devise-scrypt 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +17 -0
- data/.rspec +2 -0
- data/.travis.yml +18 -0
- data/.yardopts +1 -0
- data/Gemfile +17 -0
- data/Guardfile +13 -0
- data/LICENSE.txt +22 -0
- data/README.md +73 -0
- data/Rakefile +1 -0
- data/devise-scrypt.gemspec +23 -0
- data/lib/devise-scrypt.rb +4 -0
- data/lib/devise/encryptable/encryptors/scrypt.rb +36 -0
- data/lib/devise/encryptable/encryptors/scrypt/version.rb +7 -0
- data/spec/devise-scrypt_spec.rb +39 -0
- data/spec/spec_helper.rb +8 -0
- metadata +117 -0
data/.gitignore
ADDED
data/.rspec
ADDED
data/.travis.yml
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
script:
|
2
|
+
- bundle
|
3
|
+
- bundle exec rspec
|
4
|
+
rvm:
|
5
|
+
- ree
|
6
|
+
- 1.8.7
|
7
|
+
- 1.9.2
|
8
|
+
- 1.9.3
|
9
|
+
- ruby-head
|
10
|
+
- rbx-18mode
|
11
|
+
- rbx-19mode
|
12
|
+
matrix:
|
13
|
+
allow_failures:
|
14
|
+
- rvm: ruby-head
|
15
|
+
notifications:
|
16
|
+
email:
|
17
|
+
on_success: always
|
18
|
+
on_failure: always
|
data/.yardopts
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--markup markdown --readme README.md --title "Devise::Encryptable::Encryptors::Scrypt"
|
data/Gemfile
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
source 'https://rubygems.org'
|
2
|
+
|
3
|
+
# Specify your gem's dependencies in gvoe_auth-client.gemspec
|
4
|
+
gemspec
|
5
|
+
|
6
|
+
gem 'rspec', '>= 2.11.0'
|
7
|
+
gem 'simplecov'
|
8
|
+
|
9
|
+
gem 'yard'
|
10
|
+
|
11
|
+
gem 'guard-rspec'
|
12
|
+
gem 'guard-bundler'
|
13
|
+
# FS Event watching libraries for guard
|
14
|
+
# inotify for Linux
|
15
|
+
gem 'rb-inotify', :require => false
|
16
|
+
# rb-fsevent for OS X
|
17
|
+
gem 'rb-fsevent', '~> 0.9.1', :require => false
|
data/Guardfile
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
# A sample Guardfile
|
2
|
+
# More info at https://github.com/guard/guard#readme
|
3
|
+
|
4
|
+
guard 'bundler' do
|
5
|
+
watch('Gemfile')
|
6
|
+
watch(/^.+\.gemspec/)
|
7
|
+
end
|
8
|
+
|
9
|
+
guard 'rspec', :version => 2 do
|
10
|
+
# Anything changes, run all specs!
|
11
|
+
watch(%r{^.+\.rb$}) { 'spec' }
|
12
|
+
end
|
13
|
+
|
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2012 Christoph Olszowka, Capita Unternehmensberatung GmbH
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,73 @@
|
|
1
|
+
devise-scrypt [][Continuous Integration]
|
2
|
+
=============
|
3
|
+
|
4
|
+
**A [devise-encryptable] password encryptor that uses [SCrypt]**
|
5
|
+
|
6
|
+
* [Source Code]
|
7
|
+
* [API documentation]
|
8
|
+
* [Rubygem]
|
9
|
+
* [Continuous Integration]
|
10
|
+
|
11
|
+
[Source Code]: https://github.com/capita/devise-scrypt "Source Code @ GitHub"
|
12
|
+
[API documentation]: http://rubydoc.info/gems/devise-scrypt/frames "API Documentation at Rubydoc.info"
|
13
|
+
[Rubygem]: http://rubygems.org/gems/devise-scrypt "Rubygem @ rubygems.org"
|
14
|
+
[Continuous Integration]: http://travis-ci.org/capita/devise-scrypt "Continuous integration @ travis-ci.org"
|
15
|
+
|
16
|
+
[SCrypt]: https://github.com/pbhogan/scrypt "scrypt rubygem"
|
17
|
+
[devise]: https://github.com/plataformatec/devise "devise rubygem"
|
18
|
+
[devise-encryptable]: https://github.com/plataformatec/devise-encryptable "devise-encryptable plugin"
|
19
|
+
|
20
|
+
|
21
|
+
## Usage
|
22
|
+
|
23
|
+
Assuming you have [devise] (>= 2.1) and the [devise-encryptable] plugin
|
24
|
+
set up in your application, add `devise-scrypt` to your `Gemfile` and `bundle`:
|
25
|
+
|
26
|
+
gem 'devise-scrypt'
|
27
|
+
|
28
|
+
Then open up your [devise] configuration, which supposedly lives at
|
29
|
+
`config/initializers/devise.rb` and configure your encryptor to be `scrypt`:
|
30
|
+
|
31
|
+
# config/initializers/devise.rb
|
32
|
+
Devise.setup do |config|
|
33
|
+
# ..
|
34
|
+
config.encryptor = :scrypt
|
35
|
+
# ...
|
36
|
+
end
|
37
|
+
|
38
|
+
It is also recommended to uncomment (or add) `config.pepper` with a random
|
39
|
+
string that will be used in addition to the per-user `password_salt` when hashing.
|
40
|
+
|
41
|
+
## Configuring algorithm complexity
|
42
|
+
|
43
|
+
The `config.stretches` option does not affect the calculation complexity. Instead,
|
44
|
+
please adjust the `scrypt` defaults to your liking. Please note that in the test
|
45
|
+
environment you will probably want to reduce complexity if you find your test suite
|
46
|
+
slows down significantly. Please refer to the [SCrypt] gem documentation about SCrypt
|
47
|
+
config options and their effect.
|
48
|
+
|
49
|
+
# Example config:
|
50
|
+
SCrypt::Engine::DEFAULTS[:key_len] = 64
|
51
|
+
SCrypt::Engine::DEFAULTS[:salt_size] = 32
|
52
|
+
|
53
|
+
## [Compatibility][Continuous Integration]
|
54
|
+
|
55
|
+
The [test suite passes against][Continuous Integration] MRI 1.8.7, 1.9.2, 1.9.3, REE,
|
56
|
+
and Rubinius in both 1.8 and 1.9 modes.
|
57
|
+
|
58
|
+
JRuby is not supported because the [SCrypt] gem is a C extension and therefore is
|
59
|
+
incompatible with it.
|
60
|
+
|
61
|
+
## Contributing
|
62
|
+
|
63
|
+
1. Fork it
|
64
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
65
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
66
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
67
|
+
5. Create new Pull Request
|
68
|
+
|
69
|
+
## Copyright
|
70
|
+
|
71
|
+
Copyright (c) 2012 Christoph Olszowka, Capita Unternehmensberatung GmbH
|
72
|
+
|
73
|
+
Released under MIT License. See `LICENSE.txt`
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require "devise/encryptable/encryptors/scrypt/version"
|
5
|
+
|
6
|
+
Gem::Specification.new do |gem|
|
7
|
+
gem.name = "devise-scrypt"
|
8
|
+
gem.version = Devise::Encryptable::Encryptors::SCRYPT_VERSION
|
9
|
+
gem.authors = ["Christoph Olszowka"]
|
10
|
+
gem.email = ["christoph at olszowka de"]
|
11
|
+
gem.description = %q{A devise-encryptable password encryptor that uses SCrypt}
|
12
|
+
gem.summary = %q{A devise-encryptable password encryptor that uses SCrypt}
|
13
|
+
gem.homepage = "https://github.com/capita/devise-scrypt"
|
14
|
+
|
15
|
+
gem.files = `git ls-files`.split($/)
|
16
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
17
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
18
|
+
gem.require_paths = ["lib"]
|
19
|
+
|
20
|
+
gem.add_dependency 'devise', '>= 2.1.0'
|
21
|
+
gem.add_dependency 'devise-encryptable', '>= 0.1.1'
|
22
|
+
gem.add_dependency 'scrypt', '>= 1.1.0'
|
23
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
require 'scrypt'
|
2
|
+
|
3
|
+
module Devise
|
4
|
+
module Encryptable
|
5
|
+
module Encryptors
|
6
|
+
#
|
7
|
+
# An encryptor for Devise passwords that uses the SCrypt algorithm.
|
8
|
+
# You will need the devise-encryptable gem. Then you can switch to
|
9
|
+
# scrypt by setting `config.encryptor = :scrypt` in your devise config.
|
10
|
+
#
|
11
|
+
# Stretches are ignored as SCrypt has different concepts for increasing
|
12
|
+
# calculation complexity.
|
13
|
+
#
|
14
|
+
# As this uses the `scrypt` ruby gem you can configure the complexity
|
15
|
+
# by setting defaults there, like so:
|
16
|
+
#
|
17
|
+
# SCrypt::Engine::DEFAULTS[:key_len] = 128
|
18
|
+
# SCrypt::Engine::DEFAULTS[:salt_size] = 64
|
19
|
+
#
|
20
|
+
# Find out more about SCrypt here:
|
21
|
+
#
|
22
|
+
# * https://github.com/pbhogan/scrypt
|
23
|
+
# * http://www.tarsnap.com/scrypt.html
|
24
|
+
#
|
25
|
+
class Scrypt < Base
|
26
|
+
def self.digest(password, stretches, salt, pepper)
|
27
|
+
SCrypt::Password.create("#{password}#{salt}#{pepper}").to_s
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.compare(encrypted_password, password, stretches, salt, pepper)
|
31
|
+
SCrypt::Password.new(encrypted_password) == "#{password}#{salt}#{pepper}"
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
require 'spec_helper'
|
3
|
+
|
4
|
+
describe Devise::Encryptable::Encryptors::Scrypt do
|
5
|
+
let(:scrypt) { Devise::Encryptable::Encryptors::Scrypt }
|
6
|
+
let(:salt) { 'Salt gathered from the Dead Sea makes an excellent body scrub because of its high mineral content.' }
|
7
|
+
let(:pepper) { 'A Brazilian soccer player is pepper-sprayed after refusing to leave the pitch following a red card.' }
|
8
|
+
let(:password) { 'very!secret' }
|
9
|
+
let(:stretches) { 10 }
|
10
|
+
|
11
|
+
describe ".digest" do
|
12
|
+
let(:digest) { scrypt.digest(password, stretches, salt, pepper) }
|
13
|
+
|
14
|
+
it "builds a scrypt password hash" do
|
15
|
+
expect(SCrypt::Password.new(digest)).to be == "#{password}#{salt}#{pepper}"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
describe ".compare" do
|
20
|
+
let(:encrypted) { SCrypt::Password.create("#{password}#{salt}#{pepper}").to_s }
|
21
|
+
|
22
|
+
it "is true when comparing an encrypted password against given plaintext" do
|
23
|
+
expect(scrypt.compare(encrypted, password, stretches, salt, pepper)).to be_true
|
24
|
+
end
|
25
|
+
|
26
|
+
it "is false when comparing with wrong password" do
|
27
|
+
expect(scrypt.compare(encrypted, 'foobar', stretches, salt, pepper)).to be_false
|
28
|
+
end
|
29
|
+
|
30
|
+
it "is false when comparing with correct password but wrong salt" do
|
31
|
+
expect(scrypt.compare(encrypted, password, stretches, 'nope', pepper)).to be_false
|
32
|
+
end
|
33
|
+
|
34
|
+
it "is false when comparing with correct password but wrong pepper" do
|
35
|
+
expect(scrypt.compare(encrypted, password, stretches, salt, 'nope')).to be_false
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
ADDED
@@ -0,0 +1,117 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: devise-scrypt
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Christoph Olszowka
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-09-27 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: devise
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ! '>='
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: 2.1.0
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ! '>='
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 2.1.0
|
30
|
+
- !ruby/object:Gem::Dependency
|
31
|
+
name: devise-encryptable
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
33
|
+
none: false
|
34
|
+
requirements:
|
35
|
+
- - ! '>='
|
36
|
+
- !ruby/object:Gem::Version
|
37
|
+
version: 0.1.1
|
38
|
+
type: :runtime
|
39
|
+
prerelease: false
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ! '>='
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: 0.1.1
|
46
|
+
- !ruby/object:Gem::Dependency
|
47
|
+
name: scrypt
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
49
|
+
none: false
|
50
|
+
requirements:
|
51
|
+
- - ! '>='
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: 1.1.0
|
54
|
+
type: :runtime
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: 1.1.0
|
62
|
+
description: A devise-encryptable password encryptor that uses SCrypt
|
63
|
+
email:
|
64
|
+
- christoph at olszowka de
|
65
|
+
executables: []
|
66
|
+
extensions: []
|
67
|
+
extra_rdoc_files: []
|
68
|
+
files:
|
69
|
+
- .gitignore
|
70
|
+
- .rspec
|
71
|
+
- .travis.yml
|
72
|
+
- .yardopts
|
73
|
+
- Gemfile
|
74
|
+
- Guardfile
|
75
|
+
- LICENSE.txt
|
76
|
+
- README.md
|
77
|
+
- Rakefile
|
78
|
+
- devise-scrypt.gemspec
|
79
|
+
- lib/devise-scrypt.rb
|
80
|
+
- lib/devise/encryptable/encryptors/scrypt.rb
|
81
|
+
- lib/devise/encryptable/encryptors/scrypt/version.rb
|
82
|
+
- spec/devise-scrypt_spec.rb
|
83
|
+
- spec/spec_helper.rb
|
84
|
+
homepage: https://github.com/capita/devise-scrypt
|
85
|
+
licenses: []
|
86
|
+
post_install_message:
|
87
|
+
rdoc_options: []
|
88
|
+
require_paths:
|
89
|
+
- lib
|
90
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
91
|
+
none: false
|
92
|
+
requirements:
|
93
|
+
- - ! '>='
|
94
|
+
- !ruby/object:Gem::Version
|
95
|
+
version: '0'
|
96
|
+
segments:
|
97
|
+
- 0
|
98
|
+
hash: -4206585064535495370
|
99
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
100
|
+
none: false
|
101
|
+
requirements:
|
102
|
+
- - ! '>='
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
segments:
|
106
|
+
- 0
|
107
|
+
hash: -4206585064535495370
|
108
|
+
requirements: []
|
109
|
+
rubyforge_project:
|
110
|
+
rubygems_version: 1.8.24
|
111
|
+
signing_key:
|
112
|
+
specification_version: 3
|
113
|
+
summary: A devise-encryptable password encryptor that uses SCrypt
|
114
|
+
test_files:
|
115
|
+
- spec/devise-scrypt_spec.rb
|
116
|
+
- spec/spec_helper.rb
|
117
|
+
has_rdoc:
|