RubyGems - yescrypt - Versions diffs - 0.1.0 → 0.1.1 - Mend

yescrypt 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ba0d0c9b88163285669166982ad7cb47cfcd51ad07935b30d5215b51a8c2c8b
-  data.tar.gz: 14f1b653e6c920e6c0f1e973b877c7d146c68006018bddbfcf5728ac33b6aeda
+  metadata.gz: 648cb955d6f312f727144619700da95ec74b380122e5203f203234df414b277c
+  data.tar.gz: f024268f1bcd4ed3a2c3d523d2eaa27b977ccc8d2dd48cd4aed9e6f7b8b7c73f
 SHA512:
-  metadata.gz: 412ec3b20fd3180dfac8fe5e8b5851d645027055f9f9752056059f1fb6443febec4969498b4061500e4f2664503ce41c2bebdc4590c966a239422c8e565054b8
-  data.tar.gz: 45314045bb1f25679b68336b17aa4a59e9bfa5725ef8ca5c9548bfed2d91d9b4330f1deeb34b596ee70579c98e277334bc48268b406f96865552891e33bd4e76
+  metadata.gz: ab7dcba572745b004d72426567811fbc1acacd61c86f72e58e5d406b9e94e7863e449724159eae24157b5b4a56f114f12742de77bc5207db6c9a4bb5e63f9e8e
+  data.tar.gz: f2592cedcdcdfd67c6fc216041783b0ed60664b7f17fa7a41d0eabe07f7a6842c2519664b203013a4ad3e07db54a6fcd1c4e42f3851490a774525e21dbbc2642

data/lib/yescrypt/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Yescrypt
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/lib/yescrypt.rb CHANGED Viewed

@@ -37,11 +37,7 @@ module Yescrypt
       return false unless hash.start_with?("$y$")
       rehash = _hash_password(password, hash)
-      begin
-        OpenSSL.fixed_length_secure_compare(rehash, hash)
-      rescue ArgumentError
-        false
-      end
+      secure_compare(rehash, hash)
     rescue Error
       false
     end
@@ -63,6 +59,23 @@ module Yescrypt
         params[:flags] == opts[:flags]
     end
+    private
+    def secure_compare(a, b)
+      return false unless a.bytesize == b.bytesize
+      if OpenSSL.respond_to?(:fixed_length_secure_compare)
+        OpenSSL.fixed_length_secure_compare(a, b)
+      else
+        l = a.unpack("C*")
+        r = 0
+        b.each_byte { |v| r |= v ^ l.shift }
+        r == 0
+      end
+    end
+    public
     # Returns the default parameter hash, derived from constants defined in C.
     def default_params
       DEFAULT_PARAMS

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: yescrypt
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Suleyman Musayev