devise-scrypt 1.0.0

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format documentation

data/.travis.yml

@@ -0,0 +1,18 @@
+script:
+  - bundle
+  - bundle exec rspec
+rvm:
+  - ree
+  - 1.8.7
+  - 1.9.2
+  - 1.9.3
+  - ruby-head
+  - rbx-18mode
+  - rbx-19mode
+matrix:
+  allow_failures:
+    - rvm: ruby-head
+notifications:
+  email:
+    on_success: always
+    on_failure: always

data/.yardopts

@@ -0,0 +1 @@
+--markup markdown --readme README.md --title "Devise::Encryptable::Encryptors::Scrypt"

data/Gemfile

@@ -0,0 +1,17 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in gvoe_auth-client.gemspec
+gemspec
+
+gem 'rspec', '>= 2.11.0'
+gem 'simplecov'
+
+gem 'yard'
+
+gem 'guard-rspec'
+gem 'guard-bundler'
+# FS Event watching libraries for guard
+# inotify for Linux
+gem 'rb-inotify', :require => false
+# rb-fsevent for OS X
+gem 'rb-fsevent', '~> 0.9.1', :require => false

data/Guardfile

@@ -0,0 +1,13 @@
+# A sample Guardfile
+# More info at https://github.com/guard/guard#readme
+
+guard 'bundler' do
+  watch('Gemfile')
+  watch(/^.+\.gemspec/)
+end
+
+guard 'rspec', :version => 2 do
+  # Anything changes, run all specs!
+  watch(%r{^.+\.rb$}) { 'spec' }
+end
+

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Christoph Olszowka, Capita Unternehmensberatung GmbH
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,73 @@
+devise-scrypt [![Build Status](https://secure.travis-ci.org/capita/devise-scrypt.png)][Continuous Integration]
+=============
+
+**A [devise-encryptable] password encryptor that uses [SCrypt]**
+
+  * [Source Code]
+  * [API documentation]
+  * [Rubygem]
+  * [Continuous Integration]
+
+[Source Code]: https://github.com/capita/devise-scrypt "Source Code @ GitHub"
+[API documentation]: http://rubydoc.info/gems/devise-scrypt/frames "API Documentation at Rubydoc.info"
+[Rubygem]: http://rubygems.org/gems/devise-scrypt "Rubygem @ rubygems.org"
+[Continuous Integration]: http://travis-ci.org/capita/devise-scrypt "Continuous integration @ travis-ci.org"
+
+[SCrypt]: https://github.com/pbhogan/scrypt "scrypt rubygem"
+[devise]: https://github.com/plataformatec/devise "devise rubygem"
+[devise-encryptable]: https://github.com/plataformatec/devise-encryptable "devise-encryptable plugin"
+
+
+## Usage
+
+Assuming you have [devise] (>= 2.1) and the [devise-encryptable] plugin
+set up in your application, add `devise-scrypt` to your `Gemfile` and `bundle`:
+
+    gem 'devise-scrypt'
+
+Then open up your [devise] configuration, which supposedly lives at
+`config/initializers/devise.rb` and configure your encryptor to be `scrypt`:
+
+    # config/initializers/devise.rb
+    Devise.setup do |config|
+      # ..
+      config.encryptor = :scrypt
+      # ...
+    end
+
+It is also recommended to uncomment (or add) `config.pepper` with a random
+string that will be used in addition to the per-user `password_salt` when hashing.
+
+## Configuring algorithm complexity
+
+The `config.stretches` option does not affect the calculation complexity. Instead,
+please adjust the `scrypt` defaults to your liking. Please note that in the test
+environment you will probably want to reduce complexity if you find your test suite
+slows down significantly. Please refer to the [SCrypt] gem documentation about SCrypt
+config options and their effect.
+
+    # Example config:
+    SCrypt::Engine::DEFAULTS[:key_len] = 64
+    SCrypt::Engine::DEFAULTS[:salt_size] = 32
+
+## [Compatibility][Continuous Integration]
+
+The [test suite passes against][Continuous Integration] MRI 1.8.7, 1.9.2, 1.9.3, REE,
+and Rubinius in both 1.8 and 1.9 modes.
+
+JRuby is not supported because the [SCrypt] gem is a C extension and therefore is
+incompatible with it.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+## Copyright
+
+Copyright (c) 2012 Christoph Olszowka, Capita Unternehmensberatung GmbH
+
+Released under MIT License. See `LICENSE.txt`

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/devise-scrypt.gemspec

@@ -0,0 +1,23 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "devise/encryptable/encryptors/scrypt/version"
+
+Gem::Specification.new do |gem|
+  gem.name          = "devise-scrypt"
+  gem.version       = Devise::Encryptable::Encryptors::SCRYPT_VERSION
+  gem.authors       = ["Christoph Olszowka"]
+  gem.email         = ["christoph at olszowka de"]
+  gem.description   = %q{A devise-encryptable password encryptor that uses SCrypt}
+  gem.summary       = %q{A devise-encryptable password encryptor that uses SCrypt}
+  gem.homepage      = "https://github.com/capita/devise-scrypt"
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency 'devise', '>= 2.1.0'
+  gem.add_dependency 'devise-encryptable', '>= 0.1.1'
+  gem.add_dependency 'scrypt', '>= 1.1.0'
+end

data/lib/devise-scrypt.rb

@@ -0,0 +1,4 @@
+require 'devise'
+require 'devise-encryptable'
+require "devise/encryptable/encryptors/scrypt/version"
+require "devise/encryptable/encryptors/scrypt"

data/lib/devise/encryptable/encryptors/scrypt.rb

@@ -0,0 +1,36 @@
+require 'scrypt'
+
+module Devise
+  module Encryptable
+    module Encryptors
+      #
+      # An encryptor for Devise passwords that uses the SCrypt algorithm.
+      # You will need the devise-encryptable gem. Then you can switch to
+      # scrypt by setting `config.encryptor = :scrypt` in your devise config.
+      #
+      # Stretches are ignored as SCrypt has different concepts for increasing
+      # calculation complexity.
+      #
+      # As this uses the `scrypt` ruby gem you can configure the complexity
+      # by setting defaults there, like so:
+      #
+      #     SCrypt::Engine::DEFAULTS[:key_len] = 128
+      #     SCrypt::Engine::DEFAULTS[:salt_size] = 64
+      #
+      # Find out more about SCrypt here:
+      #
+      #   * https://github.com/pbhogan/scrypt
+      #   * http://www.tarsnap.com/scrypt.html
+      #
+      class Scrypt < Base
+        def self.digest(password, stretches, salt, pepper)
+          SCrypt::Password.create("#{password}#{salt}#{pepper}").to_s
+        end
+
+        def self.compare(encrypted_password, password, stretches, salt, pepper)
+          SCrypt::Password.new(encrypted_password) == "#{password}#{salt}#{pepper}"
+        end
+      end
+    end
+  end
+end

data/lib/devise/encryptable/encryptors/scrypt/version.rb

@@ -0,0 +1,7 @@
+module Devise
+  module Encryptable
+    module Encryptors
+      SCRYPT_VERSION = '1.0.0'
+    end
+  end
+end

data/spec/devise-scrypt_spec.rb

@@ -0,0 +1,39 @@
+# encoding: utf-8
+require 'spec_helper'
+
+describe Devise::Encryptable::Encryptors::Scrypt do
+  let(:scrypt)    { Devise::Encryptable::Encryptors::Scrypt }
+  let(:salt)      { 'Salt gathered from the Dead Sea makes an excellent body scrub because of its high mineral content.' }
+  let(:pepper)    { 'A Brazilian soccer player is pepper-sprayed after refusing to leave the pitch following a red card.' }
+  let(:password)  { 'very!secret' }
+  let(:stretches) { 10 }
+
+  describe ".digest" do
+    let(:digest) { scrypt.digest(password, stretches, salt, pepper) }
+
+    it "builds a scrypt password hash" do
+      expect(SCrypt::Password.new(digest)).to be == "#{password}#{salt}#{pepper}"
+    end
+  end
+
+  describe ".compare" do
+    let(:encrypted) { SCrypt::Password.create("#{password}#{salt}#{pepper}").to_s }
+
+    it "is true when comparing an encrypted password against given plaintext" do
+      expect(scrypt.compare(encrypted, password, stretches, salt, pepper)).to be_true
+    end
+
+    it "is false when comparing with wrong password" do
+      expect(scrypt.compare(encrypted, 'foobar', stretches, salt, pepper)).to be_false
+    end
+
+    it "is false when comparing with correct password but wrong salt" do
+      expect(scrypt.compare(encrypted, password, stretches, 'nope', pepper)).to be_false
+    end
+
+    it "is false when comparing with correct password but wrong pepper" do
+      expect(scrypt.compare(encrypted, password, stretches, salt, 'nope')).to be_false
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+require 'rubygems'
+require 'simplecov'
+SimpleCov.start
+require 'bundler/setup'
+require 'devise-scrypt'
+
+RSpec.configure do |config|
+end

metadata

@@ -0,0 +1,117 @@
+--- !ruby/object:Gem::Specification
+name: devise-scrypt
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+  prerelease: 
+platform: ruby
+authors:
+- Christoph Olszowka
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-09-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+- !ruby/object:Gem::Dependency
+  name: devise-encryptable
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+- !ruby/object:Gem::Dependency
+  name: scrypt
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+description: A devise-encryptable password encryptor that uses SCrypt
+email:
+- christoph at olszowka de
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .travis.yml
+- .yardopts
+- Gemfile
+- Guardfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- devise-scrypt.gemspec
+- lib/devise-scrypt.rb
+- lib/devise/encryptable/encryptors/scrypt.rb
+- lib/devise/encryptable/encryptors/scrypt/version.rb
+- spec/devise-scrypt_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/capita/devise-scrypt
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -4206585064535495370
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -4206585064535495370
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: A devise-encryptable password encryptor that uses SCrypt
+test_files:
+- spec/devise-scrypt_spec.rb
+- spec/spec_helper.rb
+has_rdoc: