scrypt 1.0.3 → 1.0.4

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    scrypt (1.0.3)
+    scrypt (1.0.4)
 
 GEM
   remote: http://rubygems.org/

data/README.md

@@ -0,0 +1,50 @@
+scrypt
+======
+
+The scrypt key derivation function is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt.
+
+* http://www.tarsnap.com/scrypt.html
+* http://github.com/pbhogan/scrypt
+
+## Why you should use scrypt
+
+![KDF comparison](https://github.com/tarcieri/scrypt/raw/modern-readme/kdf-comparison.png)
+
+The designers of scrypt estimate that on modern (2009) hardware, if 5 seconds are spent computing a derived key, the cost of a hardware brute-force attack against scrypt is roughly 4000 times greater than the cost of a similar attack against bcrypt (to find the same password), and 20000 times greater than a similar attack against PBKDF2.
+
+## How to install scrypt
+
+```
+gem install scrypt
+```
+
+## How to use scrypt
+
+It works pretty similarly to ruby-bcrypt with a few minor differences, especially where the cost factor is concerned.
+
+```ruby
+include "scrypt"
+
+# hash a user's password
+@password = Password.create("my grand secret")
+@password #=> "2000$8$1$f5f2fa5fe5484a7091f1299768fbe92b5a7fbc77$6a385f22c54d92c314b71a4fd5ef33967c93d679"
+
+# store it safely
+@user.update_attribute(:password, @password)
+
+# read it back
+@user.reload!
+@db_password = Password.new(@user.password)
+
+# compare it after retrieval
+@db_password == "my grand secret" #=> true
+@db_password == "a paltry guess"  #=> false
+```
+
+Password.create takes three options which will determine the cost limits of the computation:
+
+* `:max_time` specifies the maximum number of seconds the computation should take.
+* `:max_mem` specifies the maximum number of bytes the computation should take. A value of 0 specifies no upper limit. The minimum is always 1 MB.
+* `:max_memfrac` specifies the maximum memory in a fraction of available resources to use. Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
+
+Default options will result in calculation time of approx. 200 ms with 1 MB memory use.

data/ext/mri/Makefile

@@ -1,70 +1,97 @@
 
 SHELL = /bin/sh
 
+# V=0 quiet, V=1 verbose.  other values don't work.
+V = 0
+Q1 = $(V:1=)
+Q = $(Q1:0=@)
+n=$(NULLCMD)
+ECHO1 = $(V:1=@$n)
+ECHO = $(ECHO1:0=@echo)
+
 #### Start of system configuration section. ####
 
 srcdir = .
-topdir = /Users/pbhogan/.rvm/rubies/ree-1.8.7-2010.02/lib/ruby/1.8/i686-darwin10.4.0
-hdrdir = $(topdir)
-VPATH = $(srcdir):$(topdir):$(hdrdir)
+topdir = /Volumes/Secondary/Users/pbhogan/.rvm/rubies/ruby-1.9.3-p125/include/ruby-1.9.1
+hdrdir = /Volumes/Secondary/Users/pbhogan/.rvm/rubies/ruby-1.9.3-p125/include/ruby-1.9.1
+arch_hdrdir = /Volumes/Secondary/Users/pbhogan/.rvm/rubies/ruby-1.9.3-p125/include/ruby-1.9.1/$(arch)
+VPATH = $(srcdir):$(arch_hdrdir)/ruby:$(hdrdir)/ruby
+prefix = $(DESTDIR)/Volumes/Secondary/Users/pbhogan/.rvm/rubies/ruby-1.9.3-p125
+rubylibprefix = $(libdir)/$(RUBY_BASE_NAME)
 exec_prefix = $(prefix)
-prefix = $(DESTDIR)/Users/pbhogan/.rvm/rubies/ree-1.8.7-2010.02
-sharedstatedir = $(prefix)/com
+vendorhdrdir = $(rubyhdrdir)/vendor_ruby
+sitehdrdir = $(rubyhdrdir)/site_ruby
+rubyhdrdir = $(includedir)/$(RUBY_BASE_NAME)-$(ruby_version)
+vendordir = $(rubylibprefix)/vendor_ruby
+sitedir = $(rubylibprefix)/site_ruby
+ridir = $(datarootdir)/$(RI_BASE_NAME)
 mandir = $(datarootdir)/man
-psdir = $(docdir)
-oldincludedir = $(DESTDIR)/usr/include
 localedir = $(datarootdir)/locale
-bindir = $(exec_prefix)/bin
-libexecdir = $(exec_prefix)/libexec
-sitedir = $(libdir)/ruby/site_ruby
+libdir = $(exec_prefix)/lib
+psdir = $(docdir)
+pdfdir = $(docdir)
+dvidir = $(docdir)
 htmldir = $(docdir)
-vendorarchdir = $(vendorlibdir)/$(sitearch)
-includedir = $(prefix)/include
 infodir = $(datarootdir)/info
-vendorlibdir = $(vendordir)/$(ruby_version)
-sysconfdir = $(prefix)/etc
-libdir = $(exec_prefix)/lib
-sbindir = $(exec_prefix)/sbin
-rubylibdir = $(libdir)/ruby/$(ruby_version)
 docdir = $(datarootdir)/doc/$(PACKAGE)
-dvidir = $(docdir)
-vendordir = $(libdir)/ruby/vendor_ruby
+oldincludedir = $(DESTDIR)/usr/include
+includedir = $(prefix)/include
+localstatedir = $(prefix)/var
+sharedstatedir = $(prefix)/com
+sysconfdir = $(prefix)/etc
+datadir = $(datarootdir)
 datarootdir = $(prefix)/share
-pdfdir = $(docdir)
+libexecdir = $(exec_prefix)/libexec
+sbindir = $(exec_prefix)/sbin
+bindir = $(exec_prefix)/bin
+rubylibdir = $(rubylibprefix)/$(ruby_version)
 archdir = $(rubylibdir)/$(arch)
-sitearchdir = $(sitelibdir)/$(sitearch)
-datadir = $(datarootdir)
-localstatedir = $(prefix)/var
 sitelibdir = $(sitedir)/$(ruby_version)
+sitearchdir = $(sitelibdir)/$(sitearch)
+vendorlibdir = $(vendordir)/$(ruby_version)
+vendorarchdir = $(vendorlibdir)/$(sitearch)
+
+NULLCMD = :
 
-CC = gcc -Wall 
-LIBRUBY = $(LIBRUBY_A)
+CC = /usr/bin/gcc-4.2 -Wall 
+CXX = g++-4.2
+LIBRUBY = $(LIBRUBY_SO)
 LIBRUBY_A = lib$(RUBY_SO_NAME)-static.a
-LIBRUBYARG_SHARED = 
+LIBRUBYARG_SHARED = -l$(RUBY_SO_NAME)
 LIBRUBYARG_STATIC = -l$(RUBY_SO_NAME)-static
+OUTFLAG = -o 
+COUTFLAG = -o 
 
 RUBY_EXTCONF_H = 
-CFLAGS   =  -fno-common -g -O2  -pipe -fno-common $(cflags) 
-INCFLAGS = -I. -I$(topdir) -I$(hdrdir) -I$(srcdir)
+cflags   =  $(optflags) $(debugflags) $(warnflags)
+optflags = -O3
+debugflags = -g
+warnflags = -Wextra -Wno-unused-parameter -Wno-parentheses -Wno-long-long -Wno-missing-field-initializers -Wpointer-arith -Wwrite-strings -Wdeclaration-after-statement -Wshorten-64-to-32 -Wimplicit-function-declaration
+CFLAGS   = -fno-common $(cflags)  -fno-common -pipe $(ARCH_FLAG)
+INCFLAGS = -I. -I$(arch_hdrdir) -I$(hdrdir)/ruby/backward -I$(hdrdir) -I$(srcdir)
 DEFS     = 
-CPPFLAGS =   -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE $(DEFS) $(cppflags)
-CXXFLAGS = $(CFLAGS) 
-ldflags  = -L. 
-dldflags = 
-archflag = 
-DLDFLAGS = $(ldflags) $(dldflags) $(archflag)
-LDSHARED = cc -dynamic -bundle -undefined suppress -flat_namespace
+CPPFLAGS =  -I/Volumes/Secondary/Users/pbhogan/.rvm/usr/include -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE $(DEFS) $(cppflags)
+CXXFLAGS = $(CFLAGS) $(cxxflags)
+ldflags  = -L. -L/usr/local/lib
+dldflags = -Wl,-undefined,dynamic_lookup -Wl,-multiply_defined,suppress -Wl,-flat_namespace
+ARCH_FLAG = 
+DLDFLAGS = $(ldflags) $(dldflags) $(ARCH_FLAG)
+LDSHARED = $(CC) -dynamic -bundle
+LDSHAREDXX = $(CXX) -dynamic -bundle
 AR = ar
 EXEEXT = 
 
+RUBY_BASE_NAME = ruby
 RUBY_INSTALL_NAME = ruby
-RUBY_SO_NAME = ruby
-arch = i686-darwin10.4.0
-sitearch = i686-darwin10.4.0
-ruby_version = 1.8
-ruby = /Users/pbhogan/.rvm/rubies/ree-1.8.7-2010.02/bin/ruby
+RUBY_SO_NAME = ruby.1.9.1
+arch = x86_64-darwin11.3.0
+sitearch = $(arch)
+ruby_version = 1.9.1
+ruby = /Volumes/Secondary/Users/pbhogan/.rvm/rubies/ruby-1.9.3-p125/bin/ruby
 RUBY = $(ruby)
 RM = rm -f
+RM_RF = $(RUBY) -run -e rm -- -rf
+RMDIRS = rmdir -p
 MAKEDIRS = mkdir -p
 INSTALL = /usr/bin/install -c
 INSTALL_PROG = $(INSTALL) -m 0755
@@ -75,18 +102,19 @@ COPY = cp
 
 preload = 
 
-libpath = . $(libdir)
-LIBPATH =  -L. -L$(libdir)
+libpath = . $(libdir) /Volumes/Secondary/Users/pbhogan/.rvm/usr/lib
+LIBPATH =  -L. -L$(libdir) -L/Volumes/Secondary/Users/pbhogan/.rvm/usr/lib
 DEFFILE = 
 
 CLEANFILES = mkmf.log
 DISTCLEANFILES = 
+DISTCLEANDIRS = 
 
 extout = 
 extout_prefix = 
 target_prefix = 
 LOCAL_LIBS = 
-LIBS =   -ldl -lobjc  
+LIBS = $(LIBRUBYARG_SHARED)  -lpthread -ldl -lobjc 
 SRCS = crypto_scrypt-ref.c memlimit.c scrypt_calibrate.c scrypt_ext.c scryptenc_cpuperf.c sha256.c
 OBJS = crypto_scrypt-ref.o memlimit.o scrypt_calibrate.o scrypt_ext.o scryptenc_cpuperf.o sha256.o
 TARGET = scrypt_ext
@@ -98,60 +126,88 @@ BINDIR        = $(bindir)
 RUBYCOMMONDIR = $(sitedir)$(target_prefix)
 RUBYLIBDIR    = $(sitelibdir)$(target_prefix)
 RUBYARCHDIR   = $(sitearchdir)$(target_prefix)
+HDRDIR        = $(rubyhdrdir)/ruby$(target_prefix)
+ARCHHDRDIR    = $(rubyhdrdir)/$(arch)/ruby$(target_prefix)
 
 TARGET_SO     = $(DLLIB)
-CLEANLIBS     = $(TARGET).bundle $(TARGET).il? $(TARGET).tds $(TARGET).map
-CLEANOBJS     = *.o *.a *.s[ol] *.pdb *.exp *.bak
-
-all:		$(DLLIB)
-static:		$(STATIC_LIB)
-
-clean:
+CLEANLIBS     = $(TARGET).bundle 
+CLEANOBJS     = *.o  *.bak
+
+all:    $(DLLIB)
+static: $(STATIC_LIB)
+.PHONY: all install static install-so install-rb
+.PHONY: clean clean-so clean-rb
+
+clean-rb-default::
+clean-rb::
+clean-so::
+clean: clean-so clean-rb-default clean-rb
 		@-$(RM) $(CLEANLIBS) $(CLEANOBJS) $(CLEANFILES)
 
-distclean:	clean
+distclean-rb-default::
+distclean-rb::
+distclean-so::
+distclean: clean distclean-so distclean-rb-default distclean-rb
 		@-$(RM) Makefile $(RUBY_EXTCONF_H) conftest.* mkmf.log
 		@-$(RM) core ruby$(EXEEXT) *~ $(DISTCLEANFILES)
+		@-$(RMDIRS) $(DISTCLEANDIRS) 2> /dev/null || true
 
-realclean:	distclean
+realclean: distclean
 install: install-so install-rb
 
 install-so: $(RUBYARCHDIR)
 install-so: $(RUBYARCHDIR)/$(DLLIB)
 $(RUBYARCHDIR)/$(DLLIB): $(DLLIB)
-	$(INSTALL_PROG) $(DLLIB) $(RUBYARCHDIR)
+	@-$(MAKEDIRS) $(@D)
+	$(INSTALL_PROG) $(DLLIB) $(@D)
 install-rb: pre-install-rb install-rb-default
 install-rb-default: pre-install-rb-default
 pre-install-rb: Makefile
 pre-install-rb-default: Makefile
+pre-install-rb-default:
+	$(ECHO) installing default scrypt_ext libraries
 $(RUBYARCHDIR):
-	$(MAKEDIRS) $@
+	$(Q) $(MAKEDIRS) $@
 
 site-install: site-install-so site-install-rb
 site-install-so: install-so
 site-install-rb: install-rb
 
-.SUFFIXES: .c .m .cc .cxx .cpp .C .o
+.SUFFIXES: .c .m .cc .mm .cxx .cpp .C .o
 
 .cc.o:
-	$(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) -c $<
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
+
+.mm.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
 
 .cxx.o:
-	$(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) -c $<
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
 
 .cpp.o:
-	$(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) -c $<
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
 
 .C.o:
-	$(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) -c $<
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
 
 .c.o:
-	$(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) -c $<
+	$(ECHO) compiling $(<)
+	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -c $<
+
+.m.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -c $<
 
 $(DLLIB): $(OBJS) Makefile
-	@-$(RM) $@
-	$(LDSHARED) -o $@ $(OBJS) $(LIBPATH) $(DLDFLAGS) $(LOCAL_LIBS) $(LIBS)
+	$(ECHO) linking shared-object $(DLLIB)
+	@-$(RM) $(@)
+	$(Q) $(LDSHARED) -o $@ $(OBJS) $(LIBPATH) $(DLDFLAGS) $(LOCAL_LIBS) $(LIBS)
 
 
 
-$(OBJS): ruby.h defines.h
+$(OBJS): $(hdrdir)/ruby.h $(hdrdir)/ruby/defines.h $(arch_hdrdir)/ruby/config.h

data/ext/mri/crypto_scrypt-ref.c

@@ -255,7 +255,7 @@ crypto_scrypt(const uint8_t * passwd, size_t passwdlen,
 		goto err2;
 
 	/* 1: (B_0 ... B_{p-1}) <-- PBKDF2(P, S, 1, p * MFLen) */
-	PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, 1, B, p * 128 * r);
+	PBKDF2_scrypt_SHA256(passwd, passwdlen, salt, saltlen, 1, B, p * 128 * r);
 
 	/* 2: for i = 0 to p - 1 do */
 	for (i = 0; i < p; i++) {
@@ -264,7 +264,7 @@ crypto_scrypt(const uint8_t * passwd, size_t passwdlen,
 	}
 
 	/* 5: DK <-- PBKDF2(P, B, 1, dkLen) */
-	PBKDF2_SHA256(passwd, passwdlen, B, p * 128 * r, 1, buf, buflen);
+	PBKDF2_scrypt_SHA256(passwd, passwdlen, B, p * 128 * r, 1, buf, buflen);
 
 	/* Free memory. */
 	free(V);

data/ext/mri/sha256.c

@@ -60,7 +60,7 @@ be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
 		dst[i] = be32dec(src + i * 4);
 }
 
-/* Elementary functions used by SHA256 */
+/* Elementary functions used by scrypt_SHA256 */
 #define Ch(x, y, z)	((x & (y ^ z)) ^ z)
 #define Maj(x, y, z)	((x & (y | z)) | (y & z))
 #define SHR(x, n)	(x >> n)
@@ -70,7 +70,7 @@ be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
 #define s0(x)		(ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3))
 #define s1(x)		(ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10))
 
-/* SHA256 round function */
+/* scrypt_SHA256 round function */
 #define RND(a, b, c, d, e, f, g, h, k)			\
 	t0 = h + S1(e) + Ch(e, f, g) + k;		\
 	t1 = S0(a) + Maj(a, b, c);			\
@@ -86,11 +86,11 @@ be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
 	    W[i] + k)
 
 /*
- * SHA256 block compression function.  The 256-bit state is transformed via
+ * scrypt_SHA256 block compression function.  The 256-bit state is transformed via
  * the 512-bit input block to produce a new state.
  */
 static void
-SHA256_Transform(uint32_t * state, const unsigned char block[64])
+scrypt_SHA256_Transform(uint32_t * state, const unsigned char block[64])
 {
 	uint32_t W[64];
 	uint32_t S[8];
@@ -190,7 +190,7 @@ static unsigned char PAD[64] = {
 
 /* Add padding and terminating bit-count. */
 static void
-SHA256_Pad(SHA256_CTX * ctx)
+scrypt_SHA256_Pad(scrypt_SHA256_CTX * ctx)
 {
 	unsigned char len[8];
 	uint32_t r, plen;
@@ -204,15 +204,15 @@ SHA256_Pad(SHA256_CTX * ctx)
 	/* Add 1--64 bytes so that the resulting length is 56 mod 64 */
 	r = (ctx->count[1] >> 3) & 0x3f;
 	plen = (r < 56) ? (56 - r) : (120 - r);
-	SHA256_Update(ctx, PAD, (size_t)plen);
+	scrypt_SHA256_Update(ctx, PAD, (size_t)plen);
 
 	/* Add the terminating bit-count */
-	SHA256_Update(ctx, len, 8);
+	scrypt_SHA256_Update(ctx, len, 8);
 }
 
 /* SHA-256 initialization.  Begins a SHA-256 operation. */
 void
-SHA256_Init(SHA256_CTX * ctx)
+scrypt_SHA256_Init(scrypt_SHA256_CTX * ctx)
 {
 
 	/* Zero bits processed so far */
@@ -231,7 +231,7 @@ SHA256_Init(SHA256_CTX * ctx)
 
 /* Add bytes into the hash */
 void
-SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len)
+scrypt_SHA256_Update(scrypt_SHA256_CTX * ctx, const void *in, size_t len)
 {
 	uint32_t bitlen[2];
 	uint32_t r;
@@ -257,13 +257,13 @@ SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len)
 
 	/* Finish the current block */
 	memcpy(&ctx->buf[r], src, 64 - r);
-	SHA256_Transform(ctx->state, ctx->buf);
+	scrypt_SHA256_Transform(ctx->state, ctx->buf);
 	src += 64 - r;
 	len -= 64 - r;
 
 	/* Perform complete blocks */
 	while (len >= 64) {
-		SHA256_Transform(ctx->state, src);
+		scrypt_SHA256_Transform(ctx->state, src);
 		src += 64;
 		len -= 64;
 	}
@@ -277,11 +277,11 @@ SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len)
  * and clears the context state.
  */
 void
-SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx)
+scrypt_SHA256_Final(unsigned char digest[32], scrypt_SHA256_CTX * ctx)
 {
 
 	/* Add padding */
-	SHA256_Pad(ctx);
+	scrypt_SHA256_Pad(ctx);
 
 	/* Write the hash */
 	be32enc_vect(digest, ctx->state, 32);
@@ -290,80 +290,80 @@ SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx)
 	memset((void *)ctx, 0, sizeof(*ctx));
 }
 
-/* Initialize an HMAC-SHA256 operation with the given key. */
+/* Initialize an HMAC-scrypt_SHA256 operation with the given key. */
 void
-HMAC_SHA256_Init(HMAC_SHA256_CTX * ctx, const void * _K, size_t Klen)
+HMAC_scrypt_SHA256_Init(HMAC_scrypt_SHA256_CTX * ctx, const void * _K, size_t Klen)
 {
 	unsigned char pad[64];
 	unsigned char khash[32];
 	const unsigned char * K = _K;
 	size_t i;
 
-	/* If Klen > 64, the key is really SHA256(K). */
+	/* If Klen > 64, the key is really scrypt_SHA256(K). */
 	if (Klen > 64) {
-		SHA256_Init(&ctx->ictx);
-		SHA256_Update(&ctx->ictx, K, Klen);
-		SHA256_Final(khash, &ctx->ictx);
+		scrypt_SHA256_Init(&ctx->ictx);
+		scrypt_SHA256_Update(&ctx->ictx, K, Klen);
+		scrypt_SHA256_Final(khash, &ctx->ictx);
 		K = khash;
 		Klen = 32;
 	}
 
-	/* Inner SHA256 operation is SHA256(K xor [block of 0x36] || data). */
-	SHA256_Init(&ctx->ictx);
+	/* Inner scrypt_SHA256 operation is scrypt_SHA256(K xor [block of 0x36] || data). */
+	scrypt_SHA256_Init(&ctx->ictx);
 	memset(pad, 0x36, 64);
 	for (i = 0; i < Klen; i++)
 		pad[i] ^= K[i];
-	SHA256_Update(&ctx->ictx, pad, 64);
+	scrypt_SHA256_Update(&ctx->ictx, pad, 64);
 
-	/* Outer SHA256 operation is SHA256(K xor [block of 0x5c] || hash). */
-	SHA256_Init(&ctx->octx);
+	/* Outer scrypt_SHA256 operation is scrypt_SHA256(K xor [block of 0x5c] || hash). */
+	scrypt_SHA256_Init(&ctx->octx);
 	memset(pad, 0x5c, 64);
 	for (i = 0; i < Klen; i++)
 		pad[i] ^= K[i];
-	SHA256_Update(&ctx->octx, pad, 64);
+	scrypt_SHA256_Update(&ctx->octx, pad, 64);
 
 	/* Clean the stack. */
 	memset(khash, 0, 32);
 }
 
-/* Add bytes to the HMAC-SHA256 operation. */
+/* Add bytes to the HMAC-scrypt_SHA256 operation. */
 void
-HMAC_SHA256_Update(HMAC_SHA256_CTX * ctx, const void *in, size_t len)
+HMAC_scrypt_SHA256_Update(HMAC_scrypt_SHA256_CTX * ctx, const void *in, size_t len)
 {
 
-	/* Feed data to the inner SHA256 operation. */
-	SHA256_Update(&ctx->ictx, in, len);
+	/* Feed data to the inner scrypt_SHA256 operation. */
+	scrypt_SHA256_Update(&ctx->ictx, in, len);
 }
 
-/* Finish an HMAC-SHA256 operation. */
+/* Finish an HMAC-scrypt_SHA256 operation. */
 void
-HMAC_SHA256_Final(unsigned char digest[32], HMAC_SHA256_CTX * ctx)
+HMAC_scrypt_SHA256_Final(unsigned char digest[32], HMAC_scrypt_SHA256_CTX * ctx)
 {
 	unsigned char ihash[32];
 
-	/* Finish the inner SHA256 operation. */
-	SHA256_Final(ihash, &ctx->ictx);
+	/* Finish the inner scrypt_SHA256 operation. */
+	scrypt_SHA256_Final(ihash, &ctx->ictx);
 
-	/* Feed the inner hash to the outer SHA256 operation. */
-	SHA256_Update(&ctx->octx, ihash, 32);
+	/* Feed the inner hash to the outer scrypt_SHA256 operation. */
+	scrypt_SHA256_Update(&ctx->octx, ihash, 32);
 
-	/* Finish the outer SHA256 operation. */
-	SHA256_Final(digest, &ctx->octx);
+	/* Finish the outer scrypt_SHA256 operation. */
+	scrypt_SHA256_Final(digest, &ctx->octx);
 
 	/* Clean the stack. */
 	memset(ihash, 0, 32);
 }
 
 /**
- * PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen):
- * Compute PBKDF2(passwd, salt, c, dkLen) using HMAC-SHA256 as the PRF, and
+ * PBKDF2_scrypt_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen):
+ * Compute PBKDF2(passwd, salt, c, dkLen) using HMAC-scrypt_SHA256 as the PRF, and
  * write the output to buf.  The value dkLen must be at most 32 * (2^32 - 1).
  */
 void
-PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt,
+PBKDF2_scrypt_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt,
     size_t saltlen, uint64_t c, uint8_t * buf, size_t dkLen)
 {
-	HMAC_SHA256_CTX PShctx, hctx;
+	HMAC_scrypt_SHA256_CTX PShctx, hctx;
 	size_t i;
 	uint8_t ivec[4];
 	uint8_t U[32];
@@ -373,8 +373,8 @@ PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt,
 	size_t clen;
 
 	/* Compute HMAC state after processing P and S. */
-	HMAC_SHA256_Init(&PShctx, passwd, passwdlen);
-	HMAC_SHA256_Update(&PShctx, salt, saltlen);
+	HMAC_scrypt_SHA256_Init(&PShctx, passwd, passwdlen);
+	HMAC_scrypt_SHA256_Update(&PShctx, salt, saltlen);
 
 	/* Iterate through the blocks. */
 	for (i = 0; i * 32 < dkLen; i++) {
@@ -382,18 +382,18 @@ PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt,
 		be32enc(ivec, (uint32_t)(i + 1));
 
 		/* Compute U_1 = PRF(P, S || INT(i)). */
-		memcpy(&hctx, &PShctx, sizeof(HMAC_SHA256_CTX));
-		HMAC_SHA256_Update(&hctx, ivec, 4);
-		HMAC_SHA256_Final(U, &hctx);
+		memcpy(&hctx, &PShctx, sizeof(HMAC_scrypt_SHA256_CTX));
+		HMAC_scrypt_SHA256_Update(&hctx, ivec, 4);
+		HMAC_scrypt_SHA256_Final(U, &hctx);
 
 		/* T_i = U_1 ... */
 		memcpy(T, U, 32);
 
 		for (j = 2; j <= c; j++) {
 			/* Compute U_j. */
-			HMAC_SHA256_Init(&hctx, passwd, passwdlen);
-			HMAC_SHA256_Update(&hctx, U, 32);
-			HMAC_SHA256_Final(U, &hctx);
+			HMAC_scrypt_SHA256_Init(&hctx, passwd, passwdlen);
+			HMAC_scrypt_SHA256_Update(&hctx, U, 32);
+			HMAC_scrypt_SHA256_Final(U, &hctx);
 
 			/* ... xor U_j ... */
 			for (k = 0; k < 32; k++)
@@ -408,5 +408,5 @@ PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt,
 	}
 
 	/* Clean PShctx, since we never called _Final on it. */
-	memset(&PShctx, 0, sizeof(HMAC_SHA256_CTX));
+	memset(&PShctx, 0, sizeof(HMAC_scrypt_SHA256_CTX));
 }

data/ext/mri/sha256.h

@@ -26,37 +26,37 @@
  * $FreeBSD: src/lib/libmd/sha256.h,v 1.2 2006/01/17 15:35:56 phk Exp $
  */
 
-#ifndef _SHA256_H_
-#define _SHA256_H_
+#ifndef _scrypt_SHA256_H_
+#define _scrypt_SHA256_H_
 
 #include <sys/types.h>
 
 #include <stdint.h>
 
-typedef struct SHA256Context {
+typedef struct scrypt_SHA256Context {
 	uint32_t state[8];
 	uint32_t count[2];
 	unsigned char buf[64];
-} SHA256_CTX;
+} scrypt_SHA256_CTX;
 
-typedef struct HMAC_SHA256Context {
-	SHA256_CTX ictx;
-	SHA256_CTX octx;
-} HMAC_SHA256_CTX;
+typedef struct HMAC_scrypt_SHA256Context {
+	scrypt_SHA256_CTX ictx;
+	scrypt_SHA256_CTX octx;
+} HMAC_scrypt_SHA256_CTX;
 
-void	SHA256_Init(SHA256_CTX *);
-void	SHA256_Update(SHA256_CTX *, const void *, size_t);
-void	SHA256_Final(unsigned char [32], SHA256_CTX *);
-void	HMAC_SHA256_Init(HMAC_SHA256_CTX *, const void *, size_t);
-void	HMAC_SHA256_Update(HMAC_SHA256_CTX *, const void *, size_t);
-void	HMAC_SHA256_Final(unsigned char [32], HMAC_SHA256_CTX *);
+void	scrypt_SHA256_Init(scrypt_SHA256_CTX *);
+void	scrypt_SHA256_Update(scrypt_SHA256_CTX *, const void *, size_t);
+void	scrypt_SHA256_Final(unsigned char [32], scrypt_SHA256_CTX *);
+void	HMAC_scrypt_SHA256_Init(HMAC_scrypt_SHA256_CTX *, const void *, size_t);
+void	HMAC_scrypt_SHA256_Update(HMAC_scrypt_SHA256_CTX *, const void *, size_t);
+void	HMAC_scrypt_SHA256_Final(unsigned char [32], HMAC_scrypt_SHA256_CTX *);
 
 /**
- * PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen):
- * Compute PBKDF2(passwd, salt, c, dkLen) using HMAC-SHA256 as the PRF, and
+ * PBKDF2_scrypt_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen):
+ * Compute PBKDF2(passwd, salt, c, dkLen) using HMAC-scrypt_SHA256 as the PRF, and
  * write the output to buf.  The value dkLen must be at most 32 * (2^32 - 1).
  */
-void	PBKDF2_SHA256(const uint8_t *, size_t, const uint8_t *, size_t,
+void	PBKDF2_scrypt_SHA256(const uint8_t *, size_t, const uint8_t *, size_t,
     uint64_t, uint8_t *, size_t);
 
-#endif /* !_SHA256_H_ */
+#endif /* !_scrypt_SHA256_H_ */

data/lib/scrypt/version.rb

@@ -1,3 +1,3 @@
 module SCrypt
-  VERSION = "1.0.3"
+  VERSION = "1.0.4"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: scrypt
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.0.4
   prerelease: 
 platform: ruby
 authors:
@@ -9,12 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-07-15 00:00:00.000000000 -05:00
-default_executable: 
+date: 2012-04-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &2151879660 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,10 +21,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2151879660
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &2151878380 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -33,7 +37,12 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2151878380
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: ! "    The scrypt key derivation function is designed to be far \n    more
   secure against hardware brute-force attacks than \n    alternative functions such
   as PBKDF2 or bcrypt.\n"
@@ -50,7 +59,7 @@ files:
 - COPYING
 - Gemfile
 - Gemfile.lock
-- README
+- README.md
 - Rakefile
 - Rakefile.old
 - autotest/discover.rb
@@ -69,13 +78,13 @@ files:
 - ext/mri/sha256.c
 - ext/mri/sha256.h
 - ext/mri/sysendian.h
+- kdf-comparison.png
 - lib/scrypt.rb
 - lib/scrypt/version.rb
 - scrypt.gemspec
 - spec/scrypt/engine_spec.rb
 - spec/scrypt/password_spec.rb
 - spec/spec_helper.rb
-has_rdoc: true
 homepage: ''
 licenses: []
 post_install_message: 
@@ -90,7 +99,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2866022726436582212
+      hash: 194968761822727959
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -99,10 +108,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2866022726436582212
+      hash: 194968761822727959
 requirements: []
 rubyforge_project: scrypt
-rubygems_version: 1.6.2
+rubygems_version: 1.8.21
 signing_key: 
 specification_version: 3
 summary: scrypt password hashing algorithm.

data/README

@@ -1,42 +0,0 @@
-= scrypt
-
-The scrypt key derivation function is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt.
-
-* http://www.tarsnap.com/scrypt.html
-* http://github.com/pbhogan/scrypt
-
-== Why you should use scrypt
-
-The designers of scrypt estimate that on modern (2009) hardware, if 5 seconds are spent computing a derived key, the cost of a hardware brute-force attack against scrypt is roughly 4000 times greater than the cost of a similar attack against bcrypt (to find the same password), and 20000 times greater than a similar attack against PBKDF2.
-
-== How to install scrypt
-
-  gem install scrypt
-
-== How to use scrypt
-
-It works pretty similarly to ruby-bcrypt with a few minor differences, especially where the cost factor is concerned.
-
-	include "scrypt"
-
-	# hash a user's password
-	@password = Password.create("my grand secret")
-	@password #=> "2000$8$1$f5f2fa5fe5484a7091f1299768fbe92b5a7fbc77$6a385f22c54d92c314b71a4fd5ef33967c93d679"
-
-	# store it safely
-	@user.update_attribute(:password, @password)
-
-	# read it back
-	@user.reload!
-	@db_password = Password.new(@user.password)
-
-	# compare it after retrieval
-	@db_password == "my grand secret" #=> true
-	@db_password == "a paltry guess"  #=> false
-
-Password.create takes three options which will determine the cost limits of the computation.
-* :max_time specifies the maximum number of seconds the computation should take.
-* :max_mem specifies the maximum number of bytes the computation should take. A value of 0 specifies no upper limit. The minimum is always 1 MB.
-* :max_memfrac specifies the maximum memory in a fraction of available resources to use. Any value equal to 0 or greater than 0.5 will result in 0.5 being used.
-
-Default options will result in calculation time of approx. 200 ms with 1 MB memory use.