scrypt 2.0.0 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/scrypt.rb +14 -3
- data/lib/scrypt/version.rb +1 -1
- data/spec/scrypt/engine_spec.rb +9 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e05230df281722bf8d1b9814cc6220d1bb233969
|
|
4
|
+
data.tar.gz: 86546aa3292d6cc0a090f7d8bf38f11688fa105d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 78116f0fade1bd7389283b1ae897098cb87a10664ac5ddf06adc58be7546f6a71c49e0c962a55f923594584946b8d746653a69a5c1042699ac4c8c84f4d649db
|
|
7
|
+
data.tar.gz: 39f52693cdcbf061be0dffc17d26d33e8f63cf5121300369aaaf05f884e9ad96cef29e2098fc7fd85b0f06edbd0704121139a599a8b2cbc8f4d0d2f4c7b7ccbf
|
data/README.md
CHANGED
|
@@ -41,6 +41,7 @@ Password.create takes five options which will determine the key length and salt
|
|
|
41
41
|
* `:max_time` specifies the maximum number of seconds the computation should take.
|
|
42
42
|
* `:max_mem` specifies the maximum number of bytes the computation should take. A value of 0 specifies no upper limit. The minimum is always 1 MB.
|
|
43
43
|
* `:max_memfrac` specifies the maximum memory in a fraction of available resources to use. Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
|
|
44
|
+
* `:cost` specifies a cost string (e.g. `'400$8$19$'`) from the `calibrate` method. The `:max_*` options will be ignored if this option is given, or if `calibrate!` has been called.
|
|
44
45
|
|
|
45
46
|
Default options will result in calculation time of approx. 200 ms with 1 MB memory use.
|
|
46
47
|
|
|
@@ -57,6 +58,12 @@ salt = SCrypt::Engine.generate_salt
|
|
|
57
58
|
|
|
58
59
|
SCrypt::Engine.hash_secret "my grand secret", salt
|
|
59
60
|
# => "400$8$26$b62e0f787a5fc373$0399ccd4fa26642d92741b17c366b7f6bd12ccea5214987af445d2bed97bc6a2"
|
|
61
|
+
|
|
62
|
+
SCrypt::Engine.calibrate!(max_mem: 16 * 1024 * 1024)
|
|
63
|
+
# => "4000$8$4$"
|
|
64
|
+
|
|
65
|
+
SCrypt::Engine.generate_salt
|
|
66
|
+
# => "4000$8$4$c6d101522d3cb045"
|
|
60
67
|
```
|
|
61
68
|
|
|
62
69
|
## Usage in Rails (and the like)
|
data/lib/scrypt.rb
CHANGED
|
@@ -26,7 +26,8 @@ module SCrypt
|
|
|
26
26
|
:salt_size => 8,
|
|
27
27
|
:max_mem => 1024 * 1024,
|
|
28
28
|
:max_memfrac => 0.5,
|
|
29
|
-
:max_time => 0.2
|
|
29
|
+
:max_time => 0.2,
|
|
30
|
+
:cost => nil
|
|
30
31
|
}
|
|
31
32
|
|
|
32
33
|
def self.scrypt(secret, salt, *args)
|
|
@@ -67,10 +68,14 @@ module SCrypt
|
|
|
67
68
|
end
|
|
68
69
|
end
|
|
69
70
|
|
|
70
|
-
# Generates a random salt with a given computational cost.
|
|
71
|
+
# Generates a random salt with a given computational cost. Uses a saved
|
|
72
|
+
# cost if SCrypt::Engine.calibrate! has been called.
|
|
73
|
+
#
|
|
74
|
+
# Options:
|
|
75
|
+
# <tt>:cost</tt> is a cost string returned by SCrypt::Engine.calibrate
|
|
71
76
|
def self.generate_salt(options = {})
|
|
72
77
|
options = DEFAULTS.merge(options)
|
|
73
|
-
cost = calibrate(options)
|
|
78
|
+
cost = options[:cost] || calibrate(options)
|
|
74
79
|
salt = OpenSSL::Random.random_bytes(options[:salt_size]).unpack('H*').first.rjust(16,'0')
|
|
75
80
|
if salt.length == 40
|
|
76
81
|
#If salt is 40 characters, the regexp will think that it is an old-style hash, so add a '0'.
|
|
@@ -110,6 +115,12 @@ module SCrypt
|
|
|
110
115
|
options = DEFAULTS.merge(options)
|
|
111
116
|
"%x$%x$%x$" % __sc_calibrate(options[:max_mem], options[:max_memfrac], options[:max_time])
|
|
112
117
|
end
|
|
118
|
+
|
|
119
|
+
# Calls SCrypt::Engine.calibrate and saves the cost string for future calls to
|
|
120
|
+
# SCrypt::Engine.generate_salt.
|
|
121
|
+
def self.calibrate!(options = {})
|
|
122
|
+
DEFAULTS[:cost] = calibrate(options)
|
|
123
|
+
end
|
|
113
124
|
|
|
114
125
|
# Computes the memory use of the given +cost+
|
|
115
126
|
def self.memory_use(cost)
|
data/lib/scrypt/version.rb
CHANGED
data/spec/scrypt/engine_spec.rb
CHANGED
|
@@ -16,6 +16,15 @@ describe "Generating SCrypt salts" do
|
|
|
16
16
|
it "should produce random data" do
|
|
17
17
|
SCrypt::Engine.generate_salt.should_not equal(SCrypt::Engine.generate_salt)
|
|
18
18
|
end
|
|
19
|
+
|
|
20
|
+
it "should used the saved cost factor" do
|
|
21
|
+
# Verify cost is different before saving
|
|
22
|
+
cost = SCrypt::Engine.calibrate(:max_time => 0.01)
|
|
23
|
+
SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024).should_not start_with(cost)
|
|
24
|
+
|
|
25
|
+
cost = SCrypt::Engine.calibrate!(:max_time => 0.01)
|
|
26
|
+
SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024).should start_with(cost)
|
|
27
|
+
end
|
|
19
28
|
end
|
|
20
29
|
|
|
21
30
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: scrypt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Patrick Hogan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-06-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi-compiler
|
|
@@ -136,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
136
136
|
version: '0'
|
|
137
137
|
requirements: []
|
|
138
138
|
rubyforge_project: scrypt
|
|
139
|
-
rubygems_version: 2.
|
|
139
|
+
rubygems_version: 2.4.5
|
|
140
140
|
signing_key:
|
|
141
141
|
specification_version: 4
|
|
142
142
|
summary: scrypt password hashing algorithm.
|