scrypt 2.0.0 → 2.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/scrypt.rb +14 -3
- data/lib/scrypt/version.rb +1 -1
- data/spec/scrypt/engine_spec.rb +9 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e05230df281722bf8d1b9814cc6220d1bb233969
|
|
4
|
+
data.tar.gz: 86546aa3292d6cc0a090f7d8bf38f11688fa105d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 78116f0fade1bd7389283b1ae897098cb87a10664ac5ddf06adc58be7546f6a71c49e0c962a55f923594584946b8d746653a69a5c1042699ac4c8c84f4d649db
|
|
7
|
+
data.tar.gz: 39f52693cdcbf061be0dffc17d26d33e8f63cf5121300369aaaf05f884e9ad96cef29e2098fc7fd85b0f06edbd0704121139a599a8b2cbc8f4d0d2f4c7b7ccbf
|
data/README.md
CHANGED
|
@@ -41,6 +41,7 @@ Password.create takes five options which will determine the key length and salt
|
|
|
41
41
|
* `:max_time` specifies the maximum number of seconds the computation should take.
|
|
42
42
|
* `:max_mem` specifies the maximum number of bytes the computation should take. A value of 0 specifies no upper limit. The minimum is always 1 MB.
|
|
43
43
|
* `:max_memfrac` specifies the maximum memory in a fraction of available resources to use. Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
|
|
44
|
+
* `:cost` specifies a cost string (e.g. `'400$8$19$'`) from the `calibrate` method. The `:max_*` options will be ignored if this option is given, or if `calibrate!` has been called.
|
|
44
45
|
|
|
45
46
|
Default options will result in calculation time of approx. 200 ms with 1 MB memory use.
|
|
46
47
|
|
|
@@ -57,6 +58,12 @@ salt = SCrypt::Engine.generate_salt
|
|
|
57
58
|
|
|
58
59
|
SCrypt::Engine.hash_secret "my grand secret", salt
|
|
59
60
|
# => "400$8$26$b62e0f787a5fc373$0399ccd4fa26642d92741b17c366b7f6bd12ccea5214987af445d2bed97bc6a2"
|
|
61
|
+
|
|
62
|
+
SCrypt::Engine.calibrate!(max_mem: 16 * 1024 * 1024)
|
|
63
|
+
# => "4000$8$4$"
|
|
64
|
+
|
|
65
|
+
SCrypt::Engine.generate_salt
|
|
66
|
+
# => "4000$8$4$c6d101522d3cb045"
|
|
60
67
|
```
|
|
61
68
|
|
|
62
69
|
## Usage in Rails (and the like)
|
data/lib/scrypt.rb
CHANGED
|
@@ -26,7 +26,8 @@ module SCrypt
|
|
|
26
26
|
:salt_size => 8,
|
|
27
27
|
:max_mem => 1024 * 1024,
|
|
28
28
|
:max_memfrac => 0.5,
|
|
29
|
-
:max_time => 0.2
|
|
29
|
+
:max_time => 0.2,
|
|
30
|
+
:cost => nil
|
|
30
31
|
}
|
|
31
32
|
|
|
32
33
|
def self.scrypt(secret, salt, *args)
|
|
@@ -67,10 +68,14 @@ module SCrypt
|
|
|
67
68
|
end
|
|
68
69
|
end
|
|
69
70
|
|
|
70
|
-
# Generates a random salt with a given computational cost.
|
|
71
|
+
# Generates a random salt with a given computational cost. Uses a saved
|
|
72
|
+
# cost if SCrypt::Engine.calibrate! has been called.
|
|
73
|
+
#
|
|
74
|
+
# Options:
|
|
75
|
+
# <tt>:cost</tt> is a cost string returned by SCrypt::Engine.calibrate
|
|
71
76
|
def self.generate_salt(options = {})
|
|
72
77
|
options = DEFAULTS.merge(options)
|
|
73
|
-
cost = calibrate(options)
|
|
78
|
+
cost = options[:cost] || calibrate(options)
|
|
74
79
|
salt = OpenSSL::Random.random_bytes(options[:salt_size]).unpack('H*').first.rjust(16,'0')
|
|
75
80
|
if salt.length == 40
|
|
76
81
|
#If salt is 40 characters, the regexp will think that it is an old-style hash, so add a '0'.
|
|
@@ -110,6 +115,12 @@ module SCrypt
|
|
|
110
115
|
options = DEFAULTS.merge(options)
|
|
111
116
|
"%x$%x$%x$" % __sc_calibrate(options[:max_mem], options[:max_memfrac], options[:max_time])
|
|
112
117
|
end
|
|
118
|
+
|
|
119
|
+
# Calls SCrypt::Engine.calibrate and saves the cost string for future calls to
|
|
120
|
+
# SCrypt::Engine.generate_salt.
|
|
121
|
+
def self.calibrate!(options = {})
|
|
122
|
+
DEFAULTS[:cost] = calibrate(options)
|
|
123
|
+
end
|
|
113
124
|
|
|
114
125
|
# Computes the memory use of the given +cost+
|
|
115
126
|
def self.memory_use(cost)
|
data/lib/scrypt/version.rb
CHANGED
data/spec/scrypt/engine_spec.rb
CHANGED
|
@@ -16,6 +16,15 @@ describe "Generating SCrypt salts" do
|
|
|
16
16
|
it "should produce random data" do
|
|
17
17
|
SCrypt::Engine.generate_salt.should_not equal(SCrypt::Engine.generate_salt)
|
|
18
18
|
end
|
|
19
|
+
|
|
20
|
+
it "should used the saved cost factor" do
|
|
21
|
+
# Verify cost is different before saving
|
|
22
|
+
cost = SCrypt::Engine.calibrate(:max_time => 0.01)
|
|
23
|
+
SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024).should_not start_with(cost)
|
|
24
|
+
|
|
25
|
+
cost = SCrypt::Engine.calibrate!(:max_time => 0.01)
|
|
26
|
+
SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024).should start_with(cost)
|
|
27
|
+
end
|
|
19
28
|
end
|
|
20
29
|
|
|
21
30
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: scrypt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Patrick Hogan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-06-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi-compiler
|
|
@@ -136,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
136
136
|
version: '0'
|
|
137
137
|
requirements: []
|
|
138
138
|
rubyforge_project: scrypt
|
|
139
|
-
rubygems_version: 2.
|
|
139
|
+
rubygems_version: 2.4.5
|
|
140
140
|
signing_key:
|
|
141
141
|
specification_version: 4
|
|
142
142
|
summary: scrypt password hashing algorithm.
|