Class: Authlogic::CryptoProviders::SCrypt

Inherits:
Object
  • Object
show all
Defined in:
lib/authlogic/crypto_providers/scrypt.rb

Overview

SCrypt is the default provider for Authlogic. It is the only choice in the adaptive hash family that accounts for hardware based attacks by compensating with memory bound as well as cpu bound computational constraints. It offers the same guarantees as BCrypt in the way of one-way, unique and slow.

Decided SCrypt is for you? Just install the scrypt gem:

gem install scrypt

Tell acts_as_authentic to use it:

acts_as_authentic do |c|
  c.crypto_provider = Authlogic::CryptoProviders::SCrypt
end

Constant Summary

DEFAULTS =
{:key_len => 32, :salt_size => 8, :max_time => 0.2, :max_mem => 1024 * 1024, :max_memfrac => 0.5}

Class Attribute Summary collapse

Class Method Summary collapse

Class Attribute Details

.key_lenObject

Key length - length in bytes of generated key, from 16 to 512.



26
27
28
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 26

def key_len
  @key_len ||= DEFAULTS[:key_len]
end

.max_memObject

Max memory - maximum memory usage. The minimum is always 1MB



41
42
43
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 41

def max_mem
  @max_mem ||= DEFAULTS[:max_mem]
end

.max_memfracObject

Max memory fraction - maximum memory out of all available. Always greater than zero and <= 0.5.



46
47
48
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 46

def max_memfrac
  @max_memfrac ||= DEFAULTS[:max_memfrac]
end

.max_timeObject

Max time - maximum time spent in computation



36
37
38
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 36

def max_time
  @max_time ||= DEFAULTS[:max_time]
end

.salt_sizeObject

Salt size - size in bytes of random salt, from 8 to 32



31
32
33
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 31

def salt_size
  @salt_size ||= DEFAULTS[:salt_size]
end

Class Method Details

.encrypt(*tokens) ⇒ Object

Creates an SCrypt hash for the password passed.



51
52
53
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 51

def encrypt(*tokens)
  ::SCrypt::Password.create(join_tokens(tokens), :key_len => key_len, :salt_size => salt_size, :max_mem => max_mem, :max_memfrac => max_memfrac, :max_time => max_time)
end

.matches?(hash, *tokens) ⇒ Boolean

Does the hash match the tokens? Uses the same tokens that were used to encrypt.



56
57
58
59
60
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 56

def matches?(hash, *tokens)
  hash = new_from_hash(hash)
  return false if hash.blank?
  hash == join_tokens(tokens)
end