bcrypt 3.1.14-java

data/ext/mri/x86.S

@@ -0,0 +1,203 @@
+/*
+ * Written by Solar Designer <solar at openwall.com> in 1998-2010.
+ * No copyright is claimed, and the software is hereby placed in the public
+ * domain.  In case this attempt to disclaim copyright and place the software
+ * in the public domain is deemed null and void, then the software is
+ * Copyright (c) 1998-2010 Solar Designer and it is hereby released to the
+ * general public under the following terms:
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * There's ABSOLUTELY NO WARRANTY, express or implied.
+ *
+ * See crypt_blowfish.c for more information.
+ */
+
+#ifdef __i386__
+
+#if defined(__OpenBSD__) && !defined(__ELF__)
+#define UNDERSCORES
+#define ALIGN_LOG
+#endif
+
+#if defined(__CYGWIN32__) || defined(__MINGW32__)
+#define UNDERSCORES
+#endif
+
+#ifdef __DJGPP__
+#define UNDERSCORES
+#define ALIGN_LOG
+#endif
+
+#ifdef UNDERSCORES
+#define _BF_body_r			__BF_body_r
+#endif
+
+#ifdef ALIGN_LOG
+#define DO_ALIGN(log)			.align (log)
+#elif defined(DUMBAS)
+#define DO_ALIGN(log)			.align 1 << log
+#else
+#define DO_ALIGN(log)			.align (1 << (log))
+#endif
+
+#define BF_FRAME			0x200
+#define ctx				%esp
+
+#define BF_ptr				(ctx)
+
+#define S(N, r)				N+BF_FRAME(ctx,r,4)
+#ifdef DUMBAS
+#define P(N)				0x1000+N+N+N+N+BF_FRAME(ctx)
+#else
+#define P(N)				0x1000+4*N+BF_FRAME(ctx)
+#endif
+
+/*
+ * This version of the assembly code is optimized primarily for the original
+ * Intel Pentium but is also careful to avoid partial register stalls on the
+ * Pentium Pro family of processors (tested up to Pentium III Coppermine).
+ *
+ * It is possible to do 15% faster on the Pentium Pro family and probably on
+ * many non-Intel x86 processors, but, unfortunately, that would make things
+ * twice slower for the original Pentium.
+ *
+ * An additional 2% speedup may be achieved with non-reentrant code.
+ */
+
+#define L				%esi
+#define R				%edi
+#define tmp1				%eax
+#define tmp1_lo				%al
+#define tmp2				%ecx
+#define tmp2_hi				%ch
+#define tmp3				%edx
+#define tmp3_lo				%dl
+#define tmp4				%ebx
+#define tmp4_hi				%bh
+#define tmp5				%ebp
+
+.text
+
+#define BF_ROUND(L, R, N) \
+	xorl L,tmp2; \
+	xorl tmp1,tmp1; \
+	movl tmp2,L; \
+	shrl $16,tmp2; \
+	movl L,tmp4; \
+	movb tmp2_hi,tmp1_lo; \
+	andl $0xFF,tmp2; \
+	movb tmp4_hi,tmp3_lo; \
+	andl $0xFF,tmp4; \
+	movl S(0,tmp1),tmp1; \
+	movl S(0x400,tmp2),tmp5; \
+	addl tmp5,tmp1; \
+	movl S(0x800,tmp3),tmp5; \
+	xorl tmp5,tmp1; \
+	movl S(0xC00,tmp4),tmp5; \
+	addl tmp1,tmp5; \
+	movl 4+P(N),tmp2; \
+	xorl tmp5,R
+
+#define BF_ENCRYPT_START \
+	BF_ROUND(L, R, 0); \
+	BF_ROUND(R, L, 1); \
+	BF_ROUND(L, R, 2); \
+	BF_ROUND(R, L, 3); \
+	BF_ROUND(L, R, 4); \
+	BF_ROUND(R, L, 5); \
+	BF_ROUND(L, R, 6); \
+	BF_ROUND(R, L, 7); \
+	BF_ROUND(L, R, 8); \
+	BF_ROUND(R, L, 9); \
+	BF_ROUND(L, R, 10); \
+	BF_ROUND(R, L, 11); \
+	BF_ROUND(L, R, 12); \
+	BF_ROUND(R, L, 13); \
+	BF_ROUND(L, R, 14); \
+	BF_ROUND(R, L, 15); \
+	movl BF_ptr,tmp5; \
+	xorl L,tmp2; \
+	movl P(17),L
+
+#define BF_ENCRYPT_END \
+	xorl R,L; \
+	movl tmp2,R
+
+DO_ALIGN(5)
+.globl _BF_body_r
+_BF_body_r:
+	movl 4(%esp),%eax
+	pushl %ebp
+	pushl %ebx
+	pushl %esi
+	pushl %edi
+	subl $BF_FRAME-8,%eax
+	xorl L,L
+	cmpl %esp,%eax
+	ja BF_die
+	xchgl %eax,%esp
+	xorl R,R
+	pushl %eax
+	leal 0x1000+BF_FRAME-4(ctx),%eax
+	movl 0x1000+BF_FRAME-4(ctx),tmp2
+	pushl %eax
+	xorl tmp3,tmp3
+BF_loop_P:
+	BF_ENCRYPT_START
+	addl $8,tmp5
+	BF_ENCRYPT_END
+	leal 0x1000+18*4+BF_FRAME(ctx),tmp1
+	movl tmp5,BF_ptr
+	cmpl tmp5,tmp1
+	movl L,-8(tmp5)
+	movl R,-4(tmp5)
+	movl P(0),tmp2
+	ja BF_loop_P
+	leal BF_FRAME(ctx),tmp5
+	xorl tmp3,tmp3
+	movl tmp5,BF_ptr
+BF_loop_S:
+	BF_ENCRYPT_START
+	BF_ENCRYPT_END
+	movl P(0),tmp2
+	movl L,(tmp5)
+	movl R,4(tmp5)
+	BF_ENCRYPT_START
+	BF_ENCRYPT_END
+	movl P(0),tmp2
+	movl L,8(tmp5)
+	movl R,12(tmp5)
+	BF_ENCRYPT_START
+	BF_ENCRYPT_END
+	movl P(0),tmp2
+	movl L,16(tmp5)
+	movl R,20(tmp5)
+	BF_ENCRYPT_START
+	addl $32,tmp5
+	BF_ENCRYPT_END
+	leal 0x1000+BF_FRAME(ctx),tmp1
+	movl tmp5,BF_ptr
+	cmpl tmp5,tmp1
+	movl P(0),tmp2
+	movl L,-8(tmp5)
+	movl R,-4(tmp5)
+	ja BF_loop_S
+	movl 4(%esp),%esp
+	popl %edi
+	popl %esi
+	popl %ebx
+	popl %ebp
+	ret
+
+BF_die:
+/* Oops, need to re-compile with a larger BF_FRAME. */
+	hlt
+	jmp BF_die
+
+#endif
+
+#if defined(__ELF__) && defined(__linux__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/lib/bcrypt.rb

@@ -0,0 +1,16 @@
+# A Ruby library implementing OpenBSD's bcrypt()/crypt_blowfish algorithm for
+# hashing passwords.
+module BCrypt
+end
+
+if RUBY_PLATFORM == "java"
+  require 'java'
+else
+  require "openssl"
+end
+
+require "bcrypt_ext"
+
+require 'bcrypt/error'
+require 'bcrypt/engine'
+require 'bcrypt/password'

data/lib/bcrypt/engine.rb

@@ -0,0 +1,118 @@
+module BCrypt
+  # A Ruby wrapper for the bcrypt() C extension calls and the Java calls.
+  class Engine
+    # The default computational expense parameter.
+    DEFAULT_COST    = 12
+    # The minimum cost supported by the algorithm.
+    MIN_COST        = 4
+    # The maximum cost supported by the algorithm.
+    MAX_COST = 31
+    # Maximum possible size of bcrypt() salts.
+    MAX_SALT_LENGTH = 16
+
+    if RUBY_PLATFORM != "java"
+      # C-level routines which, if they don't get the right input, will crash the
+      # hell out of the Ruby process.
+      private_class_method :__bc_salt
+      private_class_method :__bc_crypt
+    end
+
+    @cost = nil
+
+    # Returns the cost factor that will be used if one is not specified when
+    # creating a password hash.  Defaults to DEFAULT_COST if not set.
+    def self.cost
+      @cost || DEFAULT_COST
+    end
+
+    # Set a default cost factor that will be used if one is not specified when
+    # creating a password hash.
+    #
+    # Example:
+    #
+    #   BCrypt::Engine::DEFAULT_COST            #=> 12
+    #   BCrypt::Password.create('secret').cost  #=> 12
+    #
+    #   BCrypt::Engine.cost = 8
+    #   BCrypt::Password.create('secret').cost  #=> 8
+    #
+    #   # cost can still be overridden as needed
+    #   BCrypt::Password.create('secret', :cost => 6).cost  #=> 6
+    def self.cost=(cost)
+      @cost = cost
+    end
+
+    # Given a secret and a valid salt (see BCrypt::Engine.generate_salt) calculates
+    # a bcrypt() password hash.
+    def self.hash_secret(secret, salt, _ = nil)
+      if valid_secret?(secret)
+        if valid_salt?(salt)
+          if RUBY_PLATFORM == "java"
+            Java.bcrypt_jruby.BCrypt.hashpw(secret.to_s.to_java_bytes, salt.to_s)
+          else
+            __bc_crypt(secret.to_s, salt)
+          end
+        else
+          raise Errors::InvalidSalt.new("invalid salt")
+        end
+      else
+        raise Errors::InvalidSecret.new("invalid secret")
+      end
+    end
+
+    # Generates a random salt with a given computational cost.
+    def self.generate_salt(cost = self.cost)
+      cost = cost.to_i
+      if cost > 0
+        if cost < MIN_COST
+          cost = MIN_COST
+        end
+        if RUBY_PLATFORM == "java"
+          Java.bcrypt_jruby.BCrypt.gensalt(cost)
+        else
+          prefix = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
+          __bc_salt(prefix, cost, OpenSSL::Random.random_bytes(MAX_SALT_LENGTH))
+        end
+      else
+        raise Errors::InvalidCost.new("cost must be numeric and > 0")
+      end
+    end
+
+    # Returns true if +salt+ is a valid bcrypt() salt, false if not.
+    def self.valid_salt?(salt)
+      !!(salt =~ /^\$[0-9a-z]{2,}\$[0-9]{2,}\$[A-Za-z0-9\.\/]{22,}$/)
+    end
+
+    # Returns true if +secret+ is a valid bcrypt() secret, false if not.
+    def self.valid_secret?(secret)
+      secret.respond_to?(:to_s)
+    end
+
+    # Returns the cost factor which will result in computation times less than +upper_time_limit_in_ms+.
+    #
+    # Example:
+    #
+    #   BCrypt::Engine.calibrate(200)  #=> 10
+    #   BCrypt::Engine.calibrate(1000) #=> 12
+    #
+    #   # should take less than 200ms
+    #   BCrypt::Password.create("woo", :cost => 10)
+    #
+    #   # should take less than 1000ms
+    #   BCrypt::Password.create("woo", :cost => 12)
+    def self.calibrate(upper_time_limit_in_ms)
+      (BCrypt::Engine::MIN_COST..BCrypt::Engine::MAX_COST-1).each do |i|
+        start_time = Time.now
+        Password.create("testing testing", :cost => i+1)
+        end_time = Time.now - start_time
+        return i if end_time * 1_000 > upper_time_limit_in_ms
+      end
+    end
+
+    # Autodetects the cost from the salt string.
+    def self.autodetect_cost(salt)
+      salt[4..5].to_i
+    end
+  end
+
+end

data/lib/bcrypt/error.rb

@@ -0,0 +1,22 @@
+module BCrypt
+
+  class Error < StandardError  # :nodoc:
+  end
+
+  module Errors  # :nodoc:
+
+    # The salt parameter provided to bcrypt() is invalid.
+    class InvalidSalt < BCrypt::Error; end
+
+    # The hash parameter provided to bcrypt() is invalid.
+    class InvalidHash < BCrypt::Error; end
+
+    # The cost parameter provided to bcrypt() is invalid.
+    class InvalidCost < BCrypt::Error; end
+
+    # The secret parameter provided to bcrypt() is invalid.
+    class InvalidSecret < BCrypt::Error; end
+
+  end
+
+end

data/lib/bcrypt/password.rb

@@ -0,0 +1,87 @@
+module BCrypt
+  # A password management class which allows you to safely store users' passwords and compare them.
+  #
+  # Example usage:
+  #
+  #   include BCrypt
+  #
+  #   # hash a user's password
+  #   @password = Password.create("my grand secret")
+  #   @password #=> "$2a$12$C5.FIvVDS9W4AYZ/Ib37YuWd/7ozp1UaMhU28UKrfSxp2oDchbi3K"
+  #
+  #   # store it safely
+  #   @user.update_attribute(:password, @password)
+  #
+  #   # read it back
+  #   @user.reload!
+  #   @db_password = Password.new(@user.password)
+  #
+  #   # compare it after retrieval
+  #   @db_password == "my grand secret" #=> true
+  #   @db_password == "a paltry guess"  #=> false
+  #
+  class Password < String
+    # The hash portion of the stored password hash.
+    attr_reader :checksum
+    # The salt of the store password hash (including version and cost).
+    attr_reader :salt
+    # The version of the bcrypt() algorithm used to create the hash.
+    attr_reader :version
+    # The cost factor used to create the hash.
+    attr_reader :cost
+
+    class << self
+      # Hashes a secret, returning a BCrypt::Password instance. Takes an optional <tt>:cost</tt> option, which is a
+      # logarithmic variable which determines how computational expensive the hash is to calculate (a <tt>:cost</tt> of
+      # 4 is twice as much work as a <tt>:cost</tt> of 3). The higher the <tt>:cost</tt> the harder it becomes for
+      # attackers to try to guess passwords (even if a copy of your database is stolen), but the slower it is to check
+      # users' passwords.
+      #
+      # Example:
+      #
+      #   @password = BCrypt::Password.create("my secret", :cost => 13)
+      def create(secret, options = {})
+        cost = options[:cost] || BCrypt::Engine.cost
+        raise ArgumentError if cost > BCrypt::Engine::MAX_COST
+        Password.new(BCrypt::Engine.hash_secret(secret, BCrypt::Engine.generate_salt(cost)))
+      end
+
+      def valid_hash?(h)
+        h =~ /^\$[0-9a-z]{2}\$[0-9]{2}\$[A-Za-z0-9\.\/]{53}$/
+      end
+    end
+
+    # Initializes a BCrypt::Password instance with the data from a stored hash.
+    def initialize(raw_hash)
+      if valid_hash?(raw_hash)
+        self.replace(raw_hash)
+        @version, @cost, @salt, @checksum = split_hash(self)
+      else
+        raise Errors::InvalidHash.new("invalid hash")
+      end
+    end
+
+    # Compares a potential secret against the hash. Returns true if the secret is the original secret, false otherwise.
+    def ==(secret)
+      super(BCrypt::Engine.hash_secret(secret, @salt))
+    end
+    alias_method :is_password?, :==
+
+  private
+
+    # Returns true if +h+ is a valid hash.
+    def valid_hash?(h)
+      self.class.valid_hash?(h)
+    end
+
+    # call-seq:
+    #   split_hash(raw_hash) -> version, cost, salt, hash
+    #
+    # Splits +h+ into version, cost, salt, and hash and returns them in that order.
+    def split_hash(h)
+      _, v, c, mash = h.split('$')
+      return v.to_str, c.to_i, h[0, 29].to_str, mash[-31, 31].to_str
+    end
+  end
+
+end