class Authlogic::CryptoProviders::SCrypt
SCrypt
is the default provider for Authlogic
. It is the only choice in the adaptive hash family that accounts for hardware based attacks by compensating with memory bound as well as cpu bound computational constraints. It offers the same guarantees as BCrypt
in the way of one-way, unique and slow.
Decided SCrypt
is for you? Just install the scrypt gem:
gem install scrypt
Tell acts_as_authentic to use it:
acts_as_authentic do |c| c.crypto_provider = Authlogic::CryptoProviders::SCrypt end
Constants
- DEFAULTS
Attributes
Public Class Methods
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 60 def encrypt(*tokens) ::SCrypt::Password.create( join_tokens(tokens), key_len: key_len, salt_size: salt_size, max_mem: max_mem, max_memfrac: max_memfrac, max_time: max_time ) end
Creates an SCrypt
hash for the password passed.
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 34 def key_len @key_len ||= DEFAULTS[:key_len] end
Key length - length in bytes of generated key, from 16 to 512.
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 72 def matches?(hash, *tokens) hash = new_from_hash(hash) return false if hash.blank? hash == join_tokens(tokens) end
Does the hash match the tokens? Uses the same tokens that were used to encrypt.
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 49 def max_mem @max_mem ||= DEFAULTS[:max_mem] end
Max memory - maximum memory usage. The minimum is always 1MB
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 55 def max_memfrac @max_memfrac ||= DEFAULTS[:max_memfrac] end
Max memory fraction - maximum memory out of all available. Always greater than zero and <= 0.5.
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 44 def max_time @max_time ||= DEFAULTS[:max_time] end
Max time - maximum time spent in computation
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 39 def salt_size @salt_size ||= DEFAULTS[:salt_size] end
Salt size - size in bytes of random salt, from 8 to 32
Private Class Methods
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 80 def join_tokens(tokens) tokens.flatten.join end
Source
# File lib/authlogic/crypto_providers/scrypt.rb, line 84 def new_from_hash(hash) ::SCrypt::Password.new(hash) rescue ::SCrypt::Errors::InvalidHash nil end