secure_equals 0.1 → 0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f9883242630ffc2552eb1859d0a0b869f218237b
4
- data.tar.gz: 0222f297a7683a1927b92241e7fde4de2c9618f4
3
+ metadata.gz: 5927c8fe3e0da7b11844ee3499546c021eaccacb
4
+ data.tar.gz: 42aabdfe4e13be7dac50c564be5e4d9d20cd4cc3
5
5
  SHA512:
6
- metadata.gz: 0ba9b81d792b35adcabbe6163debddf1f8107b11c62b5c12d60cba6d4feab8577ae08a15aaea9bfe692712a5fce9d1d8ad84ecb5c2888a616646381ffdad3700
7
- data.tar.gz: e66e06d162ac9d9983533330ea9d9e77d873bbbc4f9e63144dedfd5d196eaf02720a3c7dce13dceacd78618a8a48424731caac22959995ede2ccc63ffc60c9e7
6
+ metadata.gz: dbc5ff2de9dd038988519bbb8658d2fd02c9566f2e9e8af36f2e29dfc1ec19feec77c7856123ce870a28392375542a009171c5de691ad5cdfc1e1cff188c9575
7
+ data.tar.gz: 27b845041fc275b854eaf2b9d7f33e88df7ea42750fd348a0d69b4e4b23251345e811816b2e3ef724330cc8f5aaf9f40dc28d5699bce11c70f7a17b4e72880ba
data/.gitignore ADDED
@@ -0,0 +1 @@
1
+ *.gem
data/lib/secure_equals.rb CHANGED
@@ -9,6 +9,7 @@ module SecureEquals
9
9
  # @return [Boolean] Are the strings the same?
10
10
  #
11
11
  def self.equal?(mine, theirs)
12
+ return false if mine.nil? || theirs.nil?
12
13
  mine = mine.to_str
13
14
  theirs = theirs.to_str
14
15
  return false unless mine.length == theirs.length
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "secure_equals"
3
- s.version = "0.1"
3
+ s.version = "0.2"
4
4
  s.platform = Gem::Platform::RUBY
5
5
  s.author = "Conrad Irwin"
6
6
  s.email = "conrad.irwin@gmail.com"
@@ -42,39 +42,37 @@ class Box
42
42
 
43
43
  class Secure < Box
44
44
  def guess(str)
45
- SecureEquals.same? @secret, str
45
+ SecureEquals.equal? @secret, str
46
46
  end
47
47
  end
48
48
  end
49
49
 
50
50
  def brute_force(box, trials)
51
51
  scores = []
52
- 1.times do
53
- guess = '0' * 32
54
- (0..32).each do |pos|
55
- max = 0
56
- result = nil
57
- this_time = guess.dup
58
- 'abcdef0123456789'.each_char do |letter|
59
- this_time[pos] = letter
60
- time = Hitimes::Interval.measure do
61
- trials.times{ box.guess this_time }
62
- end
63
- if time > max
64
- max = time
65
- result = letter
66
- end
52
+ guess = '0' * 32
53
+ (0..32).each do |pos|
54
+ max = 0
55
+ result = nil
56
+ this_time = guess.dup
57
+ 'abcdef0123456789'.each_char do |letter|
58
+ this_time[pos] = letter
59
+ time = Hitimes::Interval.measure do
60
+ trials.times{ box.guess this_time }
61
+ end
62
+ if time > max
63
+ max = time
64
+ result = letter
67
65
  end
68
- guess[pos] = result
69
66
  end
70
- scores << box.score(guess)
67
+ guess[pos] = result
71
68
  end
69
+ scores << box.score(guess)
72
70
 
73
- puts "average: #{scores.inject(&:+) / scores.size}"
71
+ puts "#{box.class} average: #{scores.inject(&:+) / scores.size}"
74
72
  end
75
73
 
76
74
  10.times do
77
75
  brute_force Box::Weak.new, 1000
78
- brute_force Box::Standard.new, 100000
79
- brute_force Box::Secure.new, 1000000
76
+ brute_force Box::Standard.new, 1000
77
+ brute_force Box::Secure.new, 1000
80
78
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure_equals
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.1'
4
+ version: '0.2'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Conrad Irwin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-11-11 00:00:00.000000000 Z
11
+ date: 2013-12-11 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Constant time equality (also known as time insensitive equality) lets
14
14
  you compare user-provided strings with secrets in a way that does not leak data
@@ -18,6 +18,7 @@ executables: []
18
18
  extensions: []
19
19
  extra_rdoc_files: []
20
20
  files:
21
+ - .gitignore
21
22
  - README.md
22
23
  - lib/secure_equals.rb
23
24
  - secure_equals.gemspec