferik]
|
59
|
+
2.1.2 Sep 16 2009
|
60
|
+
- Fixed support for Solaris, OpenSolaris.
|
64
61
|
|
65
|
-
|
66
|
-
-
|
67
|
-
bugs. It felt wrong to have that at a higher version than the real gem, so
|
68
|
-
the real gem is getting bumped to 3.1.6.
|
62
|
+
2.1.1 Aug 14 2009
|
63
|
+
- JVM 1.4/1.5 compatibility [Hongli Lai]
|
69
64
|
|
70
|
-
|
71
|
-
-
|
72
|
-
-
|
65
|
+
2.1.0 Aug 12 2009
|
66
|
+
- Improved code coverage, unit tests, and build chain. [Hongli Lai]
|
67
|
+
- Ruby 1.9 compatibility fixes. [Hongli Lai]
|
68
|
+
- JRuby support, using Damien Miller's jBCrypt. [Hongli Lai]
|
69
|
+
- Ruby 1.9 GIL releasing for high-cost hashes. [Hongli Lai]
|
73
70
|
|
74
|
-
|
75
|
-
-
|
71
|
+
2.0.5 Mar 11 2009
|
72
|
+
- Fixed Ruby 1.8.5 compatibility. [Mike Pomraning]
|
76
73
|
|
77
|
-
|
78
|
-
-
|
74
|
+
2.0.4 Mar 09 2009
|
75
|
+
- Added Ruby 1.9 compatibility. [Genki Takiuchi]
|
76
|
+
- Fixed segfaults on some different types of empty strings. [Mike Pomraning]
|
79
77
|
|
80
|
-
|
81
|
-
|
78
|
+
2.0.3 May 07 2008
|
79
|
+
- Made exception classes descend from StandardError, not Exception [Dan42]
|
80
|
+
- Changed BCrypt::Engine.hash to BCrypt::Engine.hash_secret to avoid Merb
|
81
|
+
sorting issues. [Lee Pope]
|
82
82
|
|
83
|
-
|
84
|
-
|
83
|
+
2.0.2 Jun 06 2007
|
84
|
+
- Fixed example code in the README [Winson]
|
85
|
+
- Fixed Solaris compatibility [Jeremy LaTrasse, Twitter crew]
|
85
86
|
|
86
|
-
|
87
|
-
|
88
|
-
|
87
|
+
2.0.1 Mar 09 2007
|
88
|
+
- Fixed load path issues
|
89
|
+
- Fixed crashes when hashing weird values (e.g., false, etc.)
|
89
90
|
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
91
|
+
2.0.0 Mar 07 2007
|
92
|
+
- Removed BCrypt::Password#exactly_equals -- use BCrypt::Password#eql? instead.
|
93
|
+
- Added BCrypt::Password#is_password?.
|
94
|
+
- Refactored out BCrypt::Internals into more useful BCrypt::Engine.
|
95
|
+
- Added validation of secrets -- nil is not healthy.
|
96
|
+
|
97
|
+
1.0.0 Feb 27 2007
|
98
|
+
- Initial release.
|
data/Gemfile.lock
CHANGED
@@ -1,31 +1,30 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
bcrypt (3.1.
|
4
|
+
bcrypt (3.1.14)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
8
8
|
specs:
|
9
|
-
diff-lcs (1.
|
10
|
-
rake (
|
9
|
+
diff-lcs (1.4.4)
|
10
|
+
rake (13.0.1)
|
11
11
|
rake-compiler (0.9.9)
|
12
12
|
rake
|
13
|
-
rspec (3.
|
14
|
-
rspec-core (~> 3.
|
15
|
-
rspec-expectations (~> 3.
|
16
|
-
rspec-mocks (~> 3.
|
17
|
-
rspec-core (3.
|
18
|
-
rspec-support (~> 3.
|
19
|
-
rspec-expectations (3.
|
13
|
+
rspec (3.9.0)
|
14
|
+
rspec-core (~> 3.9.0)
|
15
|
+
rspec-expectations (~> 3.9.0)
|
16
|
+
rspec-mocks (~> 3.9.0)
|
17
|
+
rspec-core (3.9.2)
|
18
|
+
rspec-support (~> 3.9.3)
|
19
|
+
rspec-expectations (3.9.2)
|
20
20
|
diff-lcs (>= 1.2.0, < 2.0)
|
21
|
-
rspec-support (~> 3.
|
22
|
-
rspec-mocks (3.
|
21
|
+
rspec-support (~> 3.9.0)
|
22
|
+
rspec-mocks (3.9.1)
|
23
23
|
diff-lcs (>= 1.2.0, < 2.0)
|
24
|
-
rspec-support (~> 3.
|
25
|
-
rspec-support (3.
|
24
|
+
rspec-support (~> 3.9.0)
|
25
|
+
rspec-support (3.9.3)
|
26
26
|
|
27
27
|
PLATFORMS
|
28
|
-
java
|
29
28
|
ruby
|
30
29
|
|
31
30
|
DEPENDENCIES
|
@@ -34,4 +33,4 @@ DEPENDENCIES
|
|
34
33
|
rspec (>= 3)
|
35
34
|
|
36
35
|
BUNDLED WITH
|
37
|
-
|
36
|
+
2.2.0.dev
|
data/bcrypt.gemspec
CHANGED
data/ext/mri/bcrypt_ext.c
CHANGED
@@ -1,53 +1,105 @@
|
|
1
1
|
#include <ruby.h>
|
2
2
|
#include <ow-crypt.h>
|
3
3
|
|
4
|
+
#ifdef HAVE_RUBY_THREAD_H
|
5
|
+
#include <ruby/thread.h>
|
6
|
+
#endif
|
7
|
+
|
4
8
|
static VALUE mBCrypt;
|
5
9
|
static VALUE cBCryptEngine;
|
6
10
|
|
11
|
+
struct bc_salt_args {
|
12
|
+
const char * prefix;
|
13
|
+
unsigned long count;
|
14
|
+
const char * input;
|
15
|
+
int size;
|
16
|
+
};
|
17
|
+
|
18
|
+
static void * bc_salt_nogvl(void * ptr) {
|
19
|
+
struct bc_salt_args * args = ptr;
|
20
|
+
|
21
|
+
return crypt_gensalt_ra(args->prefix, args->count, args->input, args->size);
|
22
|
+
}
|
23
|
+
|
7
24
|
/* Given a logarithmic cost parameter, generates a salt for use with +bc_crypt+.
|
8
25
|
*/
|
9
26
|
static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
|
10
27
|
char * salt;
|
11
28
|
VALUE str_salt;
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
29
|
+
struct bc_salt_args args;
|
30
|
+
|
31
|
+
/* duplicate the parameters for thread safety. If another thread has a
|
32
|
+
* reference to the parameters and mutates them while we are working,
|
33
|
+
* that would be very bad. Duping the strings means that the reference
|
34
|
+
* isn't shared. */
|
35
|
+
prefix = rb_str_new_frozen(prefix);
|
36
|
+
input = rb_str_new_frozen(input);
|
37
|
+
|
38
|
+
args.prefix = StringValueCStr(prefix);
|
39
|
+
args.count = NUM2ULONG(count);
|
40
|
+
args.input = NIL_P(input) ? NULL : StringValuePtr(input);
|
41
|
+
args.size = NIL_P(input) ? 0 : RSTRING_LEN(input);
|
42
|
+
|
43
|
+
#ifdef HAVE_RUBY_THREAD_H
|
44
|
+
salt = rb_thread_call_without_gvl(bc_salt_nogvl, &args, NULL, NULL);
|
45
|
+
#else
|
46
|
+
salt = bc_salt_nogvl((void *)&args);
|
47
|
+
#endif
|
18
48
|
|
19
49
|
if(!salt) return Qnil;
|
20
50
|
|
21
51
|
str_salt = rb_str_new2(salt);
|
22
|
-
|
52
|
+
free(salt);
|
23
53
|
|
24
54
|
return str_salt;
|
25
55
|
}
|
26
56
|
|
57
|
+
struct bc_crypt_args {
|
58
|
+
const char * key;
|
59
|
+
const char * setting;
|
60
|
+
void * data;
|
61
|
+
int size;
|
62
|
+
};
|
63
|
+
|
64
|
+
static void * bc_crypt_nogvl(void * ptr) {
|
65
|
+
struct bc_crypt_args * args = ptr;
|
66
|
+
|
67
|
+
return crypt_ra(args->key, args->setting, &args->data, &args->size);
|
68
|
+
}
|
69
|
+
|
27
70
|
/* Given a secret and a salt, generates a salted hash (which you can then store safely).
|
28
71
|
*/
|
29
72
|
static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
|
30
73
|
char * value;
|
31
|
-
void * data;
|
32
|
-
int size;
|
33
74
|
VALUE out;
|
34
75
|
|
35
|
-
|
36
|
-
size = 0xDEADBEEF;
|
76
|
+
struct bc_crypt_args args;
|
37
77
|
|
38
78
|
if(NIL_P(key) || NIL_P(setting)) return Qnil;
|
39
79
|
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
80
|
+
/* duplicate the parameters for thread safety. If another thread has a
|
81
|
+
* reference to the parameters and mutates them while we are working,
|
82
|
+
* that would be very bad. Duping the strings means that the reference
|
83
|
+
* isn't shared. */
|
84
|
+
key = rb_str_new_frozen(key);
|
85
|
+
setting = rb_str_new_frozen(setting);
|
86
|
+
|
87
|
+
args.data = NULL;
|
88
|
+
args.size = 0xDEADBEEF;
|
89
|
+
args.key = NIL_P(key) ? NULL : StringValueCStr(key);
|
90
|
+
args.setting = NIL_P(setting) ? NULL : StringValueCStr(setting);
|
91
|
+
|
92
|
+
#ifdef HAVE_RUBY_THREAD_H
|
93
|
+
value = rb_thread_call_without_gvl(bc_crypt_nogvl, &args, NULL, NULL);
|
94
|
+
#else
|
95
|
+
value = bc_crypt_nogvl((void *)&args);
|
96
|
+
#endif
|
45
97
|
|
46
|
-
if(!value) return Qnil;
|
98
|
+
if(!value || !args.data) return Qnil;
|
47
99
|
|
48
|
-
out =
|
100
|
+
out = rb_str_new(args.data, args.size - 1);
|
49
101
|
|
50
|
-
|
102
|
+
free(args.data);
|
51
103
|
|
52
104
|
return out;
|
53
105
|
}
|
data/ext/mri/crypt_blowfish.c
CHANGED
@@ -361,7 +361,7 @@ static BF_ctx BF_init_state = {
|
|
361
361
|
}
|
362
362
|
};
|
363
363
|
|
364
|
-
static unsigned char BF_itoa64[64 + 1] =
|
364
|
+
static const unsigned char BF_itoa64[64 + 1] =
|
365
365
|
"./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
|
366
366
|
|
367
367
|
static unsigned char BF_atoi64[0x60] = {
|
@@ -387,9 +387,8 @@ static int BF_decode(BF_word *dst, const char *src, int size)
|
|
387
387
|
unsigned char *dptr = (unsigned char *)dst;
|
388
388
|
unsigned char *end = dptr + size;
|
389
389
|
const unsigned char *sptr = (const unsigned char *)src;
|
390
|
-
unsigned int tmp, c1, c2, c3, c4;
|
391
|
-
|
392
390
|
do {
|
391
|
+
unsigned int tmp, c1, c2, c3, c4;
|
393
392
|
BF_safe_atoi64(c1, *sptr++);
|
394
393
|
BF_safe_atoi64(c2, *sptr++);
|
395
394
|
*dptr++ = (c1 << 2) | ((c2 & 0x30) >> 4);
|
@@ -402,7 +401,6 @@ static int BF_decode(BF_word *dst, const char *src, int size)
|
|
402
401
|
BF_safe_atoi64(c4, *sptr++);
|
403
402
|
*dptr++ = ((c3 & 0x03) << 6) | c4;
|
404
403
|
} while (dptr < end);
|
405
|
-
|
406
404
|
return 0;
|
407
405
|
}
|
408
406
|
|
@@ -411,9 +409,8 @@ static void BF_encode(char *dst, const BF_word *src, int size)
|
|
411
409
|
const unsigned char *sptr = (const unsigned char *)src;
|
412
410
|
const unsigned char *end = sptr + size;
|
413
411
|
unsigned char *dptr = (unsigned char *)dst;
|
414
|
-
unsigned int c1, c2;
|
415
|
-
|
416
412
|
do {
|
413
|
+
unsigned int c1, c2;
|
417
414
|
c1 = *sptr++;
|
418
415
|
*dptr++ = BF_itoa64[c1 >> 2];
|
419
416
|
c1 = (c1 & 0x03) << 4;
|
@@ -442,10 +439,9 @@ static void BF_swap(BF_word *x, int count)
|
|
442
439
|
{
|
443
440
|
static int endianness_check = 1;
|
444
441
|
char *is_little_endian = (char *)&endianness_check;
|
445
|
-
BF_word tmp;
|
446
|
-
|
447
442
|
if (*is_little_endian)
|
448
443
|
do {
|
444
|
+
BF_word tmp;
|
449
445
|
tmp = *x;
|
450
446
|
tmp = (tmp << 16) | (tmp >> 16);
|
451
447
|
*x++ = ((tmp & 0x00FF00FF) << 8) | ((tmp >> 8) & 0x00FF00FF);
|
@@ -517,7 +513,7 @@ static void BF_swap(BF_word *x, int count)
|
|
517
513
|
R = L; \
|
518
514
|
L = tmp4 ^ data.ctx.P[BF_N + 1];
|
519
515
|
|
520
|
-
#if BF_ASM
|
516
|
+
#if BF_ASM == 1
|
521
517
|
#define BF_body() \
|
522
518
|
_BF_body_r(&data.ctx);
|
523
519
|
#else
|
@@ -650,7 +646,7 @@ static char *BF_crypt(const char *key, const char *setting,
|
|
650
646
|
char *output, int size,
|
651
647
|
BF_word min)
|
652
648
|
{
|
653
|
-
#if BF_ASM
|
649
|
+
#if BF_ASM == 1
|
654
650
|
extern void _BF_body_r(BF_ctx *ctx);
|
655
651
|
#endif
|
656
652
|
struct {
|
data/ext/mri/crypt_gensalt.c
CHANGED
@@ -28,7 +28,7 @@
|
|
28
28
|
/* Just to make sure the prototypes match the actual definitions */
|
29
29
|
#include "crypt_gensalt.h"
|
30
30
|
|
31
|
-
unsigned char _crypt_itoa64[64 + 1] =
|
31
|
+
const unsigned char _crypt_itoa64[64 + 1] =
|
32
32
|
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
|
33
33
|
|
34
34
|
char *_crypt_gensalt_traditional_rn(const char *prefix, unsigned long count,
|
data/ext/mri/crypt_gensalt.h
CHANGED
@@ -17,7 +17,7 @@
|
|
17
17
|
#ifndef _CRYPT_GENSALT_H
|
18
18
|
#define _CRYPT_GENSALT_H
|
19
19
|
|
20
|
-
extern unsigned char _crypt_itoa64[];
|
20
|
+
extern const unsigned char _crypt_itoa64[];
|
21
21
|
extern char *_crypt_gensalt_traditional_rn(const char *prefix,
|
22
22
|
unsigned long count,
|
23
23
|
const char *input, int size, char *output, int output_size);
|
data/ext/mri/wrapper.c
CHANGED
data/ext/mri/x86.S
CHANGED
data/lib/bcrypt/engine.rb
CHANGED
@@ -5,6 +5,8 @@ module BCrypt
|
|
5
5
|
DEFAULT_COST = 12
|
6
6
|
# The minimum cost supported by the algorithm.
|
7
7
|
MIN_COST = 4
|
8
|
+
# The maximum cost supported by the algorithm.
|
9
|
+
MAX_COST = 31
|
8
10
|
# Maximum possible size of bcrypt() salts.
|
9
11
|
MAX_SALT_LENGTH = 16
|
10
12
|
|
@@ -99,7 +101,7 @@ module BCrypt
|
|
99
101
|
# # should take less than 1000ms
|
100
102
|
# BCrypt::Password.create("woo", :cost => 12)
|
101
103
|
def self.calibrate(upper_time_limit_in_ms)
|
102
|
-
|
104
|
+
(BCrypt::Engine::MIN_COST..BCrypt::Engine::MAX_COST-1).each do |i|
|
103
105
|
start_time = Time.now
|
104
106
|
Password.create("testing testing", :cost => i+1)
|
105
107
|
end_time = Time.now - start_time
|
data/lib/bcrypt/password.rb
CHANGED
@@ -42,7 +42,7 @@ module BCrypt
|
|
42
42
|
# @password = BCrypt::Password.create("my secret", :cost => 13)
|
43
43
|
def create(secret, options = {})
|
44
44
|
cost = options[:cost] || BCrypt::Engine.cost
|
45
|
-
raise ArgumentError if cost >
|
45
|
+
raise ArgumentError if cost > BCrypt::Engine::MAX_COST
|
46
46
|
Password.new(BCrypt::Engine.hash_secret(secret, BCrypt::Engine.generate_salt(cost)))
|
47
47
|
end
|
48
48
|
|
data/spec/bcrypt/engine_spec.rb
CHANGED
@@ -1,5 +1,15 @@
|
|
1
1
|
require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
|
2
2
|
|
3
|
+
describe 'BCrypt::Engine' do
|
4
|
+
describe '.calibrate(upper_time_limit_in_ms)' do
|
5
|
+
context 'a tiny upper time limit provided' do
|
6
|
+
it 'returns a minimum cost supported by the algorithm' do
|
7
|
+
expect(BCrypt::Engine.calibrate(0.001)).to eq(4)
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
3
13
|
describe "The BCrypt engine" do
|
4
14
|
specify "should calculate the optimal cost factor to fit in a specific time" do
|
5
15
|
first = BCrypt::Engine.calibrate(100)
|
metadata
CHANGED
@@ -1,38 +1,38 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bcrypt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.1.
|
4
|
+
version: 3.1.14
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Coda Hale
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-07-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
|
+
name: rake-compiler
|
14
15
|
requirement: !ruby/object:Gem::Requirement
|
15
16
|
requirements:
|
16
17
|
- - "~>"
|
17
18
|
- !ruby/object:Gem::Version
|
18
19
|
version: 0.9.2
|
19
|
-
name: rake-compiler
|
20
|
-
prerelease: false
|
21
20
|
type: :development
|
21
|
+
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: 0.9.2
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
|
+
name: rspec
|
28
29
|
requirement: !ruby/object:Gem::Requirement
|
29
30
|
requirements:
|
30
31
|
- - ">="
|
31
32
|
- !ruby/object:Gem::Version
|
32
33
|
version: '3'
|
33
|
-
name: rspec
|
34
|
-
prerelease: false
|
35
34
|
type: :development
|
35
|
+
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - ">="
|
@@ -50,10 +50,10 @@ extra_rdoc_files:
|
|
50
50
|
- README.md
|
51
51
|
- COPYING
|
52
52
|
- CHANGELOG
|
53
|
-
- lib/bcrypt.rb
|
54
|
-
- lib/bcrypt/password.rb
|
55
53
|
- lib/bcrypt/engine.rb
|
56
54
|
- lib/bcrypt/error.rb
|
55
|
+
- lib/bcrypt/password.rb
|
56
|
+
- lib/bcrypt.rb
|
57
57
|
files:
|
58
58
|
- ".gitignore"
|
59
59
|
- ".rspec"
|
@@ -112,8 +112,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
112
112
|
- !ruby/object:Gem::Version
|
113
113
|
version: '0'
|
114
114
|
requirements: []
|
115
|
-
|
116
|
-
rubygems_version: 2.7.6
|
115
|
+
rubygems_version: 3.2.0.pre1
|
117
116
|
signing_key:
|
118
117
|
specification_version: 4
|
119
118
|
summary: OpenBSD's bcrypt() password hashing algorithm.
|