Class: Salt

Inherits:

Object

Object
Salt

show all

Defined in:: lib/salt.rb

Overview

Salt Class

Salt encapsulates a password’s salt and provides functionality for password salting and random salt generation.

What is a “password salt”?

A “password salt” is a string that is added to a password string to obscure the password when it is hashed to keep the password hash from being cracked.

See en.wikipedia.org/wiki/Salt_(cryptography)

Setting up a new Salt

This generates a new, random salt, with end placement

s = Salt.new

This creates the salt ‘foobar’, with split placement.

s = Salt.new('foobar')

This generates a new, random salt of length 9, with end placement

s = Salt.new( :new, :end, :length => 9)

s = Salt.new( Salt.generate( 8 ) )

Salting a password

This will salt the password ‘foobar’

s = s.salt('foobar')

What is salt placement?

“salt placement” is where the salt will go in the password. For example, “beginning” salt placement would prepend the salt to the password prior to hashing, and “split” salt placement would prepend the first half and append the second half.

Instance Attribute Summary collapse

#placement ⇒ Object

Returns the value of attribute placement.
#string ⇒ Object

Returns the value of attribute string.

Class Method Summary collapse

.generate_str(length = 8) ⇒ Object

Generate a salt string of the given length (default is 8).

Instance Method Summary collapse

#eql?(salt) ⇒ Boolean

Returns true if the given salt is equivilent to this salt, false otherwise.
#initialize(string = :new, placement = :end, options = {}) ⇒ Salt constructor

Initializes a new Salt instance with the given string and placement.
#salt_password(password) ⇒ Object

Returns the given password, salted.
#to_s ⇒ Object

Returns the salt string.

Constructor Details

#initialize(string = :new, placement = :end, options = {}) ⇒ `Salt`

Initializes a new Salt instance with the given string and placement

See Salt.placement= for placement options

Options:

:length: the length for a new salt. (default is 8)

# File 'lib/salt.rb', line 79

def initialize( string = :new, placement = :end, options = {} )
  @placement  = placement.to_sym
  @string     = (string == :new ? 
                 Salt.generate_str(options[:length] || 8) : string)
end

Instance Attribute Details

#placement ⇒ `Object`

Returns the value of attribute placement.



68
69
70

# File 'lib/salt.rb', line 68

def placement
  @placement
end

#string ⇒ `Object`

Returns the value of attribute string.



67
68
69

# File 'lib/salt.rb', line 67

def string
  @string
end

Class Method Details

.generate_str(length = 8) ⇒ `Object`

Generate a salt string of the given length (default is 8).

# File 'lib/salt.rb', line 122

def self.generate_str(length = 8)
  RandomStringGenerator.new( length, { :lower_alphas => true,
                                       :upper_alphas => true,
                                       :numerals     => true,
                                       :symbols      => true }).generate
end

Instance Method Details

#eql?(salt) ⇒ `Boolean`

Returns true if the given salt is equivilent to this salt, false otherwise

Returns:

(Boolean)



132
133
134

# File 'lib/salt.rb', line 132

def eql?( salt )
  self.to_s.eql?(salt.to_s) && self.placement.eql?(salt.placement)
end

#salt_password(password) ⇒ `Object`

Returns the given password, salted.

# File 'lib/salt.rb', line 97

def salt_password( password )
  case placement.to_sym
  when :end
    password.to_s + string
  when :beginning
    string + password.to_s
  when :split
    string[0...(string.length/2).floor] + password.to_s + string[(string.length/2).floor...string.length]
  else
    raise RuntimeError, "#{placement.to_s} is an invalid salt placement."
  end
end

#to_s ⇒ `Object`

Returns the salt string.

Same as calling Salt#string



115
116
117

# File 'lib/salt.rb', line 115

def to_s
  string.to_s
end