Class: Authlogic::CryptoProviders::SCrypt

Inherits:
Object
  • Object
show all
Defined in:
lib/authlogic/crypto_providers/scrypt.rb

Overview

SCrypt is the default provider for Authlogic. It is the only choice in the adaptive hash family that accounts for hardware based attacks by compensating with memory bound as well as cpu bound computational constraints. It offers the same guarantees as BCrypt in the way of one-way, unique and slow.

Decided SCrypt is for you? Just install the scrypt gem:

gem install scrypt

Tell acts_as_authentic to use it:

acts_as_authentic do |c|
  c.crypto_provider = Authlogic::CryptoProviders::SCrypt
end

Constant Summary

DEFAULTS =
{:key_len => 32, :salt_size => 8, :max_time => 0.2, :max_mem => 1024 * 1024, :max_memfrac => 0.5}

Class Attribute Summary (collapse)

Class Method Summary (collapse)

Class Attribute Details

+ (Object) key_len

Key length - length in bytes of generated key, from 16 to 512.



26
27
28
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 26

def key_len
  @key_len ||= DEFAULTS[:key_len]
end

+ (Object) max_mem

Max memory - maximum memory usage. The minimum is always 1MB



41
42
43
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 41

def max_mem
  @max_mem ||= DEFAULTS[:max_mem]
end

+ (Object) max_memfrac

Max memory fraction - maximum memory out of all available. Always greater than zero and <= 0.5.



46
47
48
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 46

def max_memfrac
  @max_memfrac ||= DEFAULTS[:max_memfrac]
end

+ (Object) max_time

Max time - maximum time spent in computation



36
37
38
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 36

def max_time
  @max_time ||= DEFAULTS[:max_time]
end

+ (Object) salt_size

Salt size - size in bytes of random salt, from 8 to 32



31
32
33
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 31

def salt_size
  @salt_size ||= DEFAULTS[:salt_size]
end

Class Method Details

+ (Object) encrypt(*tokens)

Creates an SCrypt hash for the password passed.



51
52
53
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 51

def encrypt(*tokens)
  ::SCrypt::Password.create(join_tokens(tokens), :key_len => key_len, :salt_size => salt_size, :max_mem => max_mem, :max_memfrac => max_memfrac, :max_time => max_time)
end

+ (Boolean) matches?(hash, *tokens)

Does the hash match the tokens? Uses the same tokens that were used to encrypt.



56
57
58
59
60
# File 'lib/authlogic/crypto_providers/scrypt.rb', line 56

def matches?(hash, *tokens)
  hash = new_from_hash(hash)
  return false if hash.blank?
  hash == join_tokens(tokens)
end