class BCrypt::Engine

A Ruby wrapper for the bcrypt() C extension calls and the Java calls.

Constants

BCRYPT_MAXSALT
BCRYPT_OUTPUT_SIZE
BCRYPT_SALT_OUTPUT_SIZE
DEFAULT_COST

The default computational expense parameter.

MAX_SALT_LENGTH

Maximum possible size of bcrypt() salts.

MIN_COST

The minimum cost supported by the algorithm.

Public Class Methods

__bc_crypt(key, salt, cost) click to toggle source
# File lib/bcrypt_engine.rb, line 26
def self.__bc_crypt(key, salt, cost)
  buffer_out = FFI::Buffer.alloc_out(BCRYPT_OUTPUT_SIZE, 1)
  out = ruby_bcrypt(buffer_out, key || "", salt)
  buffer_out.free
  out && out.any? ? out : nil
end
__bc_salt(cost, seed) click to toggle source
# File lib/bcrypt_engine.rb, line 16
def self.__bc_salt(cost, seed)
  buffer_out = FFI::Buffer.alloc_out(BCRYPT_SALT_OUTPUT_SIZE, 1)
  seed_ptr = FFI::MemoryPointer.new(:uint8, BCRYPT_MAXSALT)
  seed.bytes.to_a.each_with_index { |b, i| seed_ptr.int8_put(i, b) }
  out = ruby_bcrypt_gensalt(buffer_out, cost, seed_ptr)
  seed_ptr.free
  buffer_out.free
  out || ""
end
autodetect_cost(salt) click to toggle source

Autodetects the cost from the salt string.

# File lib/bcrypt.rb, line 113
def self.autodetect_cost(salt)
  salt[4..5].to_i
end
calibrate(upper_time_limit_in_ms) click to toggle source

Returns the cost factor which will result in computation times less than upper_time_limit_in_ms.

Example:

BCrypt.calibrate(200)  #=> 10
BCrypt.calibrate(1000) #=> 12

# should take less than 200ms
BCrypt::Password.create("woo", :cost => 10)

# should take less than 1000ms
BCrypt::Password.create("woo", :cost => 12)
# File lib/bcrypt.rb, line 103
def self.calibrate(upper_time_limit_in_ms)
  40.times do |i|
    start_time = Time.now
    Password.create("testing testing", :cost => i+1)
    end_time = Time.now - start_time
    return i if end_time * 1_000 > upper_time_limit_in_ms
  end
end
generate_salt(cost = DEFAULT_COST) click to toggle source

Generates a random salt with a given computational cost.

# File lib/bcrypt.rb, line 64
def self.generate_salt(cost = DEFAULT_COST)
  cost = cost.to_i
  if cost > 0
    if cost < MIN_COST
      cost = MIN_COST
    end
    if RUBY_PLATFORM == "java"
      Java.bcrypt_jruby.BCrypt.gensalt(cost)
    else
      prefix = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
      __bc_salt(prefix, cost, OpenSSL::Random.random_bytes(MAX_SALT_LENGTH))
    end
  else
    raise Errors::InvalidCost.new("cost must be numeric and > 0")
  end
end
hash_secret(secret, salt, cost = nil) click to toggle source

Given a secret and a valid salt (see ::generate_salt) calculates a bcrypt() password hash.

# File lib/bcrypt.rb, line 43
def self.hash_secret(secret, salt, cost = nil)
  if valid_secret?(secret)
    if valid_salt?(salt)
      if cost.nil?
        cost = autodetect_cost(salt)
      end

      if RUBY_PLATFORM == "java"
        Java.bcrypt_jruby.BCrypt.hashpw(secret.to_s, salt.to_s)
      else
        __bc_crypt(secret.to_s, salt)
      end
    else
      raise Errors::InvalidSalt.new("invalid salt")
    end
  else
    raise Errors::InvalidSecret.new("invalid secret")
  end
end
valid_salt?(salt) click to toggle source

Returns true if salt is a valid bcrypt() salt, false if not.

# File lib/bcrypt.rb, line 82
def self.valid_salt?(salt)
  !!(salt =~ %r^\$[0-9a-z]{2,}\$[0-9]{2,}\$[A-Za-z0-9\.\/]{22,}$/)
end
valid_secret?(secret) click to toggle source

Returns true if secret is a valid bcrypt() secret, false if not.

# File lib/bcrypt.rb, line 87
def self.valid_secret?(secret)
  secret.respond_to?(:to_s)
end