crypt_checkpass 1

data/lib/crypt_checkpass/scrypt.rb

@@ -0,0 +1,214 @@
+#! /your/favourite/path/to/ruby
+# -*- mode: ruby; coding: utf-8; indent-tabs-mode: nil; ruby-indent-level: 2 -*-
+# -*- frozen_string_literal: true -*-
+# -*- warn_indent: true -*-
+
+# Copyright (c) 2018 Urabe, Shyouhei
+#
+# Permission is hereby granted, free of  charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction,  including without limitation the rights
+# to use,  copy, modify,  merge, publish,  distribute, sublicense,  and/or sell
+# copies  of the  Software,  and to  permit  persons to  whom  the Software  is
+# furnished to do so, subject to the following conditions:
+#
+#       The above copyright notice and this permission notice shall be
+#       included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE  IS PROVIDED "AS IS",  WITHOUT WARRANTY OF ANY  KIND, EXPRESS OR
+# IMPLIED,  INCLUDING BUT  NOT LIMITED  TO THE  WARRANTIES OF  MERCHANTABILITY,
+# FITNESS FOR A  PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO  EVENT SHALL THE
+# AUTHORS  OR COPYRIGHT  HOLDERS  BE LIABLE  FOR ANY  CLAIM,  DAMAGES OR  OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+require 'securerandom'
+require_relative 'phc_string_format'
+
+# This class is to support RFC7914-related hash variants.
+#
+# ### Format:
+#
+# Life gets extremely hard here because Ruby's `scrypt` gem does not follow the
+# Modular Crypt Format.  You cannot tell if a string is scrypt-generated or not
+# by looking at its beginning.
+#
+# ```ruby
+# %r{
+#   (?<N>    [0-9a-f]+ ){0}
+#   (?<r>    [0-9a-f]+ ){0}
+#   (?<p>    [0-9a-f]+ ){0}
+#   (?<salt> [0-9a-f]+ ){0}
+#   (?<csum> [0-9a-f]+ ){0}
+#
+#   \A     \g<N>
+#      [$] \g<r>
+#      [$] \g<p>
+#      [$] \g<salt>
+#      [$] \g<csum>
+#   \z
+# }x
+# ```
+#
+#   - `N` is the CPU/Memory cost parameter N ("costParameter").
+#
+#   - `r` is the block size parameter r ("blockSize").
+#
+#   - `p` is the parallelization parameter p ("parallelizationParameter").
+#
+#   - `salt` is the salt string.
+#
+#   - `csum` is the checksum strgng.
+#
+# All of above fields are represented as hexadecimal numbers.
+#
+# This is  too different from other  password hashs.  To ease  the situation we
+# also follow extra  format that is compatible with Python's  Passlib and npm's
+# @phc/scrypt generates.
+#
+# ```ruby
+# %r{
+#   (?<id>   scrypt         ){0}
+#   (?<ln>   ln=[1-9][0-9]* ){0}
+#   (?<r>    r=[1-9][0-9]*  ){0}
+#   (?<p>    p=[1-9][0-9]*  ){0}
+#   (?<salt> [a-zA-Z0-9+/]* ){0}
+#   (?<csum> [a-zA-Z0-9+/]* ){0}
+#
+#   \A [$] \g<id>
+#      [$] \g<ln>
+#      [,] \g<r>
+#      [,] \g<p>
+#      [$] \g<salt>
+#      [$] \g<csum>
+#   \z
+# }x
+# ```
+#
+# - This is a strict PHC string format. See also
+#   {CryptCheckpass::PHCStringFormat}
+#
+# - Parameters are `ln`, `r`, and `p` where `ln` deontes log2(N).
+#
+# ### Other formats:
+#
+# Seems there are no such thing  like a standard way to encode scrypt-generated
+# passwords.  Lots  of wild formats  are seen.  We  could support them  if they
+# have actual usage and to be migrated to another format.
+#
+# - variant  `$7$`: seem in  http://mail.tarsnap.com/scrypt/msg00063.html.  Not
+#   sure if it has actual applications.
+#
+# - variant `$s1$`: https://github.com/technion/libscrypt generates this.
+#
+# - variant `$$scrypt-mcf$`: the default output of https://libpasta.github.io
+#
+# - Recent  OpenSSL  (1.1.0+)  does   have  EVP_PBE_scrypt()  implemented,  but
+#   generates pure-binary raw checksums without any formats.
+#
+# @see https://en.wikipedia.org/wiki/Scrypt
+# @see https://tools.ietf.org/html/rfc7914
+# @see https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html
+# @example
+#   crypt_newhash 'password', id: 'scrypt'
+#   # => "$scrypt$ln=8,r=8,p=1$aL2uvFKrfoVkxAgy1j/Y4OAJ8D0p1yP/uqFg3UU8t64$/xZGQyALLQrKzaBRGwzGCw+FGgRqFwyCfZddC5qvZYA"
+# @example
+#   crypt_checkpass? 'password', '$scrypt$ln=8,r=8,p=1$aL2uvFKrfoVkxAgy1j/Y4OAJ8D0p1yP/uqFg3UU8t64$/xZGQyALLQrKzaBRGwzGCw+FGgRqFwyCfZddC5qvZYA'
+#   # => true
+
+class CryptCheckpass::Scrypt < CryptCheckpass
+
+  # (see CryptCheckpass.understand?)
+  def self.understand? str
+    return match? str, understander
+  end
+
+  # (see CryptCheckpass.checkpass?)
+  def self.checkpass? pass, hash
+    require 'scrypt'
+
+    case hash
+    when /\A\$scrypt\$/ then return checkpass_phc pass, hash
+    else                     return checkpass_gem pass, hash
+    end
+  end
+
+  # (see CryptCheckpass.provide?)
+  def self.provide? id
+    return id == 'scrypt'
+  end
+
+  # (see CryptCheckpass.newhash)
+  #
+  # @param pass   [String]  raw binary password string.
+  # @param id     [String]  name of the algorithm (ignored)
+  # @param ln     [Integer] cost parameter in log2.
+  # @param r      [Integer] block size.
+  # @param p      [Integer] parallelism parameter.
+  def self.newhash pass, id: 'scrypt', ln: 8, r: 8, p: 1
+    require 'scrypt'
+
+    salt = SecureRandom.random_bytes ::SCrypt::Engine::DEFAULTS[:salt_size]
+    klen = ::SCrypt::Engine::DEFAULTS[:key_len]
+    csum = ::SCrypt::Engine.scrypt pass, salt, 2 ** ln, r, p, klen
+    return phcencode 'scrypt', { ln: ln, r: r, p: p }, salt, csum
+  end
+end
+
+# helper routines
+class << CryptCheckpass::Scrypt
+  include CryptCheckpass::PHCStringFormat
+
+  private
+
+  def checkpass_phc pass, hash
+    require 'consttime_memequal'
+
+    json     = phcdecode hash
+    ln, r, p = json[:params].values_at :ln, :r, :p
+    expected = json[:csum]
+    salt     = json[:salt]
+    klen     = ::SCrypt::Engine::DEFAULTS[:key_len]
+    actual   = ::SCrypt::Engine.scrypt pass, salt, 2 ** ln, r, p, klen
+    return consttime_memequal? actual, expected
+  end
+
+  def checkpass_gem pass, hash
+    obj = ::SCrypt::Password.new hash
+    return obj == pass
+  end
+
+  def understander
+    return %r{
+      (?<n1>    [0-9a-f]+          ){0}
+      (?<r1>    [0-9a-f]+          ){0}
+      (?<p1>    [0-9a-f]+          ){0}
+      (?<salt1> [0-9a-f]+          ){0}
+      (?<csum1> [0-9a-f]+          ){0}
+
+      (?<id2>   scrypt             ){0}
+      (?<ln2>   ln=[1-9][0-9]*     ){0}
+      (?<r2>    r=[1-9][0-9]*      ){0}
+      (?<p2>    p=[1-9][0-9]*      ){0}
+      (?<salt2> [a-zA-Z0-9+/]*     ){0}
+      (?<csum2> [a-zA-Z0-9+/]*     ){0}
+
+      \A (?:
+             \g<n1>
+         [$] \g<r1>
+         [$] \g<p1>
+         [$] \g<salt1>
+         [$] \g<csum1>
+
+      |
+         [$] \g<id2>
+         [$] \g<ln2>
+         [,] \g<r2>
+         [,] \g<p2>
+         [$] \g<salt2>
+         [$] \g<csum2>
+      ) \z
+    }x
+  end
+end

data/lib/crypt_checkpass/sha2.rb

@@ -0,0 +1,162 @@
+#! /your/favourite/path/to/ruby
+# -*- mode: ruby; coding: utf-8; indent-tabs-mode: nil; ruby-indent-level: 2 -*-
+# -*- frozen_string_literal: true -*-
+# -*- warn_indent: true -*-
+
+# Copyright (c) 2018 Urabe, Shyouhei
+#
+# Permission is hereby granted, free of  charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction,  including without limitation the rights
+# to use,  copy, modify,  merge, publish,  distribute, sublicense,  and/or sell
+# copies  of the  Software,  and to  permit  persons to  whom  the Software  is
+# furnished to do so, subject to the following conditions:
+#
+#       The above copyright notice and this permission notice shall be
+#       included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE  IS PROVIDED "AS IS",  WITHOUT WARRANTY OF ANY  KIND, EXPRESS OR
+# IMPLIED,  INCLUDING BUT  NOT LIMITED  TO THE  WARRANTIES OF  MERCHANTABILITY,
+# FITNESS FOR A  PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO  EVENT SHALL THE
+# AUTHORS  OR COPYRIGHT  HOLDERS  BE LIABLE  FOR ANY  CLAIM,  DAMAGES OR  OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+# The sha256cyrpt /  sha512crypt by Ulrich Drepper.   Default for `/etc/shadow`
+# of most Linux distributions.  Also no security flaws are known at the moment.
+#
+# ### Newhash:
+#
+# You can use `crypto_newhash` to create a new password hash using SHA2:
+#
+# ```ruby
+# crypt_newhash(password, id: 'sha256', rounds: 1024)
+# ```
+#
+# where:
+#
+#   - `password` is the raw binary password that you want to digest.
+#
+#   - `id` is either "sha256" or "sha512".
+#
+#   - `rounds` is for iteration rounds.
+#
+# The generated password hash has following format.
+#
+# ### Format:
+#
+# Hash strings generated by sha256cyrpt is construted like this:
+#
+# ```ruby
+# %r{
+#   (?<id>     5                   ){0}
+#   (?<rounds> rounds=[1-9]\d{3,8} ){0}
+#   (?<salt>   [A-Za-z0-9./]{,16}  ){0}
+#   (?<csum>   [A-Za-z0-9./]{43}   ){0}
+#
+#   \A     [$] \g<id>
+#      (?: [$] \g<rounds> )?
+#          [$] \g<salt>
+#          [$] \g<csum>
+#   \z
+# }x
+# ```
+#
+# That of sha512crypt is construted like this:
+#
+# ```ruby
+# %r{
+#   (?<id>     6                   ){0}
+#   (?<rounds> rounds=[1-9]\d{3,8} ){0}
+#   (?<salt>   [A-Za-z0-9./]{,16}  ){0}
+#   (?<csum>   [A-Za-z0-9./]{86}   ){0}
+#
+#   \A     [$] \g<id>
+#      (?: [$] \g<rounds> )?
+#          [$] \g<salt>
+#          [$] \g<csum>
+#   \z
+# }x
+# ```
+#
+# - `id` is 5 for sha256cyrpt, 6 for sha512crypt.
+#
+# - `rounds` is, if  present, the stretch rounds in decimal  integer. Should be
+#   in range of 1,000 to 999,999,999 inclusive.
+#
+# - `salt` and `csum`  are the salt and checksum strings.   Both are encoded in
+#   base64-like  strings  that  do  not  strictly  follow  RFC4648.   The  only
+#   difference between `$5$` and `$6$` is the length of csum.
+#
+# @see https://www.akkadia.org/drepper/SHA-crypt.txt
+# @example
+#   crypt_newhash 'password', id: 'sha256'
+#   # => "$5$eWGIDuRO1LEg8sAB$Pjdxj3AVy4GnFfeOfz8Ek1Gn.vDwTFMMyNk56x/lc.4"
+# @example
+#   crypt_checkpass? 'password', '$5$eWGIDuRO1LEg8sAB$Pjdxj3AVy4GnFfeOfz8Ek1Gn.vDwTFMMyNk56x/lc.4'
+#   # => true
+# @example
+#   crypt_newhash 'password', id: 'sha512'
+#   # => "$6$oIlkXbDGlU.HktGx$L7xkRSQYLe/yCbz6hIM2JSY6EMtkr/CyvR71Bhr9VkotfEOUiwY8A0rAuSFmO1titWLA8hTKQXWl3ZX0QqokS0"
+# @example
+#   crypt_checkpass? 'password', '$6$oIlkXbDGlU.HktGx$L7xkRSQYLe/yCbz6hIM2JSY6EMtkr/CyvR71Bhr9VkotfEOUiwY8A0rAuSFmO1titWLA8hTKQXWl3ZX0QqokS0'
+#   # => true
+class CryptCheckpass::SHA2 < CryptCheckpass
+
+  # (see CryptCheckpass.understand?)
+  def self.understand? str
+    md = %r{
+      (?<id>     5 | 6                ){0}
+      (?<rounds> rounds=[1-9]\d{3,8}  ){0}
+      (?<salt>   [A-Za-z0-9./]{,16}   ){0}
+      (?<csum>   [A-Za-z0-9./]{43,86} ){0}
+
+      \A     [$] \g<id>
+         (?: [$] \g<rounds> )?
+             [$] \g<salt>
+             [$] \g<csum>
+      \z
+    }x.match str
+    return false unless md
+    case md['id']
+    when '5' then return md['csum'].length == 43
+    when '6' then return md['csum'].length == 86
+    end
+  end
+
+  # (see CryptCheckpass.checkpass?)
+  def self.checkpass? pass, hash
+    require 'unix-crypt', 'unix_crypt'
+
+    return UnixCrypt.valid? pass, hash
+  end
+
+  # (see CryptCheckpass.provide?)
+  def self.provide? id
+    case id when 'sha256', 'sha512' then
+      return true
+    else
+      return false
+    end
+  end
+
+  # (see CryptCheckpass.newhash)
+  #
+  # @param pass   [String]  raw binary password string.
+  # @param id     [String]  name of the algorithm.
+  # @param rounds [Integer] rounds of stretching.
+  def self.newhash pass, id: 'sha256', rounds: nil
+    require 'unix-crypt', 'unix_crypt'
+
+    case id
+    when 'sha256' then
+      klass = UnixCrypt::SHA256
+    when 'sha512' then
+      klass = UnixCrypt::SHA512
+    else
+      raise ArgumentError, 'unknown id: %p', id
+    end
+    return klass.build pass, nil, rounds
+  end
+end

metadata

@@ -0,0 +1,201 @@
+--- !ruby/object:Gem::Specification
+name: crypt_checkpass
+version: !ruby/object:Gem::Version
+  version: '1'
+platform: ruby
+authors:
+- Urabe, Shyouhei
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-06-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.49.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.49.0
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: test-unit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: consttime_memequal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Check password hash, like OpenBSD's crypt_checkpass(3) / PHP's password_verify()
+email: shyouhei@ruby-lang.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rubocop.yml"
+- ".yardopts"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- crypt_checkpass.gemspec
+- lib/crypt_checkpass.rb
+- lib/crypt_checkpass/api.rb
+- lib/crypt_checkpass/argon2.rb
+- lib/crypt_checkpass/bcrypt.rb
+- lib/crypt_checkpass/pbkdf2.rb
+- lib/crypt_checkpass/phc_string_format.rb
+- lib/crypt_checkpass/scrypt.rb
+- lib/crypt_checkpass/sha2.rb
+homepage: https://github.com/shyouhei/crypt_checkpass
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2.2
+signing_key: 
+specification_version: 4
+summary: provides crypt_checkpass / crypt_newhash
+test_files: []