Class: CryptCheckpass
- Inherits:
-
Object
- Object
- CryptCheckpass
- Defined in:
- lib/crypt_checkpass/api.rb
Overview
Mother of all KDF classes.
Subclasses of this are expected to implement the following 4 class methods:
subclass.provide?(id)
subclass.newhash(pass, id: id, ...)
subclass.understand?(hash)
subclass.checkpass?(pass, hash)
If a subclass's provide?
returns true
for an id, then that class is
responsible for generating new hash of that id. Likewise if understand?
returns true
for a hash, that should be able to checkpass.
Caveats:
- You don't have to provide all of those methods. It is completely reasonable to have a hash that is unable to generate new one, but still able to check existing ones.
Defined Under Namespace
Classes: Argon2, Bcrypt, PBKDF2, SHA2, Scrypt
API entry points collapse
-
.crypt_checkpass?(pass, hash) ⇒ true, false
Parses what the given hash is, apply the same hashing against pass, then compares the hashed pass and the given hash.
-
.crypt_newhash(password, pref = nil, id: nil, **kwargs) ⇒ Object
Generates new password hashes.
Inteacts with subclasses collapse
-
.checkpass?(pass, hash) ⇒ true, false
Checks if the given password matches the hash.
-
.newhash ⇒ String
Generate a new password hash string.
-
.provide?(id) ⇒ true, false
Checks if the given ID can be handled by this class.
-
.understand?(str) ⇒ true, false
Checks if the given hash string can be handled by this class.
Class Method Details
.checkpass?(pass, hash) ⇒ true, false
Checks if the given password matches the hash.
107 108 109 |
# File 'lib/crypt_checkpass/api.rb', line 107 def checkpass? pass, hash return false # default false end |
.crypt_checkpass?(pass, hash) ⇒ true, false
Parses what the given hash is, apply the same hashing against pass, then compares the hashed pass and the given hash.
54 55 56 57 |
# File 'lib/crypt_checkpass/api.rb', line 54 def crypt_checkpass? pass, hash kdf = find_kdf_by_string hash return kdf.checkpass? pass, hash end |
.crypt_newhash(password, perf) ⇒ String .crypt_newhash(password, id: , **kwargs) ⇒ String
Generates new password hashes. The provided password is randomly salted, then hashed using the parameter.
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/crypt_checkpass/api.rb', line 60 def crypt_newhash password, pref = nil, id: nil, **kwargs raise ArgumentError, <<-"end".strip if pref && id wrong number of arguments (given 2, expected 1) end raise ArgumentError, <<-"end".strip, kwargs.keys if pref &&! kwargs.empty? unknown key: %p end if pref then require_relative 'bcrypt' return CryptCheckpass::Bcrypt.new_with_openbsd_pref password, pref else kdf = find_kdf_by_id id return kdf.newhash password, id: id, **kwargs end end |
.newhash ⇒ String
There is no way to specify salt. That's a bad idea.
Generate a new password hash string.
115 116 117 |
# File 'lib/crypt_checkpass/api.rb', line 115 def newhash *; raise 'NOTREACHED' end |
.provide?(id) ⇒ true, false
Checks if the given ID can be handled by this class. A class is free to handle several IDs, like 'argon2i', 'argon2d', ...
87 88 89 |
# File 'lib/crypt_checkpass/api.rb', line 87 def provide? id return false # default false end |
.understand?(str) ⇒ true, false
Checks if the given hash string can be handled by this class.
96 97 98 |
# File 'lib/crypt_checkpass/api.rb', line 96 def understand? str return false # default false end |