bcrypt 3.1.13 → 3.1.14

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8d5e2ce3f7df5807725e03678a1d8d60d24d710aefa7a3c2636c4c71d7602911
4
- data.tar.gz: 98bcb12a01f59e508d9d523dd031bab988d453abaddde47847c34e7919b67c23
3
+ metadata.gz: 91feef6cbd30f7651c84a8b01e8c89e0072314bef8d3d980df592c74646945fe
4
+ data.tar.gz: 612ec7a098b11202dcee1e2a1d24dbe5c0d00c07938e69d4bf2c26c6f4767edc
5
5
  SHA512:
6
- metadata.gz: 2f3bc43174cdb2f8298c81c7853c973e33f745aa1ea5ddb69121ebd953b086494005dce8a9c1861e818f38a1084c301df302ee8821ae975be2186ddbc7b07c80
7
- data.tar.gz: 9380402fbc0260e1b0590e846795324144c6d8b70c16c8a8ff3edbb93297387ee452bd1cbcd0b66126f48e99d11433ad958c1ddb4b801e586752684ad52d523f
6
+ metadata.gz: '08e1645f62b5b0bf9211a74d47f7660d6491ae218c073e11f135177476d33d36b267994e2ada56c10cd66e45157d3237fd3ed275f369f105e345b6e17b1cccc7'
7
+ data.tar.gz: 59d0d18110c202e8fddb58c97f3c6e33cafe767e6a567e02b8b0aff7ce6e9af345d723df8d59d4f7aa557a8dcc9ac22863b298e9cb37c990f5bf1514cbc32526
@@ -14,4 +14,10 @@ rvm:
14
14
  - ruby-head
15
15
  - jruby-head
16
16
  - rbx-3
17
+ matrix:
18
+ allow_failures:
19
+ - rvm: ruby-head
20
+ - rvm: jruby-head
21
+ - rvm: rbx-3
22
+ fast_finish: true
17
23
  script: bundle exec rake
data/CHANGELOG CHANGED
@@ -1,94 +1,98 @@
1
- 1.0.0 Feb 27 2007
2
- - Initial release.
1
+ 3.1.14 July 21 2020
2
+ - Start calibration from the minimum cost supported by the algorithm [GH #206 by @sergey-alekseev]
3
3
 
4
- 2.0.0 Mar 07 2007
5
- - Removed BCrypt::Password#exactly_equals -- use BCrypt::Password#eql? instead.
6
- - Added BCrypt::Password#is_password?.
7
- - Refactored out BCrypt::Internals into more useful BCrypt::Engine.
8
- - Added validation of secrets -- nil is not healthy.
4
+ 3.1.13 May 31 2019
5
+ - No longer include compiled binaries for Windows. See GH #173.
6
+ - Update C and Java implementations to latest versions [GH #182 by @fonica]
7
+ - Bump default cost to 12 [GH #181 by @bdewater]
8
+ - Remove explicit support for Rubies 1.8 and 1.9
9
+ - Define SKIP_GNU token when building extension (Fixes FreeBSD >= 12) [GH #189 by @adam12]
9
10
 
10
- 2.0.1 Mar 09 2007
11
- - Fixed load path issues
12
- - Fixed crashes when hashing weird values (e.g., false, etc.)
11
+ 3.1.12 May 16 2018
12
+ - Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
13
+ - Fix compatibility with libxcrypt [GH #164 by @besser82]
13
14
 
14
- 2.0.2 Jun 06 2007
15
- - Fixed example code in the README [Winson]
16
- - Fixed Solaris compatibility [Jeremy LaTrasse, Twitter crew]
15
+ 3.1.11 Mar 06 2016
16
+ - Add support for Ruby 2.2 in compiled Windows binaries
17
17
 
18
- 2.0.3 May 07 2008
19
- - Made exception classes descend from StandardError, not Exception [Dan42]
20
- - Changed BCrypt::Engine.hash to BCrypt::Engine.hash_secret to avoid Merb
21
- sorting issues. [Lee Pope]
18
+ 3.1.10 Jan 28 2015
19
+ - Fix issue with dumping a BCrypt::Password instance to YAML in Ruby 2.2 [GH #107 by @mattwildig]
22
20
 
23
- 2.0.4 Mar 09 2009
24
- - Added Ruby 1.9 compatibility. [Genki Takiuchi]
25
- - Fixed segfaults on some different types of empty strings. [Mike Pomraning]
21
+ 3.1.9 Oct 23 2014
22
+ - Rebuild corrupt binaries
26
23
 
27
- 2.0.5 Mar 11 2009
28
- - Fixed Ruby 1.8.5 compatibility. [Mike Pomraning]
24
+ 3.1.8 Oct 23 2014
25
+ - Add support for Ruby 2.1 in compiled Windows binaries [GH #102]
29
26
 
30
- 2.1.0 Aug 12 2009
31
- - Improved code coverage, unit tests, and build chain. [Hongli Lai]
32
- - Ruby 1.9 compatibility fixes. [Hongli Lai]
33
- - JRuby support, using Damien Miller's jBCrypt. [Hongli Lai]
34
- - Ruby 1.9 GIL releasing for high-cost hashes. [Hongli Lai]
27
+ 3.1.7 Feb 24 2014
28
+ - Rebuild corrupt Java binary version of gem [GH #90]
29
+ - The 2.1 support for Windows binaries alleged in 3.1.3 was a lie -- documentation removed
35
30
 
36
- 2.1.1 Aug 14 2009
37
- - JVM 1.4/1.5 compatibility [Hongli Lai]
31
+ 3.1.6 Feb 21 2014
32
+ - Dummy version of "bcrypt-ruby" needed a couple version bumps to fix some
33
+ bugs. It felt wrong to have that at a higher version than the real gem, so
34
+ the real gem is getting bumped to 3.1.6.
38
35
 
39
- 2.1.2 Sep 16 2009
40
- - Fixed support for Solaris, OpenSolaris.
36
+ 3.1.3 Feb 21 2014
37
+ - Add support for Ruby 2.1 in compiled Windows binaries
38
+ - Rename gem from "bcrypt-ruby" to just "bcrypt". [GH #86 by @sferik]
41
39
 
42
- 3.0.0 Aug 24 2011
43
- - Bcrypt C implementation replaced with a public domain implementation.
44
- - License changed to MIT
40
+ 3.1.2 Aug 26 2013
41
+ - Add support for Ruby 1.8 and 2.0 (in addition to 1.9) in compiled Windows binaries
42
+ - Add support for 64-bit Windows
45
43
 
46
- 3.0.1 Sep 12 2011
47
- - create raises an exception if the cost is higher than 31. GH #27
44
+ 3.1.1 Jul 10 2013
45
+ - Remove support for Ruby 1.8 in compiled win32 binaries
48
46
 
49
47
  3.1.0 May 07 2013
50
48
  - Add BCrypt::Password.valid_hash?(str) to check if a string is a valid bcrypt password hash
51
49
  - BCrypt::Password cost should be set to DEFAULT_COST if nil
52
50
  - Add BCrypt::Engine.cost attribute for getting/setting a default cost externally
53
51
 
54
- 3.1.1 Jul 10 2013
55
- - Remove support for Ruby 1.8 in compiled win32 binaries
52
+ 3.0.1 Sep 12 2011
53
+ - create raises an exception if the cost is higher than 31. GH #27
56
54
 
57
- 3.1.2 Aug 26 2013
58
- - Add support for Ruby 1.8 and 2.0 (in addition to 1.9) in compiled Windows binaries
59
- - Add support for 64-bit Windows
55
+ 3.0.0 Aug 24 2011
56
+ - Bcrypt C implementation replaced with a public domain implementation.
57
+ - License changed to MIT
60
58
 
61
- 3.1.3 Feb 21 2014
62
- - Add support for Ruby 2.1 in compiled Windows binaries
63
- - Rename gem from "bcrypt-ruby" to just "bcrypt". [GH #86 by @sferik]
59
+ 2.1.2 Sep 16 2009
60
+ - Fixed support for Solaris, OpenSolaris.
64
61
 
65
- 3.1.6 Feb 21 2014
66
- - Dummy version of "bcrypt-ruby" needed a couple version bumps to fix some
67
- bugs. It felt wrong to have that at a higher version than the real gem, so
68
- the real gem is getting bumped to 3.1.6.
62
+ 2.1.1 Aug 14 2009
63
+ - JVM 1.4/1.5 compatibility [Hongli Lai]
69
64
 
70
- 3.1.7 Feb 24 2014
71
- - Rebuild corrupt Java binary version of gem [GH #90]
72
- - The 2.1 support for Windows binaries alleged in 3.1.3 was a lie -- documentation removed
65
+ 2.1.0 Aug 12 2009
66
+ - Improved code coverage, unit tests, and build chain. [Hongli Lai]
67
+ - Ruby 1.9 compatibility fixes. [Hongli Lai]
68
+ - JRuby support, using Damien Miller's jBCrypt. [Hongli Lai]
69
+ - Ruby 1.9 GIL releasing for high-cost hashes. [Hongli Lai]
73
70
 
74
- 3.1.8 Oct 23 2014
75
- - Add support for Ruby 2.1 in compiled Windows binaries [GH #102]
71
+ 2.0.5 Mar 11 2009
72
+ - Fixed Ruby 1.8.5 compatibility. [Mike Pomraning]
76
73
 
77
- 3.1.9 Oct 23 2014
78
- - Rebuild corrupt binaries
74
+ 2.0.4 Mar 09 2009
75
+ - Added Ruby 1.9 compatibility. [Genki Takiuchi]
76
+ - Fixed segfaults on some different types of empty strings. [Mike Pomraning]
79
77
 
80
- 3.1.10 Jan 28 2015
81
- - Fix issue with dumping a BCrypt::Password instance to YAML in Ruby 2.2 [GH #107 by @mattwildig]
78
+ 2.0.3 May 07 2008
79
+ - Made exception classes descend from StandardError, not Exception [Dan42]
80
+ - Changed BCrypt::Engine.hash to BCrypt::Engine.hash_secret to avoid Merb
81
+ sorting issues. [Lee Pope]
82
82
 
83
- 3.1.11 Mar 06 2016
84
- - Add support for Ruby 2.2 in compiled Windows binaries
83
+ 2.0.2 Jun 06 2007
84
+ - Fixed example code in the README [Winson]
85
+ - Fixed Solaris compatibility [Jeremy LaTrasse, Twitter crew]
85
86
 
86
- 3.1.12 May 16 2018
87
- - Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
88
- - Fix compatibility with libxcrypt [GH #164 by @besser82]
87
+ 2.0.1 Mar 09 2007
88
+ - Fixed load path issues
89
+ - Fixed crashes when hashing weird values (e.g., false, etc.)
89
90
 
90
- [DRAFT] 4.0.0 MMM DD YYYY
91
- - No longer include compiled binaries for Windows. See GH #173.
92
- - Update C and Java implementations to latest versions [GH #182 by @fonica]
93
- - Bump default cost to 12 [GH #181 by @bdewater]
94
- - Remove explicit support for Rubies 1.8 and 1.9
91
+ 2.0.0 Mar 07 2007
92
+ - Removed BCrypt::Password#exactly_equals -- use BCrypt::Password#eql? instead.
93
+ - Added BCrypt::Password#is_password?.
94
+ - Refactored out BCrypt::Internals into more useful BCrypt::Engine.
95
+ - Added validation of secrets -- nil is not healthy.
96
+
97
+ 1.0.0 Feb 27 2007
98
+ - Initial release.
@@ -1,31 +1,30 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- bcrypt (3.1.13)
4
+ bcrypt (3.1.14)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
8
8
  specs:
9
- diff-lcs (1.3)
10
- rake (12.3.2)
9
+ diff-lcs (1.4.4)
10
+ rake (13.0.1)
11
11
  rake-compiler (0.9.9)
12
12
  rake
13
- rspec (3.8.0)
14
- rspec-core (~> 3.8.0)
15
- rspec-expectations (~> 3.8.0)
16
- rspec-mocks (~> 3.8.0)
17
- rspec-core (3.8.0)
18
- rspec-support (~> 3.8.0)
19
- rspec-expectations (3.8.3)
13
+ rspec (3.9.0)
14
+ rspec-core (~> 3.9.0)
15
+ rspec-expectations (~> 3.9.0)
16
+ rspec-mocks (~> 3.9.0)
17
+ rspec-core (3.9.2)
18
+ rspec-support (~> 3.9.3)
19
+ rspec-expectations (3.9.2)
20
20
  diff-lcs (>= 1.2.0, < 2.0)
21
- rspec-support (~> 3.8.0)
22
- rspec-mocks (3.8.0)
21
+ rspec-support (~> 3.9.0)
22
+ rspec-mocks (3.9.1)
23
23
  diff-lcs (>= 1.2.0, < 2.0)
24
- rspec-support (~> 3.8.0)
25
- rspec-support (3.8.0)
24
+ rspec-support (~> 3.9.0)
25
+ rspec-support (3.9.3)
26
26
 
27
27
  PLATFORMS
28
- java
29
28
  ruby
30
29
 
31
30
  DEPENDENCIES
@@ -34,4 +33,4 @@ DEPENDENCIES
34
33
  rspec (>= 3)
35
34
 
36
35
  BUNDLED WITH
37
- 1.16.1
36
+ 2.2.0.dev
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'bcrypt'
3
- s.version = '3.1.13'
3
+ s.version = '3.1.14'
4
4
 
5
5
  s.summary = "OpenBSD's bcrypt() password hashing algorithm."
6
6
  s.description = <<-EOF
@@ -1,53 +1,105 @@
1
1
  #include <ruby.h>
2
2
  #include <ow-crypt.h>
3
3
 
4
+ #ifdef HAVE_RUBY_THREAD_H
5
+ #include <ruby/thread.h>
6
+ #endif
7
+
4
8
  static VALUE mBCrypt;
5
9
  static VALUE cBCryptEngine;
6
10
 
11
+ struct bc_salt_args {
12
+ const char * prefix;
13
+ unsigned long count;
14
+ const char * input;
15
+ int size;
16
+ };
17
+
18
+ static void * bc_salt_nogvl(void * ptr) {
19
+ struct bc_salt_args * args = ptr;
20
+
21
+ return crypt_gensalt_ra(args->prefix, args->count, args->input, args->size);
22
+ }
23
+
7
24
  /* Given a logarithmic cost parameter, generates a salt for use with +bc_crypt+.
8
25
  */
9
26
  static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
10
27
  char * salt;
11
28
  VALUE str_salt;
12
-
13
- salt = crypt_gensalt_ra(
14
- StringValuePtr(prefix),
15
- NUM2ULONG(count),
16
- NIL_P(input) ? NULL : StringValuePtr(input),
17
- NIL_P(input) ? 0 : RSTRING_LEN(input));
29
+ struct bc_salt_args args;
30
+
31
+ /* duplicate the parameters for thread safety. If another thread has a
32
+ * reference to the parameters and mutates them while we are working,
33
+ * that would be very bad. Duping the strings means that the reference
34
+ * isn't shared. */
35
+ prefix = rb_str_new_frozen(prefix);
36
+ input = rb_str_new_frozen(input);
37
+
38
+ args.prefix = StringValueCStr(prefix);
39
+ args.count = NUM2ULONG(count);
40
+ args.input = NIL_P(input) ? NULL : StringValuePtr(input);
41
+ args.size = NIL_P(input) ? 0 : RSTRING_LEN(input);
42
+
43
+ #ifdef HAVE_RUBY_THREAD_H
44
+ salt = rb_thread_call_without_gvl(bc_salt_nogvl, &args, NULL, NULL);
45
+ #else
46
+ salt = bc_salt_nogvl((void *)&args);
47
+ #endif
18
48
 
19
49
  if(!salt) return Qnil;
20
50
 
21
51
  str_salt = rb_str_new2(salt);
22
- xfree(salt);
52
+ free(salt);
23
53
 
24
54
  return str_salt;
25
55
  }
26
56
 
57
+ struct bc_crypt_args {
58
+ const char * key;
59
+ const char * setting;
60
+ void * data;
61
+ int size;
62
+ };
63
+
64
+ static void * bc_crypt_nogvl(void * ptr) {
65
+ struct bc_crypt_args * args = ptr;
66
+
67
+ return crypt_ra(args->key, args->setting, &args->data, &args->size);
68
+ }
69
+
27
70
  /* Given a secret and a salt, generates a salted hash (which you can then store safely).
28
71
  */
29
72
  static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
30
73
  char * value;
31
- void * data;
32
- int size;
33
74
  VALUE out;
34
75
 
35
- data = NULL;
36
- size = 0xDEADBEEF;
76
+ struct bc_crypt_args args;
37
77
 
38
78
  if(NIL_P(key) || NIL_P(setting)) return Qnil;
39
79
 
40
- value = crypt_ra(
41
- NIL_P(key) ? NULL : StringValuePtr(key),
42
- NIL_P(setting) ? NULL : StringValuePtr(setting),
43
- &data,
44
- &size);
80
+ /* duplicate the parameters for thread safety. If another thread has a
81
+ * reference to the parameters and mutates them while we are working,
82
+ * that would be very bad. Duping the strings means that the reference
83
+ * isn't shared. */
84
+ key = rb_str_new_frozen(key);
85
+ setting = rb_str_new_frozen(setting);
86
+
87
+ args.data = NULL;
88
+ args.size = 0xDEADBEEF;
89
+ args.key = NIL_P(key) ? NULL : StringValueCStr(key);
90
+ args.setting = NIL_P(setting) ? NULL : StringValueCStr(setting);
91
+
92
+ #ifdef HAVE_RUBY_THREAD_H
93
+ value = rb_thread_call_without_gvl(bc_crypt_nogvl, &args, NULL, NULL);
94
+ #else
95
+ value = bc_crypt_nogvl((void *)&args);
96
+ #endif
45
97
 
46
- if(!value) return Qnil;
98
+ if(!value || !args.data) return Qnil;
47
99
 
48
- out = rb_str_new2(value);
100
+ out = rb_str_new(args.data, args.size - 1);
49
101
 
50
- xfree(data);
102
+ free(args.data);
51
103
 
52
104
  return out;
53
105
  }
@@ -361,7 +361,7 @@ static BF_ctx BF_init_state = {
361
361
  }
362
362
  };
363
363
 
364
- static unsigned char BF_itoa64[64 + 1] =
364
+ static const unsigned char BF_itoa64[64 + 1] =
365
365
  "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
366
366
 
367
367
  static unsigned char BF_atoi64[0x60] = {
@@ -387,9 +387,8 @@ static int BF_decode(BF_word *dst, const char *src, int size)
387
387
  unsigned char *dptr = (unsigned char *)dst;
388
388
  unsigned char *end = dptr + size;
389
389
  const unsigned char *sptr = (const unsigned char *)src;
390
- unsigned int tmp, c1, c2, c3, c4;
391
-
392
390
  do {
391
+ unsigned int tmp, c1, c2, c3, c4;
393
392
  BF_safe_atoi64(c1, *sptr++);
394
393
  BF_safe_atoi64(c2, *sptr++);
395
394
  *dptr++ = (c1 << 2) | ((c2 & 0x30) >> 4);
@@ -402,7 +401,6 @@ static int BF_decode(BF_word *dst, const char *src, int size)
402
401
  BF_safe_atoi64(c4, *sptr++);
403
402
  *dptr++ = ((c3 & 0x03) << 6) | c4;
404
403
  } while (dptr < end);
405
-
406
404
  return 0;
407
405
  }
408
406
 
@@ -411,9 +409,8 @@ static void BF_encode(char *dst, const BF_word *src, int size)
411
409
  const unsigned char *sptr = (const unsigned char *)src;
412
410
  const unsigned char *end = sptr + size;
413
411
  unsigned char *dptr = (unsigned char *)dst;
414
- unsigned int c1, c2;
415
-
416
412
  do {
413
+ unsigned int c1, c2;
417
414
  c1 = *sptr++;
418
415
  *dptr++ = BF_itoa64[c1 >> 2];
419
416
  c1 = (c1 & 0x03) << 4;
@@ -442,10 +439,9 @@ static void BF_swap(BF_word *x, int count)
442
439
  {
443
440
  static int endianness_check = 1;
444
441
  char *is_little_endian = (char *)&endianness_check;
445
- BF_word tmp;
446
-
447
442
  if (*is_little_endian)
448
443
  do {
444
+ BF_word tmp;
449
445
  tmp = *x;
450
446
  tmp = (tmp << 16) | (tmp >> 16);
451
447
  *x++ = ((tmp & 0x00FF00FF) << 8) | ((tmp >> 8) & 0x00FF00FF);
@@ -517,7 +513,7 @@ static void BF_swap(BF_word *x, int count)
517
513
  R = L; \
518
514
  L = tmp4 ^ data.ctx.P[BF_N + 1];
519
515
 
520
- #if BF_ASM
516
+ #if BF_ASM == 1
521
517
  #define BF_body() \
522
518
  _BF_body_r(&data.ctx);
523
519
  #else
@@ -650,7 +646,7 @@ static char *BF_crypt(const char *key, const char *setting,
650
646
  char *output, int size,
651
647
  BF_word min)
652
648
  {
653
- #if BF_ASM
649
+ #if BF_ASM == 1
654
650
  extern void _BF_body_r(BF_ctx *ctx);
655
651
  #endif
656
652
  struct {
@@ -28,7 +28,7 @@
28
28
  /* Just to make sure the prototypes match the actual definitions */
29
29
  #include "crypt_gensalt.h"
30
30
 
31
- unsigned char _crypt_itoa64[64 + 1] =
31
+ const unsigned char _crypt_itoa64[64 + 1] =
32
32
  "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
33
33
 
34
34
  char *_crypt_gensalt_traditional_rn(const char *prefix, unsigned long count,
@@ -17,7 +17,7 @@
17
17
  #ifndef _CRYPT_GENSALT_H
18
18
  #define _CRYPT_GENSALT_H
19
19
 
20
- extern unsigned char _crypt_itoa64[];
20
+ extern const unsigned char _crypt_itoa64[];
21
21
  extern char *_crypt_gensalt_traditional_rn(const char *prefix,
22
22
  unsigned long count,
23
23
  const char *input, int size, char *output, int output_size);
@@ -17,6 +17,9 @@
17
17
  #include <stdlib.h>
18
18
  #include <string.h>
19
19
 
20
+ /* Redefine strdup to ruby_strdup in case string.h doesn't export it. */
21
+ #include <ruby/util.h>
22
+
20
23
  #include <errno.h>
21
24
  #ifndef __set_errno
22
25
  #define __set_errno(val) errno = (val)
@@ -199,5 +199,5 @@ BF_die:
199
199
  #endif
200
200
 
201
201
  #if defined(__ELF__) && defined(__linux__)
202
- .section .note.GNU-stack,"",@progbits
202
+ .section .note.GNU-stack,"",%progbits
203
203
  #endif
@@ -5,6 +5,8 @@ module BCrypt
5
5
  DEFAULT_COST = 12
6
6
  # The minimum cost supported by the algorithm.
7
7
  MIN_COST = 4
8
+ # The maximum cost supported by the algorithm.
9
+ MAX_COST = 31
8
10
  # Maximum possible size of bcrypt() salts.
9
11
  MAX_SALT_LENGTH = 16
10
12
 
@@ -99,7 +101,7 @@ module BCrypt
99
101
  # # should take less than 1000ms
100
102
  # BCrypt::Password.create("woo", :cost => 12)
101
103
  def self.calibrate(upper_time_limit_in_ms)
102
- 40.times do |i|
104
+ (BCrypt::Engine::MIN_COST..BCrypt::Engine::MAX_COST-1).each do |i|
103
105
  start_time = Time.now
104
106
  Password.create("testing testing", :cost => i+1)
105
107
  end_time = Time.now - start_time
@@ -42,7 +42,7 @@ module BCrypt
42
42
  # @password = BCrypt::Password.create("my secret", :cost => 13)
43
43
  def create(secret, options = {})
44
44
  cost = options[:cost] || BCrypt::Engine.cost
45
- raise ArgumentError if cost > 31
45
+ raise ArgumentError if cost > BCrypt::Engine::MAX_COST
46
46
  Password.new(BCrypt::Engine.hash_secret(secret, BCrypt::Engine.generate_salt(cost)))
47
47
  end
48
48
 
@@ -1,5 +1,15 @@
1
1
  require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
2
2
 
3
+ describe 'BCrypt::Engine' do
4
+ describe '.calibrate(upper_time_limit_in_ms)' do
5
+ context 'a tiny upper time limit provided' do
6
+ it 'returns a minimum cost supported by the algorithm' do
7
+ expect(BCrypt::Engine.calibrate(0.001)).to eq(4)
8
+ end
9
+ end
10
+ end
11
+ end
12
+
3
13
  describe "The BCrypt engine" do
4
14
  specify "should calculate the optimal cost factor to fit in a specific time" do
5
15
  first = BCrypt::Engine.calibrate(100)
metadata CHANGED
@@ -1,38 +1,38 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bcrypt
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.13
4
+ version: 3.1.14
5
5
  platform: ruby
6
6
  authors:
7
7
  - Coda Hale
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-05-31 00:00:00.000000000 Z
11
+ date: 2020-07-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
+ name: rake-compiler
14
15
  requirement: !ruby/object:Gem::Requirement
15
16
  requirements:
16
17
  - - "~>"
17
18
  - !ruby/object:Gem::Version
18
19
  version: 0.9.2
19
- name: rake-compiler
20
- prerelease: false
21
20
  type: :development
21
+ prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: 0.9.2
27
27
  - !ruby/object:Gem::Dependency
28
+ name: rspec
28
29
  requirement: !ruby/object:Gem::Requirement
29
30
  requirements:
30
31
  - - ">="
31
32
  - !ruby/object:Gem::Version
32
33
  version: '3'
33
- name: rspec
34
- prerelease: false
35
34
  type: :development
35
+ prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - ">="
@@ -50,10 +50,10 @@ extra_rdoc_files:
50
50
  - README.md
51
51
  - COPYING
52
52
  - CHANGELOG
53
- - lib/bcrypt.rb
54
- - lib/bcrypt/password.rb
55
53
  - lib/bcrypt/engine.rb
56
54
  - lib/bcrypt/error.rb
55
+ - lib/bcrypt/password.rb
56
+ - lib/bcrypt.rb
57
57
  files:
58
58
  - ".gitignore"
59
59
  - ".rspec"
@@ -112,8 +112,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
112
112
  - !ruby/object:Gem::Version
113
113
  version: '0'
114
114
  requirements: []
115
- rubyforge_project:
116
- rubygems_version: 2.7.6
115
+ rubygems_version: 3.2.0.pre1
117
116
  signing_key:
118
117
  specification_version: 4
119
118
  summary: OpenBSD's bcrypt() password hashing algorithm.