class Authlogic::CryptoProviders::SCrypt

SCrypt is the default provider for Authlogic. It is the only choice in the adaptive hash family that accounts for hardware based attacks by compensating with memory bound as well as cpu bound computational constraints. It offers the same guarantees as BCrypt in the way of one-way, unique and slow.

Decided SCrypt is for you? Just install the scrypt gem:

gem install scrypt

Tell acts_as_authentic to use it:

acts_as_authentic do |c|
  c.crypto_provider = Authlogic::CryptoProviders::SCrypt
end

Constants

DEFAULTS

Attributes

key_len[W]
max_mem[W]
max_memfrac[W]
max_time[W]
salt_size[W]

Public Instance Methods

encrypt(*tokens) click to toggle source

Creates an SCrypt hash for the password passed.

# File lib/authlogic/crypto_providers/scrypt.rb, line 51
def encrypt(*tokens)
  ::SCrypt::Password.create(join_tokens(tokens), :key_len => key_len, :salt_size => salt_size, :max_mem => max_mem, :max_memfrac => max_memfrac, :max_time => max_time)
end
key_len() click to toggle source

Key length - length in bytes of generated key, from 16 to 512.

# File lib/authlogic/crypto_providers/scrypt.rb, line 26
def key_len
  @key_len ||= DEFAULTS[:key_len]
end
matches?(hash, *tokens) click to toggle source

Does the hash match the tokens? Uses the same tokens that were used to encrypt.

# File lib/authlogic/crypto_providers/scrypt.rb, line 56
def matches?(hash, *tokens)
  hash = new_from_hash(hash)
  return false if hash.blank?
  hash == join_tokens(tokens)
end
max_mem() click to toggle source

Max memory - maximum memory usage. The minimum is always 1MB

# File lib/authlogic/crypto_providers/scrypt.rb, line 41
def max_mem
  @max_mem ||= DEFAULTS[:max_mem]
end
max_memfrac() click to toggle source

Max memory fraction - maximum memory out of all available. Always greater than zero and <= 0.5.

# File lib/authlogic/crypto_providers/scrypt.rb, line 46
def max_memfrac
  @max_memfrac ||= DEFAULTS[:max_memfrac]
end
max_time() click to toggle source

Max time - maximum time spent in computation

# File lib/authlogic/crypto_providers/scrypt.rb, line 36
def max_time
  @max_time ||= DEFAULTS[:max_time]
end
salt_size() click to toggle source

Salt size - size in bytes of random salt, from 8 to 32

# File lib/authlogic/crypto_providers/scrypt.rb, line 31
def salt_size
  @salt_size ||= DEFAULTS[:salt_size]
end

Private Instance Methods

join_tokens(tokens) click to toggle source
# File lib/authlogic/crypto_providers/scrypt.rb, line 63
def join_tokens(tokens)
  tokens.flatten.join
end
new_from_hash(hash) click to toggle source
# File lib/authlogic/crypto_providers/scrypt.rb, line 67
def new_from_hash(hash)
  begin
    ::SCrypt::Password.new(hash)
  rescue ::SCrypt::Errors::InvalidHash
    return nil
  end
end