scrypt 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 47be4799daf5f3fd84b4d621688dea4c39ccde5b
4
- data.tar.gz: 5bf369b0264bf440229eee7fa05e65227357da68
3
+ metadata.gz: e05230df281722bf8d1b9814cc6220d1bb233969
4
+ data.tar.gz: 86546aa3292d6cc0a090f7d8bf38f11688fa105d
5
5
  SHA512:
6
- metadata.gz: c17413705aeef9517208e2bf83545fa488aa6b8fade35728cbcdf1e4b3f91a513d756db9ae81b4041e69c30c6c21b22484dff1c2530167f0de4e382612986bde
7
- data.tar.gz: 2ccfe62cebda01b2d23a91af9e65cc9b2f64b755c6e602b7612fa43a5448959db9a2ae5b6b2d4529e6e5e5c8a7132830e850c47d85d694d41a24f8d91d73ff93
6
+ metadata.gz: 78116f0fade1bd7389283b1ae897098cb87a10664ac5ddf06adc58be7546f6a71c49e0c962a55f923594584946b8d746653a69a5c1042699ac4c8c84f4d649db
7
+ data.tar.gz: 39f52693cdcbf061be0dffc17d26d33e8f63cf5121300369aaaf05f884e9ad96cef29e2098fc7fd85b0f06edbd0704121139a599a8b2cbc8f4d0d2f4c7b7ccbf
data/README.md CHANGED
@@ -41,6 +41,7 @@ Password.create takes five options which will determine the key length and salt
41
41
  * `:max_time` specifies the maximum number of seconds the computation should take.
42
42
  * `:max_mem` specifies the maximum number of bytes the computation should take. A value of 0 specifies no upper limit. The minimum is always 1 MB.
43
43
  * `:max_memfrac` specifies the maximum memory in a fraction of available resources to use. Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
44
+ * `:cost` specifies a cost string (e.g. `'400$8$19$'`) from the `calibrate` method. The `:max_*` options will be ignored if this option is given, or if `calibrate!` has been called.
44
45
 
45
46
  Default options will result in calculation time of approx. 200 ms with 1 MB memory use.
46
47
 
@@ -57,6 +58,12 @@ salt = SCrypt::Engine.generate_salt
57
58
 
58
59
  SCrypt::Engine.hash_secret "my grand secret", salt
59
60
  # => "400$8$26$b62e0f787a5fc373$0399ccd4fa26642d92741b17c366b7f6bd12ccea5214987af445d2bed97bc6a2"
61
+
62
+ SCrypt::Engine.calibrate!(max_mem: 16 * 1024 * 1024)
63
+ # => "4000$8$4$"
64
+
65
+ SCrypt::Engine.generate_salt
66
+ # => "4000$8$4$c6d101522d3cb045"
60
67
  ```
61
68
 
62
69
  ## Usage in Rails (and the like)
@@ -26,7 +26,8 @@ module SCrypt
26
26
  :salt_size => 8,
27
27
  :max_mem => 1024 * 1024,
28
28
  :max_memfrac => 0.5,
29
- :max_time => 0.2
29
+ :max_time => 0.2,
30
+ :cost => nil
30
31
  }
31
32
 
32
33
  def self.scrypt(secret, salt, *args)
@@ -67,10 +68,14 @@ module SCrypt
67
68
  end
68
69
  end
69
70
 
70
- # Generates a random salt with a given computational cost.
71
+ # Generates a random salt with a given computational cost. Uses a saved
72
+ # cost if SCrypt::Engine.calibrate! has been called.
73
+ #
74
+ # Options:
75
+ # <tt>:cost</tt> is a cost string returned by SCrypt::Engine.calibrate
71
76
  def self.generate_salt(options = {})
72
77
  options = DEFAULTS.merge(options)
73
- cost = calibrate(options)
78
+ cost = options[:cost] || calibrate(options)
74
79
  salt = OpenSSL::Random.random_bytes(options[:salt_size]).unpack('H*').first.rjust(16,'0')
75
80
  if salt.length == 40
76
81
  #If salt is 40 characters, the regexp will think that it is an old-style hash, so add a '0'.
@@ -110,6 +115,12 @@ module SCrypt
110
115
  options = DEFAULTS.merge(options)
111
116
  "%x$%x$%x$" % __sc_calibrate(options[:max_mem], options[:max_memfrac], options[:max_time])
112
117
  end
118
+
119
+ # Calls SCrypt::Engine.calibrate and saves the cost string for future calls to
120
+ # SCrypt::Engine.generate_salt.
121
+ def self.calibrate!(options = {})
122
+ DEFAULTS[:cost] = calibrate(options)
123
+ end
113
124
 
114
125
  # Computes the memory use of the given +cost+
115
126
  def self.memory_use(cost)
@@ -1,3 +1,3 @@
1
1
  module SCrypt
2
- VERSION = "2.0.0"
2
+ VERSION = "2.0.1"
3
3
  end
@@ -16,6 +16,15 @@ describe "Generating SCrypt salts" do
16
16
  it "should produce random data" do
17
17
  SCrypt::Engine.generate_salt.should_not equal(SCrypt::Engine.generate_salt)
18
18
  end
19
+
20
+ it "should used the saved cost factor" do
21
+ # Verify cost is different before saving
22
+ cost = SCrypt::Engine.calibrate(:max_time => 0.01)
23
+ SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024).should_not start_with(cost)
24
+
25
+ cost = SCrypt::Engine.calibrate!(:max_time => 0.01)
26
+ SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024).should start_with(cost)
27
+ end
19
28
  end
20
29
 
21
30
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: scrypt
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Patrick Hogan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-09-24 00:00:00.000000000 Z
11
+ date: 2015-06-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi-compiler
@@ -136,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
136
136
  version: '0'
137
137
  requirements: []
138
138
  rubyforge_project: scrypt
139
- rubygems_version: 2.2.2
139
+ rubygems_version: 2.4.5
140
140
  signing_key:
141
141
  specification_version: 4
142
142
  summary: scrypt password hashing algorithm.