scrypt 2.0.2 → 2.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +2 -2
- data.tar.gz.sig +0 -0
- data/README.md +2 -2
- data/lib/scrypt.rb +4 -3
- data/lib/scrypt/security_utils.rb +23 -0
- data/lib/scrypt/version.rb +1 -1
- data/spec/scrypt/engine_spec.rb +21 -21
- data/spec/scrypt/password_spec.rb +25 -25
- data/spec/scrypt/utils_spec.rb +12 -0
- metadata +5 -2
- metadata.gz.sig +4 -2
    
        checksums.yaml
    CHANGED
    
    | @@ -1,7 +1,7 @@ | |
| 1 1 | 
             
            ---
         | 
| 2 2 | 
             
            SHA1:
         | 
| 3 | 
            -
              metadata.gz:  | 
| 4 | 
            -
              data.tar.gz:  | 
| 3 | 
            +
              metadata.gz: 97e4aa9bd943a970d5809dec76392d57b80b86ab
         | 
| 4 | 
            +
              data.tar.gz: d4ed6d6695db090fa341ffaae1f050d0d0ff6301
         | 
| 5 5 | 
             
            SHA512:
         | 
| 6 | 
            -
              metadata.gz:  | 
| 7 | 
            -
              data.tar.gz:  | 
| 6 | 
            +
              metadata.gz: e73b9d972111d155c7b75e8f84317a8dfa6995f6103be3c03e8c430feead8694c41cc96dfbc12ce5234e34916c7f7261abd5658c7428eca0236d68b3feb0bfab
         | 
| 7 | 
            +
              data.tar.gz: fd8b8d3934186ae12ed492e14e66b078e5c3e56c44960e15cb5c197f76fc909671bbbc2c69e826f62c3b887bee6ecfa958f3fe8a8fb6662b52ffd3f1380e1796
         | 
    
        checksums.yaml.gz.sig
    CHANGED
    
    | @@ -1,2 +1,2 @@ | |
| 1 | 
            -
             | 
| 2 | 
            -
             | 
| 1 | 
            +
            �ԸR؎��R�(id{��dj���J�*3ylZw�~g��N�$�p(G�ƪ����o7������vs5�X�Q��0P�$�	�\E���p�!h�ʹ
         | 
| 2 | 
            +
            �''�r���!4��eE��|��K`��t������X��H�J:�����it:1���i��w�kP2�#����[vc��6�,9�>lcQ����2g�/�	ݰUP�����9��.�Q�b�,�2Y.R�h��]���sC�6f�e�����u7�h�h�Ϣ��
         | 
    
        data.tar.gz.sig
    CHANGED
    
    | Binary file | 
    
        data/README.md
    CHANGED
    
    | @@ -37,13 +37,13 @@ password == "a paltry guess"  # => false | |
| 37 37 | 
             
            Password.create takes five options which will determine the key length and salt size, as well as the cost limits of the computation:
         | 
| 38 38 |  | 
| 39 39 | 
             
            * `:key_len` specifies the length in bytes of the key you want to generate. The default is 32 bytes (256 bits). Minimum is 16 bytes (128 bits). Maximum is 512 bytes (4096 bits).
         | 
| 40 | 
            -
            * `:salt_size` specifies the size in bytes of the random salt you want to generate. The default and  | 
| 40 | 
            +
            * `:salt_size` specifies the size in bytes of the random salt you want to generate. The default and maximum is 32 bytes (256 bits). Minimum is 8 bytes (64 bits).
         | 
| 41 41 | 
             
            * `:max_time` specifies the maximum number of seconds the computation should take.
         | 
| 42 42 | 
             
            * `:max_mem` specifies the maximum number of bytes the computation should take. A value of 0 specifies no upper limit. The minimum is always 1 MB.
         | 
| 43 43 | 
             
            * `:max_memfrac` specifies the maximum memory in a fraction of available resources to use. Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
         | 
| 44 44 | 
             
            * `:cost` specifies a cost string (e.g. `'400$8$19$'`) from the `calibrate` method.  The `:max_*` options will be ignored if this option is given, or if `calibrate!` has been called.
         | 
| 45 45 |  | 
| 46 | 
            -
            Default options will result in calculation time of approx. 200 ms with  | 
| 46 | 
            +
            Default options will result in calculation time of approx. 200 ms with 16 MB memory use.
         | 
| 47 47 |  | 
| 48 48 | 
             
            ## Other things you can do
         | 
| 49 49 |  | 
    
        data/lib/scrypt.rb
    CHANGED
    
    | @@ -1,6 +1,7 @@ | |
| 1 1 | 
             
            # A wrapper for the scrypt algorithm.
         | 
| 2 2 |  | 
| 3 3 | 
             
            require "scrypt/scrypt_ext"
         | 
| 4 | 
            +
            require "scrypt/security_utils"
         | 
| 4 5 | 
             
            require "openssl"
         | 
| 5 6 | 
             
            require "scanf"
         | 
| 6 7 | 
             
            require "ffi"
         | 
| @@ -23,8 +24,8 @@ module SCrypt | |
| 23 24 | 
             
              class Engine
         | 
| 24 25 | 
             
                DEFAULTS = {
         | 
| 25 26 | 
             
                  :key_len     => 32,
         | 
| 26 | 
            -
                  :salt_size   =>  | 
| 27 | 
            -
                  :max_mem     => 1024 * 1024,
         | 
| 27 | 
            +
                  :salt_size   => 32,
         | 
| 28 | 
            +
                  :max_mem     => 16 * 1024 * 1024,
         | 
| 28 29 | 
             
                  :max_memfrac => 0.5,
         | 
| 29 30 | 
             
                  :max_time    => 0.2,
         | 
| 30 31 | 
             
                  :cost        => nil
         | 
| @@ -246,7 +247,7 @@ module SCrypt | |
| 246 247 |  | 
| 247 248 | 
             
                # Compares a potential secret against the hash. Returns true if the secret is the original secret, false otherwise.
         | 
| 248 249 | 
             
                def ==(secret)
         | 
| 249 | 
            -
                   | 
| 250 | 
            +
                  SecurityUtils.secure_compare(self, SCrypt::Engine.hash_secret(secret, @cost + @salt, self.digest.length / 2))
         | 
| 250 251 | 
             
                end
         | 
| 251 252 | 
             
                alias_method :is_password?, :==
         | 
| 252 253 |  | 
| @@ -0,0 +1,23 @@ | |
| 1 | 
            +
            # NOTE:: a verbatim copy of https://github.com/rails/rails/blob/c8c660002f4b0e9606de96325f20b95248b6ff2d/activesupport/lib/active_support/security_utils.rb
         | 
| 2 | 
            +
            # Please see the Rails license: https://github.com/rails/rails/blob/master/activesupport/MIT-LICENSE
         | 
| 3 | 
            +
             | 
| 4 | 
            +
            module SCrypt
         | 
| 5 | 
            +
              module SecurityUtils
         | 
| 6 | 
            +
                # Constant time string comparison.
         | 
| 7 | 
            +
                #
         | 
| 8 | 
            +
                # The values compared should be of fixed length, such as strings
         | 
| 9 | 
            +
                # that have already been processed by HMAC. This should not be used
         | 
| 10 | 
            +
                # on variable length plaintext strings because it could leak length info
         | 
| 11 | 
            +
                # via timing attacks.
         | 
| 12 | 
            +
                def secure_compare(a, b)
         | 
| 13 | 
            +
                  return false unless a.bytesize == b.bytesize
         | 
| 14 | 
            +
             | 
| 15 | 
            +
                  l = a.unpack "C#{a.bytesize}"
         | 
| 16 | 
            +
             | 
| 17 | 
            +
                  res = 0
         | 
| 18 | 
            +
                  b.each_byte { |byte| res |= byte ^ l.shift }
         | 
| 19 | 
            +
                  res == 0
         | 
| 20 | 
            +
                end
         | 
| 21 | 
            +
                module_function :secure_compare
         | 
| 22 | 
            +
              end
         | 
| 23 | 
            +
            end
         | 
    
        data/lib/scrypt/version.rb
    CHANGED
    
    
    
        data/spec/scrypt/engine_spec.rb
    CHANGED
    
    | @@ -3,34 +3,34 @@ require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper")) | |
| 3 3 | 
             
            describe "The SCrypt engine" do
         | 
| 4 4 | 
             
              it "should calculate a valid cost factor" do
         | 
| 5 5 | 
             
                first = SCrypt::Engine.calibrate(:max_time => 0.2)
         | 
| 6 | 
            -
                SCrypt::Engine.valid_cost?(first). | 
| 6 | 
            +
                expect(SCrypt::Engine.valid_cost?(first)).to equal(true)
         | 
| 7 7 | 
             
              end
         | 
| 8 8 | 
             
            end
         | 
| 9 9 |  | 
| 10 10 |  | 
| 11 11 | 
             
            describe "Generating SCrypt salts" do
         | 
| 12 12 | 
             
              it "should produce strings" do
         | 
| 13 | 
            -
                SCrypt::Engine.generate_salt. | 
| 13 | 
            +
                expect(SCrypt::Engine.generate_salt).to be_an_instance_of(String)
         | 
| 14 14 | 
             
              end
         | 
| 15 15 |  | 
| 16 16 | 
             
              it "should produce random data" do
         | 
| 17 | 
            -
                SCrypt::Engine.generate_salt. | 
| 17 | 
            +
                expect(SCrypt::Engine.generate_salt).not_to equal(SCrypt::Engine.generate_salt)
         | 
| 18 18 | 
             
              end
         | 
| 19 19 |  | 
| 20 20 | 
             
              it "should used the saved cost factor" do
         | 
| 21 21 | 
             
                # Verify cost is different before saving
         | 
| 22 22 | 
             
                cost = SCrypt::Engine.calibrate(:max_time => 0.01)
         | 
| 23 | 
            -
                SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024). | 
| 23 | 
            +
                expect(SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024)).not_to start_with(cost)
         | 
| 24 24 |  | 
| 25 25 | 
             
                cost = SCrypt::Engine.calibrate!(:max_time => 0.01)
         | 
| 26 | 
            -
                SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024). | 
| 26 | 
            +
                expect(SCrypt::Engine.generate_salt(:max_time => 30, :max_mem => 64*1024*1024)).to start_with(cost)
         | 
| 27 27 | 
             
              end
         | 
| 28 28 | 
             
            end
         | 
| 29 29 |  | 
| 30 30 |  | 
| 31 31 | 
             
            describe "Autodetecting of salt cost" do
         | 
| 32 32 | 
             
              it "should work" do
         | 
| 33 | 
            -
                SCrypt::Engine.autodetect_cost("2a$08$c3$randomjunkgoeshere"). | 
| 33 | 
            +
                expect(SCrypt::Engine.autodetect_cost("2a$08$c3$randomjunkgoeshere")).to eq("2a$08$c3$")
         | 
| 34 34 | 
             
              end
         | 
| 35 35 | 
             
            end
         | 
| 36 36 |  | 
| @@ -42,41 +42,41 @@ describe "Generating SCrypt hashes" do | |
| 42 42 | 
             
              end
         | 
| 43 43 |  | 
| 44 44 | 
             
              before :each do
         | 
| 45 | 
            -
                @salt = SCrypt::Engine.generate_salt | 
| 45 | 
            +
                @salt = SCrypt::Engine.generate_salt
         | 
| 46 46 | 
             
                @password = "woo"
         | 
| 47 47 | 
             
              end
         | 
| 48 48 |  | 
| 49 49 | 
             
              it "should produce a string" do
         | 
| 50 | 
            -
                SCrypt::Engine.hash_secret(@password, @salt). | 
| 50 | 
            +
                expect(SCrypt::Engine.hash_secret(@password, @salt)).to be_an_instance_of(String)
         | 
| 51 51 | 
             
              end
         | 
| 52 52 |  | 
| 53 53 | 
             
              it "should raise an InvalidSalt error if the salt is invalid" do
         | 
| 54 | 
            -
                lambda { SCrypt::Engine.hash_secret(@password, 'nino') }. | 
| 54 | 
            +
                expect(lambda { SCrypt::Engine.hash_secret(@password, 'nino') }).to raise_error(SCrypt::Errors::InvalidSalt)
         | 
| 55 55 | 
             
              end
         | 
| 56 56 |  | 
| 57 57 | 
             
              it "should raise an InvalidSecret error if the secret is invalid" do
         | 
| 58 | 
            -
                lambda { SCrypt::Engine.hash_secret(MyInvalidSecret.new, @salt) }. | 
| 59 | 
            -
                lambda { SCrypt::Engine.hash_secret(nil, @salt) }. | 
| 60 | 
            -
                lambda { SCrypt::Engine.hash_secret(false, @salt) }. | 
| 58 | 
            +
                expect(lambda { SCrypt::Engine.hash_secret(MyInvalidSecret.new, @salt) }).to raise_error(SCrypt::Errors::InvalidSecret)
         | 
| 59 | 
            +
                expect(lambda { SCrypt::Engine.hash_secret(nil, @salt) }).to_not raise_error
         | 
| 60 | 
            +
                expect(lambda { SCrypt::Engine.hash_secret(false, @salt) }).to_not raise_error
         | 
| 61 61 | 
             
              end
         | 
| 62 62 |  | 
| 63 63 | 
             
              it "should call #to_s on the secret and use the return value as the actual secret data" do
         | 
| 64 | 
            -
                SCrypt::Engine.hash_secret(false, @salt). | 
| 64 | 
            +
                expect(SCrypt::Engine.hash_secret(false, @salt)).to eq(SCrypt::Engine.hash_secret("false", @salt))
         | 
| 65 65 | 
             
              end
         | 
| 66 66 | 
             
            end
         | 
| 67 67 |  | 
| 68 68 | 
             
            describe "SCrypt test vectors" do
         | 
| 69 69 | 
             
              it "should match results of SCrypt function" do
         | 
| 70 | 
            -
                SCrypt::Engine.scrypt('', '', 16, 1, 1, 64).unpack('H*').first. | 
| 71 | 
            -
                SCrypt::Engine.scrypt('password', 'NaCl', 1024, 8, 16, 64).unpack('H*').first. | 
| 72 | 
            -
                SCrypt::Engine.scrypt('pleaseletmein', 'SodiumChloride', 16384, 8, 1, 64).unpack('H*').first. | 
| 73 | 
            -
                SCrypt::Engine.scrypt('pleaseletmein', 'SodiumChloride', 1048576, 8, 1, 64).unpack('H*').first. | 
| 70 | 
            +
                expect(SCrypt::Engine.scrypt('', '', 16, 1, 1, 64).unpack('H*').first).to eq('77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906')
         | 
| 71 | 
            +
                expect(SCrypt::Engine.scrypt('password', 'NaCl', 1024, 8, 16, 64).unpack('H*').first).to eq('fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640')
         | 
| 72 | 
            +
                expect(SCrypt::Engine.scrypt('pleaseletmein', 'SodiumChloride', 16384, 8, 1, 64).unpack('H*').first).to eq('7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887')
         | 
| 73 | 
            +
                expect(SCrypt::Engine.scrypt('pleaseletmein', 'SodiumChloride', 1048576, 8, 1, 64).unpack('H*').first).to eq('2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4')
         | 
| 74 74 | 
             
              end
         | 
| 75 75 |  | 
| 76 76 | 
             
              it "should match equivalent results sent through hash_secret() function" do
         | 
| 77 | 
            -
                SCrypt::Engine.hash_secret('', '10$1$1$0000000000000000', 64). | 
| 78 | 
            -
                SCrypt::Engine.hash_secret('password', '400$8$10$000000004e61436c', 64). | 
| 79 | 
            -
                SCrypt::Engine.hash_secret('pleaseletmein', '4000$8$1$536f6469756d43686c6f72696465', 64). | 
| 80 | 
            -
                SCrypt::Engine.hash_secret('pleaseletmein', '100000$8$1$536f6469756d43686c6f72696465', 64). | 
| 77 | 
            +
                expect(SCrypt::Engine.hash_secret('', '10$1$1$0000000000000000', 64)).to match(/\$77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906$/)
         | 
| 78 | 
            +
                expect(SCrypt::Engine.hash_secret('password', '400$8$10$000000004e61436c', 64)).to match(/\$fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640$/)
         | 
| 79 | 
            +
                expect(SCrypt::Engine.hash_secret('pleaseletmein', '4000$8$1$536f6469756d43686c6f72696465', 64)).to match(/\$7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887$/)
         | 
| 80 | 
            +
                expect(SCrypt::Engine.hash_secret('pleaseletmein', '100000$8$1$536f6469756d43686c6f72696465', 64)).to match(/\$2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4$/)
         | 
| 81 81 | 
             
              end
         | 
| 82 82 | 
             
            end
         | 
| @@ -6,23 +6,23 @@ describe "Creating a hashed password" do | |
| 6 6 | 
             
              end
         | 
| 7 7 |  | 
| 8 8 | 
             
              it "should return a SCrypt::Password" do
         | 
| 9 | 
            -
                @password. | 
| 9 | 
            +
                expect(@password).to be_an_instance_of(SCrypt::Password)
         | 
| 10 10 | 
             
              end
         | 
| 11 11 |  | 
| 12 12 | 
             
              it "should return a valid password" do
         | 
| 13 | 
            -
                lambda { SCrypt::Password.new(@password) }. | 
| 13 | 
            +
                expect(lambda { SCrypt::Password.new(@password) }).to_not raise_error
         | 
| 14 14 | 
             
              end
         | 
| 15 15 |  | 
| 16 16 | 
             
              it "should behave normally if the secret is not a string" do
         | 
| 17 | 
            -
                lambda { SCrypt::Password.create(nil) }. | 
| 18 | 
            -
                lambda { SCrypt::Password.create({:woo => "yeah"}) }. | 
| 19 | 
            -
                lambda { SCrypt::Password.create(false) }. | 
| 17 | 
            +
                expect(lambda { SCrypt::Password.create(nil) }).to_not raise_error
         | 
| 18 | 
            +
                expect(lambda { SCrypt::Password.create({:woo => "yeah"}) }).to_not raise_error
         | 
| 19 | 
            +
                expect(lambda { SCrypt::Password.create(false) }).to_not raise_error
         | 
| 20 20 | 
             
              end
         | 
| 21 21 |  | 
| 22 22 | 
             
              it "should tolerate empty string secrets" do
         | 
| 23 | 
            -
                lambda { SCrypt::Password.create( "\n".chop  ) }. | 
| 24 | 
            -
                lambda { SCrypt::Password.create( ""         ) }. | 
| 25 | 
            -
                lambda { SCrypt::Password.create( String.new ) }. | 
| 23 | 
            +
                expect(lambda { SCrypt::Password.create( "\n".chop  ) }).to_not raise_error
         | 
| 24 | 
            +
                expect(lambda { SCrypt::Password.create( ""         ) }).to_not raise_error
         | 
| 25 | 
            +
                expect(lambda { SCrypt::Password.create( String.new ) }).to_not raise_error
         | 
| 26 26 | 
             
              end
         | 
| 27 27 | 
             
            end
         | 
| 28 28 |  | 
| @@ -35,13 +35,13 @@ describe "Reading a hashed password" do | |
| 35 35 |  | 
| 36 36 | 
             
              it "should read the cost, salt, and hash" do
         | 
| 37 37 | 
             
                password = SCrypt::Password.new(@hash)
         | 
| 38 | 
            -
                password.cost. | 
| 39 | 
            -
                password.salt. | 
| 40 | 
            -
                password.to_s. | 
| 38 | 
            +
                expect(password.cost).to eq("400$8$d$")
         | 
| 39 | 
            +
                expect(password.salt).to eq("173a8189751c095a29b933789560b73bf17b2e01")
         | 
| 40 | 
            +
                expect(password.to_s).to eq(@hash)
         | 
| 41 41 | 
             
              end
         | 
| 42 42 |  | 
| 43 43 | 
             
              it "should raise an InvalidHashError when given an invalid hash" do
         | 
| 44 | 
            -
                lambda { SCrypt::Password.new('not a valid hash') }. | 
| 44 | 
            +
                expect(lambda { SCrypt::Password.new('not a valid hash') }).to raise_error(SCrypt::Errors::InvalidHash)
         | 
| 45 45 | 
             
              end
         | 
| 46 46 | 
             
            end
         | 
| 47 47 |  | 
| @@ -52,11 +52,11 @@ describe "Comparing a hashed password with a secret" do | |
| 52 52 | 
             
              end
         | 
| 53 53 |  | 
| 54 54 | 
             
              it "should compare successfully to the original secret" do
         | 
| 55 | 
            -
                (@password == @secret). | 
| 55 | 
            +
                expect((@password == @secret)).to be(true)
         | 
| 56 56 | 
             
              end
         | 
| 57 57 |  | 
| 58 58 | 
             
              it "should compare unsuccessfully to anything besides original secret" do
         | 
| 59 | 
            -
                (@password == "@secret"). | 
| 59 | 
            +
                expect((@password == "@secret")).to be(false)
         | 
| 60 60 | 
             
              end
         | 
| 61 61 |  | 
| 62 62 | 
             
            end
         | 
| @@ -68,27 +68,27 @@ describe "non-default salt sizes" do | |
| 68 68 |  | 
| 69 69 | 
             
              it "should enforce a minimum salt of 8 bytes" do
         | 
| 70 70 | 
             
                @password = SCrypt::Password.create(@secret, :salt_size => 7)
         | 
| 71 | 
            -
                @password.salt.length. | 
| 71 | 
            +
                expect(@password.salt.length).to eq(8 * 2)
         | 
| 72 72 | 
             
              end
         | 
| 73 73 |  | 
| 74 74 | 
             
              it "should allow a salt of 32 bytes" do
         | 
| 75 75 | 
             
                @password = SCrypt::Password.create(@secret, :salt_size => 32)
         | 
| 76 | 
            -
                @password.salt.length. | 
| 76 | 
            +
                expect(@password.salt.length).to eq(32 * 2)
         | 
| 77 77 | 
             
              end
         | 
| 78 78 |  | 
| 79 79 | 
             
              it "should enforce a maximum salt of 32 bytes" do
         | 
| 80 80 | 
             
                @password = SCrypt::Password.create(@secret, :salt_size => 33)
         | 
| 81 | 
            -
                @password.salt.length. | 
| 81 | 
            +
                expect(@password.salt.length).to eq(32 * 2)
         | 
| 82 82 | 
             
              end
         | 
| 83 83 |  | 
| 84 84 | 
             
              it "should pad a 20-byte salt to not look like a 20-byte SHA1" do
         | 
| 85 85 | 
             
                @password = SCrypt::Password.create(@secret, :salt_size => 20)
         | 
| 86 | 
            -
                @password.salt.length. | 
| 86 | 
            +
                expect(@password.salt.length).to eq(41)
         | 
| 87 87 | 
             
              end
         | 
| 88 88 |  | 
| 89 89 | 
             
              it "should properly compare a non-standard salt hash" do
         | 
| 90 90 | 
             
                @password = SCrypt::Password.create(@secret, :salt_size => 20)
         | 
| 91 | 
            -
                (SCrypt::Password.new(@password.to_s) == @secret). | 
| 91 | 
            +
                expect((SCrypt::Password.new(@password.to_s) == @secret)).to be(true)
         | 
| 92 92 | 
             
              end
         | 
| 93 93 |  | 
| 94 94 | 
             
            end
         | 
| @@ -100,22 +100,22 @@ describe "non-default key lengths" do | |
| 100 100 |  | 
| 101 101 | 
             
              it "should enforce a minimum keylength of 16 bytes" do
         | 
| 102 102 | 
             
                @password = SCrypt::Password.create(@secret, :key_len => 15)
         | 
| 103 | 
            -
                @password.digest.length. | 
| 103 | 
            +
                expect(@password.digest.length).to eq(16 * 2)
         | 
| 104 104 | 
             
              end
         | 
| 105 105 |  | 
| 106 106 | 
             
              it "should allow a keylength of 512 bytes" do
         | 
| 107 107 | 
             
                @password = SCrypt::Password.create(@secret, :key_len => 512)
         | 
| 108 | 
            -
                @password.digest.length. | 
| 108 | 
            +
                expect(@password.digest.length).to eq(512 * 2)
         | 
| 109 109 | 
             
              end
         | 
| 110 110 |  | 
| 111 111 | 
             
              it "should enforce a maximum keylength of 512 bytes" do
         | 
| 112 112 | 
             
                @password = SCrypt::Password.create(@secret, :key_len => 513)
         | 
| 113 | 
            -
                @password.digest.length. | 
| 113 | 
            +
                expect(@password.digest.length).to eq(512 * 2)
         | 
| 114 114 | 
             
              end
         | 
| 115 115 |  | 
| 116 116 | 
             
              it "should properly compare a non-standard hash" do
         | 
| 117 117 | 
             
                @password = SCrypt::Password.create(@secret, :key_len => 512)
         | 
| 118 | 
            -
                (SCrypt::Password.new(@password.to_s) == @secret). | 
| 118 | 
            +
                expect((SCrypt::Password.new(@password.to_s) == @secret)).to be(true)
         | 
| 119 119 | 
             
              end
         | 
| 120 120 |  | 
| 121 121 | 
             
            end
         | 
| @@ -127,13 +127,13 @@ describe "Old-style hashes" do | |
| 127 127 | 
             
              end
         | 
| 128 128 |  | 
| 129 129 | 
             
              it "should compare successfully" do
         | 
| 130 | 
            -
                (SCrypt::Password.new(@hash) == @secret). | 
| 130 | 
            +
                expect((SCrypt::Password.new(@hash) == @secret)).to be(true)
         | 
| 131 131 | 
             
              end
         | 
| 132 132 | 
             
            end
         | 
| 133 133 |  | 
| 134 134 | 
             
            describe "Respecting standard ruby behaviors" do
         | 
| 135 135 | 
             
              it 'should hash as a fixnum' do
         | 
| 136 136 | 
             
                password = SCrypt::Password.create('')
         | 
| 137 | 
            -
                password.hash. | 
| 137 | 
            +
                expect(password.hash).to be_kind_of(Fixnum)
         | 
| 138 138 | 
             
              end
         | 
| 139 139 | 
             
            end
         | 
| @@ -0,0 +1,12 @@ | |
| 1 | 
            +
            require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
         | 
| 2 | 
            +
             | 
| 3 | 
            +
            describe "Security Utils" do
         | 
| 4 | 
            +
              it "should perform a string comparison" do
         | 
| 5 | 
            +
                expect(SCrypt::SecurityUtils.secure_compare('a', 'a')).to equal(true)
         | 
| 6 | 
            +
                expect(SCrypt::SecurityUtils.secure_compare('a', 'b')).to equal(false)
         | 
| 7 | 
            +
                expect(SCrypt::SecurityUtils.secure_compare('aa', 'aa')).to equal(true)
         | 
| 8 | 
            +
                expect(SCrypt::SecurityUtils.secure_compare('aa', 'ab')).to equal(false)
         | 
| 9 | 
            +
                expect(SCrypt::SecurityUtils.secure_compare('aa', 'aaa')).to equal(false)
         | 
| 10 | 
            +
                expect(SCrypt::SecurityUtils.secure_compare('aaa', 'aa')).to equal(false)
         | 
| 11 | 
            +
              end
         | 
| 12 | 
            +
            end
         | 
    
        metadata
    CHANGED
    
    | @@ -1,7 +1,7 @@ | |
| 1 1 | 
             
            --- !ruby/object:Gem::Specification
         | 
| 2 2 | 
             
            name: scrypt
         | 
| 3 3 | 
             
            version: !ruby/object:Gem::Version
         | 
| 4 | 
            -
              version: 2. | 
| 4 | 
            +
              version: 2.1.1
         | 
| 5 5 | 
             
            platform: ruby
         | 
| 6 6 | 
             
            authors:
         | 
| 7 7 | 
             
            - Patrick Hogan
         | 
| @@ -32,7 +32,7 @@ cert_chain: | |
| 32 32 | 
             
              5Bi3W9Xf1BH2VODGXbWJ/7Wa1hBfmxXeWxat27WlvW3xFTi4NaHMlp+l3wa1gTN6
         | 
| 33 33 | 
             
              Xm3vXPA+7+FFynIH9Fw2NiURj9auCa2HIRp63V0TGhrBSxuB7e2qZhKHVt2Jnk+o
         | 
| 34 34 | 
             
              -----END CERTIFICATE-----
         | 
| 35 | 
            -
            date:  | 
| 35 | 
            +
            date: 2016-02-25 00:00:00.000000000 Z
         | 
| 36 36 | 
             
            dependencies:
         | 
| 37 37 | 
             
            - !ruby/object:Gem::Dependency
         | 
| 38 38 | 
             
              name: ffi-compiler
         | 
| @@ -137,10 +137,12 @@ files: | |
| 137 137 | 
             
            - ext/scrypt/sysendian.h
         | 
| 138 138 | 
             
            - lib/scrypt.rb
         | 
| 139 139 | 
             
            - lib/scrypt/scrypt_ext.rb
         | 
| 140 | 
            +
            - lib/scrypt/security_utils.rb
         | 
| 140 141 | 
             
            - lib/scrypt/version.rb
         | 
| 141 142 | 
             
            - scrypt.gemspec
         | 
| 142 143 | 
             
            - spec/scrypt/engine_spec.rb
         | 
| 143 144 | 
             
            - spec/scrypt/password_spec.rb
         | 
| 145 | 
            +
            - spec/scrypt/utils_spec.rb
         | 
| 144 146 | 
             
            - spec/spec_helper.rb
         | 
| 145 147 | 
             
            homepage: https://github.com/pbhogan/scrypt
         | 
| 146 148 | 
             
            licenses:
         | 
| @@ -169,4 +171,5 @@ summary: scrypt password hashing algorithm. | |
| 169 171 | 
             
            test_files:
         | 
| 170 172 | 
             
            - spec/scrypt/engine_spec.rb
         | 
| 171 173 | 
             
            - spec/scrypt/password_spec.rb
         | 
| 174 | 
            +
            - spec/scrypt/utils_spec.rb
         | 
| 172 175 | 
             
            - spec/spec_helper.rb
         | 
    
        metadata.gz.sig
    CHANGED
    
    | @@ -1,2 +1,4 @@ | |
| 1 | 
            -
            � | 
| 2 | 
            -
             | 
| 1 | 
            +
            �e�x���Ɖ����y�=|K�<U���Yi�%h)sW
         | 
| 2 | 
            +
            ��e���b~5N��(�4��"��!�>c�R��l�a�B���S
         | 
| 3 | 
            +
            ��/L�L��9�1F�}��~�E�N��&�0r��2	�jk�j٦�m0�U�*d���}&�v
         | 
| 4 | 
            +
            Z���q�P�?���K	�Ґ��?�Ɏn���W<rK��~���R��Ǜ�ܜ��x���x����C:��H�����2��=���5�pw38��WV� G/��S�Ǚ
         |