scrypt 3.0.7 → 3.1.0

data/lib/scrypt/password.rb

@@ -23,6 +23,13 @@ module SCrypt
   #   @db_password == "a paltry guess"  #=> false
   #
   class Password < String
+    # Key length constraints
+    MIN_KEY_LENGTH = 16
+    MAX_KEY_LENGTH = 512
+    # Salt size constraints
+    MIN_SALT_SIZE = 8
+    MAX_SALT_SIZE = 32
+
     # The hash portion of the stored password hash.
     attr_reader :digest
     # The salt of the store password hash
@@ -32,14 +39,23 @@ module SCrypt
 
     class << self
       # Hashes a secret, returning a SCrypt::Password instance.
-      # Takes five options (optional), which will determine the salt/key's length and the cost limits of the computation.
-      # <tt>:key_len</tt> specifies the length in bytes of the key you want to generate. The default is 32 bytes (256 bits). Minimum is 16 bytes (128 bits). Maximum is 512 bytes (4096 bits).
-      # <tt>:salt_size</tt> specifies the size in bytes of the random salt you want to generate. The default and minimum is 8 bytes (64 bits). Maximum is 32 bytes (256 bits).
+      # Takes five options (optional), which will determine the salt/key's length and
+      # the cost limits of the computation.
+      # <tt>:key_len</tt> specifies the length in bytes of the key you want to generate.
+      # The default is 32 bytes (256 bits). Minimum is 16 bytes (128 bits). Maximum is 512 bytes (4096 bits).
+      # <tt>:salt_size</tt> specifies the size in bytes of the random salt you want to generate.
+      # The default and minimum is 8 bytes (64 bits). Maximum is 32 bytes (256 bits).
       # <tt>:max_time</tt> specifies the maximum number of seconds the computation should take.
-      # <tt>:max_mem</tt> specifies the maximum number of bytes the computation should take. A value of 0 specifies no upper limit. The minimum is always 1 MB.
-      # <tt>:max_memfrac</tt> specifies the maximum memory in a fraction of available resources to use. Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
-      # The scrypt key derivation function is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt.
-      # The designers of scrypt estimate that on modern (2009) hardware, if 5 seconds are spent computing a derived key, the cost of a hardware brute-force attack against scrypt is roughly 4000 times greater than the cost of a similar attack against bcrypt (to find the same password), and 20000 times greater than a similar attack against PBKDF2.
+      # <tt>:max_mem</tt> specifies the maximum number of bytes the computation should take.
+      # A value of 0 specifies no upper limit. The minimum is always 1 MB.
+      # <tt>:max_memfrac</tt> specifies the maximum memory in a fraction of available resources to use.
+      # Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
+      # The scrypt key derivation function is designed to be far more secure against hardware
+      # brute-force attacks than alternative functions such as PBKDF2 or bcrypt.
+      # The designers of scrypt estimate that on modern (2009) hardware, if 5 seconds are spent
+      # computing a derived key, the cost of a hardware brute-force attack against scrypt is roughly
+      # 4000 times greater than the cost of a similar attack against bcrypt (to find the same password),
+      # and 20000 times greater than a similar attack against PBKDF2.
       # Default options will result in calculation time of approx. 200 ms with 1 MB memory use.
       #
       # Example:
@@ -48,19 +64,32 @@ module SCrypt
       def create(secret, options = {})
         options = SCrypt::Engine::DEFAULTS.merge(options)
 
-        # Clamp minimum/maximum keylen
-        options[:key_len] = 16 if options[:key_len] < 16
-        options[:key_len] = 512 if options[:key_len] > 512
-
-        # Clamp minimum/maximum salt_size
-        options[:salt_size] = 8 if options[:salt_size] < 8
-        options[:salt_size] = 32 if options[:salt_size] > 32
+        options[:key_len] = clamp_key_length(options[:key_len])
+        options[:salt_size] = clamp_salt_size(options[:salt_size])
 
         salt = SCrypt::Engine.generate_salt(options)
         hash = SCrypt::Engine.hash_secret(secret, salt, options[:key_len])
 
         Password.new(hash)
       end
+
+      private
+
+      # Clamps key length to valid range
+      def clamp_key_length(key_len)
+        return MIN_KEY_LENGTH if key_len < MIN_KEY_LENGTH
+        return MAX_KEY_LENGTH if key_len > MAX_KEY_LENGTH
+
+        key_len
+      end
+
+      # Clamps salt size to valid range
+      def clamp_salt_size(salt_size)
+        return MIN_SALT_SIZE if salt_size < MIN_SALT_SIZE
+        return MAX_SALT_SIZE if salt_size > MAX_SALT_SIZE
+
+        salt_size
+      end
     end
 
     # Initializes a SCrypt::Password instance with the data from a stored hash.
@@ -82,16 +111,17 @@ module SCrypt
 
     # Returns true if +h+ is a valid hash.
     def valid_hash?(h)
-      h.match(/^[0-9a-z]+\$[0-9a-z]+\$[0-9a-z]+\$[A-Za-z0-9]{16,64}\$[A-Za-z0-9]{32,1024}$/) != nil
+      !SCrypt::Engine::HASH_PATTERN.match(h).nil?
     end
 
     # call-seq:
     #   split_hash(raw_hash) -> cost, salt, hash
     #
     # Splits +h+ into cost, salt, and hash and returns them in that order.
-    def split_hash(h)
-      n, v, r, salt, hash = h.split('$')
-      [[n, v, r].join('$') + '$', salt, hash]
+    def split_hash(hash_string)
+      cpu_cost, version, memory_cost, salt, hash = hash_string.split('$')
+      cost_string = "#{[cpu_cost, version, memory_cost].join('$')}$"
+      [cost_string, salt, hash]
     end
   end
 end

data/lib/scrypt/scrypt_ext.rb

@@ -7,6 +7,10 @@ module SCrypt
   module Ext
     extend FFI::Library
 
-    ffi_lib FFI::Compiler::Loader.find('scrypt_ext')
+    begin
+      ffi_lib FFI::Compiler::Loader.find('scrypt_ext')
+    rescue LoadError => e
+      raise LoadError, "Failed to load scrypt extension library: #{e.message}"
+    end
   end
 end

data/lib/scrypt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SCrypt
-  VERSION = '3.0.7'
+  VERSION = '3.1.0'
 end

data/scrypt.gemspec

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
-# rubocop:disable Performance/EndWith, Style/SpecialGlobalVars
-
-$:.push File.expand_path("../lib", __FILE__)
+$:.push File.expand_path('lib', __dir__)
 require 'scrypt/version'
 
 Gem::Specification.new do |s|
@@ -16,10 +14,11 @@ Gem::Specification.new do |s|
                    'steve@advancedcontrol.com.au',
                    'rene.vanpaassen@gmail.com',
                    'io+scrypt@jsg.io']
-  s.cert_chain  = ['certs/stakach.pem']
+  s.cert_chain  = ['certs/pbhogan.pem']
   s.license     = 'BSD-3-Clause'
 
   s.signing_key = File.expand_path('~/.ssh/gem-private_key.pem') if $0 =~ /gem\z/
+  s.metadata['rubygems_mfa_required'] = 'true'
 
   s.homepage    = 'https://github.com/pbhogan/scrypt'
   s.summary     = 'scrypt password hashing algorithm.'
@@ -30,26 +29,14 @@ Gem::Specification.new do |s|
     alternative functions such as PBKDF2 or bcrypt.
   DESC
 
-  s.add_dependency 'ffi-compiler', '>= 1.0', '< 2.0'
-  s.add_development_dependency 'awesome_print', '>= 1', '< 2'
-  s.add_development_dependency 'rake', '>= 9', '< 13'
-  s.add_development_dependency 'rdoc', '>= 4', '< 5'
-  s.add_development_dependency 'rspec', '>= 3', '< 4'
-
-  if RUBY_VERSION >= '2.5'
-    s.add_development_dependency 'rubocop', '>= 0.76.0', '< 1.0.0'
-    s.add_development_dependency 'rubocop-gitlab-security', '>= 0.1.1', '< 0.2'
-    s.add_development_dependency 'rubocop-performance', '>= 1.5.0', '< 1.6.0'
-  end
+  s.required_ruby_version = '>= 2.3.0'
 
-  s.rubyforge_project = 'scrypt'
+  s.add_dependency 'ffi-compiler', '>= 1.0', '< 2.0'
+  s.add_dependency 'rake', '~> 13'
 
   s.extensions = ['ext/scrypt/Rakefile']
 
-  s.files = %w[Rakefile scrypt.gemspec README.md COPYING] + Dir.glob('{lib,spec,autotest}/**/*')
+  s.files = %w[Rakefile scrypt.gemspec README.md COPYING] + Dir.glob('{lib,spec}/**/*')
   s.files += Dir.glob('ext/scrypt/*')
-  s.test_files = Dir.glob('spec/**/*')
   s.require_paths = ['lib']
 end
-
-# rubocop:enable

data/spec/fixtures/test_vectors.yml

@@ -0,0 +1,67 @@
+# SCrypt Test Vectors
+# These are the official test vectors from the scrypt specification
+# Used to verify our implementation matches the reference
+
+scrypt_vectors:
+  - description: "Empty string test"
+    password: ""
+    salt: ""
+    n: 16
+    r: 1
+    p: 1
+    key_len: 64
+    expected: "77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906"
+
+  - description: "Standard test vector"
+    password: "password"
+    salt: "NaCl"
+    n: 1024
+    r: 8
+    p: 16
+    key_len: 64
+    expected: "fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640"
+
+  - description: "High memory test vector"
+    password: "pleaseletmein"
+    salt: "SodiumChloride"
+    n: 16384
+    r: 8
+    p: 1
+    key_len: 64
+    expected: "7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887"
+
+  - description: "Very high memory test (disabled on memory-constrained systems)"
+    password: "pleaseletmein"
+    salt: "SodiumChloride"
+    n: 1048576
+    r: 8
+    p: 1
+    key_len: 64
+    expected: "2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4"
+    skip_reason: "Memory limited systems (like Raspberry Pi) may fail this test"
+
+hash_secret_vectors:
+  - description: "Empty string via hash_secret"
+    password: ""
+    salt: "10$1$1$0000000000000000"
+    key_len: 64
+    expected_pattern: "77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906"
+
+  - description: "Standard test via hash_secret"
+    password: "password"
+    salt: "400$8$10$000000004e61436c"
+    key_len: 64
+    expected_pattern: "fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640"
+
+  - description: "High memory test via hash_secret"
+    password: "pleaseletmein"
+    salt: "4000$8$1$536f6469756d43686c6f72696465"
+    key_len: 64
+    expected_pattern: "7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887"
+
+  - description: "Very high memory test via hash_secret (disabled)"
+    password: "pleaseletmein"
+    salt: "100000$8$1$536f6469756d43686c6f72696465"
+    key_len: 64
+    expected_pattern: "2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4"
+    skip_reason: "Memory limited systems may fail this test"

data/spec/scrypt/engine_spec.rb

@@ -3,34 +3,45 @@
 require File.expand_path(File.join(File.dirname(__FILE__), '..', 'spec_helper'))
 
 describe 'The SCrypt engine' do
-  it 'should calculate a valid cost factor' do
+  it 'calculates a valid cost factor' do
     first = SCrypt::Engine.calibrate(max_time: 0.2)
     expect(SCrypt::Engine.valid_cost?(first)).to equal(true)
   end
 end
 
 describe 'Generating SCrypt salts' do
-  it 'should produce strings' do
+  it 'produces strings' do
     expect(SCrypt::Engine.generate_salt).to be_an_instance_of(String)
   end
 
-  it 'should produce random data' do
+  it 'produces random data' do
     expect(SCrypt::Engine.generate_salt).not_to equal(SCrypt::Engine.generate_salt)
   end
 
-  it 'should used the saved cost factor' do
+  it 'uses the saved cost factor' do
     # Verify cost is different before saving
     cost = SCrypt::Engine.calibrate(max_time: 0.01)
-    expect(SCrypt::Engine.generate_salt(max_time: 30, max_mem: 64 * 1024 * 1024)).not_to start_with(cost)
+    expect(SCrypt::Engine.generate_salt).not_to start_with(cost)
 
     cost = SCrypt::Engine.calibrate!(max_time: 0.01)
-    expect(SCrypt::Engine.generate_salt(max_time: 30, max_mem: 64 * 1024 * 1024)).to start_with(cost)
+    expect(SCrypt::Engine.generate_salt).to start_with(cost)
+  end
+
+  it 'resets calibrated cost when setting new calibration' do
+    # Set initial calibration
+    first_cost = SCrypt::Engine.calibrate!(max_time: 0.01)
+    expect(SCrypt::Engine.calibrated_cost).to eq(first_cost)
+
+    # Set different calibration
+    second_cost = SCrypt::Engine.calibrate!(max_time: 0.02)
+    expect(SCrypt::Engine.calibrated_cost).to eq(second_cost)
+    expect(SCrypt::Engine.calibrated_cost).not_to eq(first_cost)
   end
 end
 
 describe 'Autodetecting of salt cost' do
-  it 'should work' do
-    expect(SCrypt::Engine.autodetect_cost('2a$08$c3$randomjunkgoeshere')).to eq('2a$08$c3$')
+  it 'works' do
+    expect(SCrypt::Engine.autodetect_cost('2a$08$c3$some_salt')).to eq('2a$08$c3$')
   end
 end
 
@@ -39,43 +50,161 @@ describe 'Generating SCrypt hashes' do
     undef to_s
   end
 
-  before :each do
+  before do
     @salt = SCrypt::Engine.generate_salt
     @password = 'woo'
   end
 
-  it 'should produce a string' do
+  it 'produces a string' do
     expect(SCrypt::Engine.hash_secret(@password, @salt)).to be_an_instance_of(String)
   end
 
-  it 'should raise an InvalidSalt error if the salt is invalid' do
-    expect(-> { SCrypt::Engine.hash_secret(@password, 'nino') }).to raise_error(SCrypt::Errors::InvalidSalt)
+  it 'raises an InvalidSalt error if the salt is invalid' do
+    expect { SCrypt::Engine.hash_secret(@password, 'nino') }.to raise_error(SCrypt::Errors::InvalidSalt)
   end
 
-  it 'should raise an InvalidSecret error if the secret is invalid' do
-    expect(-> { SCrypt::Engine.hash_secret(MyInvalidSecret.new, @salt) }).to raise_error(SCrypt::Errors::InvalidSecret)
-    expect(-> { SCrypt::Engine.hash_secret(nil, @salt) }).to_not raise_error
-    expect(-> { SCrypt::Engine.hash_secret(false, @salt) }).to_not raise_error
+  it 'raises an InvalidSecret error if the secret is invalid' do
+    expect { SCrypt::Engine.hash_secret(MyInvalidSecret.new, @salt) }.to raise_error(SCrypt::Errors::InvalidSecret)
+    expect { SCrypt::Engine.hash_secret(nil, @salt) }.not_to raise_error
+    expect { SCrypt::Engine.hash_secret(false, @salt) }.not_to raise_error
   end
 
-  it 'should call #to_s on the secret and use the return value as the actual secret data' do
+  it 'calls #to_s on the secret and use the return value as the actual secret data' do
     expect(SCrypt::Engine.hash_secret(false, @salt)).to eq(SCrypt::Engine.hash_secret('false', @salt))
   end
 end
 
 describe 'SCrypt test vectors' do
-  it 'should match results of SCrypt function' do
-    expect(SCrypt::Engine.scrypt('', '', 16, 1, 1, 64).unpack('H*').first).to eq('77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906')
-    expect(SCrypt::Engine.scrypt('password', 'NaCl', 1024, 8, 16, 64).unpack('H*').first).to eq('fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640')
-    expect(SCrypt::Engine.scrypt('pleaseletmein', 'SodiumChloride', 16_384, 8, 1, 64).unpack('H*').first).to eq('7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887')
-    # Raspberry is memory limited, and fails on this test
-    #   expect(SCrypt::Engine.scrypt('pleaseletmein', 'SodiumChloride', 1048576, 8, 1, 64).unpack('H*').first).to eq('2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4')
-  end
-
-  it 'should match equivalent results sent through hash_secret() function' do
-    expect(SCrypt::Engine.hash_secret('', '10$1$1$0000000000000000', 64)).to match(/\$77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906$/)
-    expect(SCrypt::Engine.hash_secret('password', '400$8$10$000000004e61436c', 64)).to match(/\$fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640$/)
-    expect(SCrypt::Engine.hash_secret('pleaseletmein', '4000$8$1$536f6469756d43686c6f72696465', 64)).to match(/\$7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887$/)
-    #  expect(SCrypt::Engine.hash_secret('pleaseletmein', '100000$8$1$536f6469756d43686c6f72696465', 64)).to match(/\$2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4$/)
+  it 'matches results of SCrypt function' do
+    TEST_VECTORS['scrypt_vectors'].each do |vector|
+      next if vector['skip_reason'] # Skip memory-intensive tests
+
+      result = SCrypt::Engine.scrypt(
+        vector['password'],
+        vector['salt'],
+        vector['n'],
+        vector['r'],
+        vector['p'],
+        vector['key_len']
+      ).unpack('H*').first
+
+      expect(result).to eq(vector['expected']), "Failed for: #{vector['description']}"
+    end
+  end
+
+  it 'matches equivalent results sent through hash_secret() function' do
+    TEST_VECTORS['hash_secret_vectors'].each do |vector|
+      next if vector['skip_reason'] # Skip memory-intensive tests
+
+      result = SCrypt::Engine.hash_secret(
+        vector['password'],
+        vector['salt'],
+        vector['key_len']
+      )
+
+      # hash_secret returns: salt + '$' + hash_digest
+      # So we expect: "salt$expected_pattern"
+      expected_full_hash = "#{vector['salt']}$#{vector['expected_pattern']}"
+      expect(result).to eq(expected_full_hash), "Failed for: #{vector['description']}"
+    end
+  end
+end
+
+describe 'Input validation' do
+  describe '#calibrate' do
+    it 'raises ArgumentError for negative max_mem' do
+      expect do
+        SCrypt::Engine.send(:__sc_calibrate, -1, 0.5, 0.2)
+      end.to raise_error(ArgumentError, 'max_mem must be non-negative')
+    end
+
+    it 'raises ArgumentError for invalid max_memfrac' do
+      expect do
+        SCrypt::Engine.send(:__sc_calibrate, 1024, -0.1,
+                            0.2)
+      end.to raise_error(ArgumentError, 'max_memfrac must be between 0 and 1')
+      expect do
+        SCrypt::Engine.send(:__sc_calibrate, 1024, 1.1,
+                            0.2)
+      end.to raise_error(ArgumentError, 'max_memfrac must be between 0 and 1')
+    end
+
+    it 'raises ArgumentError for non-positive max_time' do
+      expect do
+        SCrypt::Engine.send(:__sc_calibrate, 1024, 0.5, 0)
+      end.to raise_error(ArgumentError, 'max_time must be positive')
+
+      expect do
+        SCrypt::Engine.send(:__sc_calibrate, 1024, 0.5, -0.1)
+      end.to raise_error(ArgumentError, 'max_time must be positive')
+    end
+  end
+
+  describe '#scrypt' do
+    it 'raises ArgumentError for nil secret' do
+      expect do
+        SCrypt::Engine.send(:__sc_crypt, nil, 'salt', 16, 1, 1, 32)
+      end.to raise_error(ArgumentError, 'secret cannot be nil')
+    end
+
+    it 'raises ArgumentError for nil salt' do
+      expect do
+        SCrypt::Engine.send(:__sc_crypt, 'secret', nil, 16, 1, 1, 32)
+      end.to raise_error(ArgumentError, 'salt cannot be nil')
+    end
+
+    it 'raises ArgumentError for non-positive parameters' do
+      expect do
+        SCrypt::Engine.send(:__sc_crypt, 'secret', 'salt', 0, 1, 1, 32)
+      end.to raise_error(ArgumentError, 'cpu_cost must be positive')
+
+      expect do
+        SCrypt::Engine.send(:__sc_crypt, 'secret', 'salt', 16, 0, 1, 32)
+      end.to raise_error(ArgumentError, 'memory_cost must be positive')
+
+      expect do
+        SCrypt::Engine.send(:__sc_crypt, 'secret', 'salt', 16, 1, 0, 32)
+      end.to raise_error(ArgumentError, 'parallelization must be positive')
+
+      expect do
+        SCrypt::Engine.send(:__sc_crypt, 'secret', 'salt', 16, 1, 1,
+                            0)
+      end.to raise_error(ArgumentError, 'key_len must be positive')
+    end
+  end
+end
+
+describe 'Memory usage calculation' do
+  it 'calculates memory usage correctly' do
+    cost = '400$8$1$'
+    memory = SCrypt::Engine.memory_use(cost)
+    n = 0x400
+    r = 8
+    p = 1
+    expected = (128 * r * p) + (256 * r) + (128 * r * n)
+    expect(memory).to eq(expected)
+  end
+end
+
+describe 'Calibrated cost management' do
+  after do
+    # Reset calibrated cost after each test
+    SCrypt::Engine.calibrated_cost = nil
+  end
+
+  it 'initializes have no calibrated cost' do
+    SCrypt::Engine.calibrated_cost = nil
+    expect(SCrypt::Engine.calibrated_cost).to be_nil
+  end
+
+  it 'stores and retrieve calibrated cost' do
+    cost = SCrypt::Engine.calibrate!(max_time: 0.01)
+    expect(SCrypt::Engine.calibrated_cost).to eq(cost)
+  end
+
+  it 'uses calibrated cost in generate_salt when available' do
+    cost = SCrypt::Engine.calibrate!(max_time: 0.01)
+    salt = SCrypt::Engine.generate_salt
+    expect(salt).to start_with(cost)
   end
 end

data/spec/scrypt/ffi_spec.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require File.expand_path(File.join(File.dirname(__FILE__), '..', 'spec_helper'))
+
+describe 'SCrypt FFI Library Loading' do
+  describe 'Extension loading' do
+    it 'loads the scrypt extension successfully' do
+      # This test verifies that the FFI library loads without error
+      # If we get here, the library loaded successfully during require
+      expect(SCrypt::Ext).to be_a(Module)
+      expect(SCrypt::Ext).to respond_to(:sc_calibrate)
+      expect(SCrypt::Ext).to respond_to(:crypto_scrypt)
+    end
+
+    it 'has proper FFI function signatures' do
+      # Verify that the FFI functions are properly bound
+      expect(SCrypt::Ext.method(:sc_calibrate)).to be_a(Method)
+      expect(SCrypt::Ext.method(:crypto_scrypt)).to be_a(Method)
+    end
+  end
+
+  describe 'FFI function behavior' do
+    it 'handles basic calibration calls' do
+      # Test that the FFI functions are callable
+      expect { SCrypt::Engine.calibrate(max_time: 0.01) }.not_to raise_error
+    end
+
+    it 'handles basic scrypt calls' do
+      salt = SCrypt::Engine.generate_salt(max_time: 0.01)
+      expect { SCrypt::Engine.hash_secret('test', salt) }.not_to raise_error
+    end
+  end
+end

data/spec/scrypt/integration_spec.rb

@@ -0,0 +1,129 @@
+# frozen_string_literal: true
+
+require File.expand_path(File.join(File.dirname(__FILE__), '..', 'spec_helper'))
+
+describe 'SCrypt Integration Tests' do
+  describe 'Full password lifecycle' do
+    let(:secret) { 'my_super_secret_password' }
+    let(:options) { { max_time: 0.1, max_mem: 8 * 1024 * 1024 } }
+
+    it 'create,s store, and verify passwords correctly' do
+      # Create password
+      password = SCrypt::Password.create(secret, options)
+      expect(password).to be_a(SCrypt::Password)
+      expect(password.to_s).to match(/^[0-9a-z]+\$[0-9a-z]+\$[0-9a-z]+\$[A-Za-z0-9]+\$[A-Za-z0-9]+$/)
+
+      # Verify password
+      expect(password == secret).to be(true)
+      expect(password == 'wrong_password').to be(false)
+
+      # Re-instantiate from stored hash
+      stored_hash = password.to_s
+      recovered_password = SCrypt::Password.new(stored_hash)
+
+      expect(recovered_password == secret).to be(true)
+      expect(recovered_password == 'wrong_password').to be(false)
+    end
+
+    it 'handles calibration workflow correctly' do
+      # Calibrate for fast testing
+      cost = SCrypt::Engine.calibrate!(max_time: 0.05)
+      expect(cost).to match(/^[0-9a-z]+\$[0-9a-z]+\$[0-9a-z]+\$$/)
+
+      # Generate salt using calibrated cost
+      salt = SCrypt::Engine.generate_salt
+      expect(salt).to start_with(cost)
+
+      # Hash secret with calibrated parameters
+      hash = SCrypt::Engine.hash_secret(secret, salt)
+      expect(hash).to be_a(String)
+      expect(hash).to include(salt)
+
+      # Verify the hash
+      password = SCrypt::Password.new(hash)
+      expect(password == secret).to be(true)
+
+      # Reset calibration
+      SCrypt::Engine.calibrated_cost = nil
+    end
+  end
+
+  describe 'Cross-compatibility tests' do
+    it 'is compatible between Engine and Password classes' do
+      # Create using Password class
+      password1 = SCrypt::Password.create('test_secret', max_time: 0.05)
+
+      # Extract components and recreate using Engine
+      cost = password1.cost
+      salt_with_cost = cost + password1.salt
+      hash2 = SCrypt::Engine.hash_secret('test_secret', salt_with_cost, password1.digest.length / 2)
+
+      # Both should verify the same secret
+      password2 = SCrypt::Password.new(hash2)
+      expect(password1 == 'test_secret').to be(true)
+      expect(password2 == 'test_secret').to be(true)
+    end
+  end
+
+  describe 'Edge cases and error conditions' do
+    it 'handles various secret types' do
+      # String secret
+      password1 = SCrypt::Password.create('string_secret', max_time: 0.05)
+      expect(password1 == 'string_secret').to be(true)
+
+      # Symbol secret
+      password2 = SCrypt::Password.create(:symbol_secret, max_time: 0.05)
+      expect(password2 == 'symbol_secret').to be(true)
+
+      # Numeric secret
+      password3 = SCrypt::Password.create(12_345, max_time: 0.05)
+      expect(password3 == '12345').to be(true)
+
+      # Boolean secret
+      password4 = SCrypt::Password.create(false, max_time: 0.05)
+      expect(password4 == 'false').to be(true)
+    end
+
+    it 'handles empty and nil secrets safely' do
+      # Empty string
+      password1 = SCrypt::Password.create('', max_time: 0.05)
+      expect(password1 == '').to be(true)
+
+      # Nil (converts to empty string)
+      password2 = SCrypt::Password.create(nil, max_time: 0.05)
+      expect(password2 == '').to be(true)
+    end
+
+    it 'validates input parameters' do
+      # Invalid hash format
+      expect { SCrypt::Password.new('invalid_hash') }.to raise_error(SCrypt::Errors::InvalidHash)
+
+      # Invalid salt
+      expect { SCrypt::Engine.hash_secret('secret', 'invalid_salt') }.to raise_error(SCrypt::Errors::InvalidSalt)
+    end
+  end
+
+  describe 'Performance and memory tests' do
+    it 'respects memory and time constraints' do
+      start_time = Time.now
+
+      # Use very low constraints for fast testing
+      password = SCrypt::Password.create('test', max_time: 0.01, max_mem: 1024 * 1024)
+
+      elapsed_time = Time.now - start_time
+
+      # Should complete reasonably quickly (allowing some overhead)
+      expect(elapsed_time).to be < 1.0
+      expect(password == 'test').to be(true)
+    end
+
+    it 'calculates memory usage correctly' do
+      cost = SCrypt::Engine.calibrate(max_time: 0.05)
+      memory_usage = SCrypt::Engine.memory_use(cost)
+
+      # Memory usage should be a reasonable number
+      expect(memory_usage).to be > 0
+      expect(memory_usage).to be < 100 * 1024 * 1024 # Less than 100MB
+    end
+  end
+end