A Ruby wrapper for the bcrypt() C extension calls and the Java calls.
The default computational expense parameter.
Maximum possible size of bcrypt() salts.
The minimum cost supported by the algorithm.
# File lib/bcrypt_engine.rb, line 26 def self.__bc_crypt(key, salt, cost) buffer_out = FFI::Buffer.alloc_out(BCRYPT_OUTPUT_SIZE, 1) out = ruby_bcrypt(buffer_out, key || "", salt) buffer_out.free out && out.any? ? out : nil end
# File lib/bcrypt_engine.rb, line 16 def self.__bc_salt(cost, seed) buffer_out = FFI::Buffer.alloc_out(BCRYPT_SALT_OUTPUT_SIZE, 1) seed_ptr = FFI::MemoryPointer.new(:uint8, BCRYPT_MAXSALT) seed.bytes.to_a.each_with_index { |b, i| seed_ptr.int8_put(i, b) } out = ruby_bcrypt_gensalt(buffer_out, cost, seed_ptr) seed_ptr.free buffer_out.free out || "" end
Autodetects the cost from the salt string.
# File lib/bcrypt.rb, line 113 def self.autodetect_cost(salt) salt[4..5].to_i end
Returns the cost factor which will result in computation times less than
upper_time_limit_in_ms
.
Example:
BCrypt.calibrate(200) #=> 10 BCrypt.calibrate(1000) #=> 12 # should take less than 200ms BCrypt::Password.create("woo", :cost => 10) # should take less than 1000ms BCrypt::Password.create("woo", :cost => 12)
# File lib/bcrypt.rb, line 103 def self.calibrate(upper_time_limit_in_ms) 40.times do |i| start_time = Time.now Password.create("testing testing", :cost => i+1) end_time = Time.now - start_time return i if end_time * 1_000 > upper_time_limit_in_ms end end
Generates a random salt with a given computational cost.
# File lib/bcrypt.rb, line 64 def self.generate_salt(cost = DEFAULT_COST) cost = cost.to_i if cost > 0 if cost < MIN_COST cost = MIN_COST end if RUBY_PLATFORM == "java" Java.bcrypt_jruby.BCrypt.gensalt(cost) else prefix = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW" __bc_salt(prefix, cost, OpenSSL::Random.random_bytes(MAX_SALT_LENGTH)) end else raise Errors::InvalidCost.new("cost must be numeric and > 0") end end
Given a secret and a valid salt (see ::generate_salt) calculates a bcrypt() password hash.
# File lib/bcrypt.rb, line 43 def self.hash_secret(secret, salt, cost = nil) if valid_secret?(secret) if valid_salt?(salt) if cost.nil? cost = autodetect_cost(salt) end if RUBY_PLATFORM == "java" Java.bcrypt_jruby.BCrypt.hashpw(secret.to_s, salt.to_s) else __bc_crypt(secret.to_s, salt) end else raise Errors::InvalidSalt.new("invalid salt") end else raise Errors::InvalidSecret.new("invalid secret") end end
Returns true if salt
is a valid bcrypt() salt, false if not.
# File lib/bcrypt.rb, line 82 def self.valid_salt?(salt) !!(salt =~ %r^\$[0-9a-z]{2,}\$[0-9]{2,}\$[A-Za-z0-9\.\/]{22,}$/) end
Returns true if secret
is a valid bcrypt() secret, false if
not.
# File lib/bcrypt.rb, line 87 def self.valid_secret?(secret) secret.respond_to?(:to_s) end