SALT_BYTE_SIZE = 32
HASH_BYTE_SIZE = 32
PBKDF2_ITERATIONS = 1000
- DIGEST_ALGORITHM = "sha512"
+ DIGEST_ALGORITHM = "sha512".freeze
def self.create(password)
salt = SecureRandom.base64(SALT_BYTE_SIZE)
hash = self.hash(password, salt, PBKDF2_ITERATIONS, HASH_BYTE_SIZE, DIGEST_ALGORITHM)
- return hash, [DIGEST_ALGORITHM, PBKDF2_ITERATIONS, salt].join("!")
+ [hash, [DIGEST_ALGORITHM, PBKDF2_ITERATIONS, salt].join("!")]
end
def self.check(hash, salt, candidate)
candidate = Digest::MD5.hexdigest(salt + candidate)
end
- return hash == candidate
+ hash == candidate
end
def self.upgrade?(hash, salt)
return true
end
- return false
+ false
end
-private
-
def self.hash(password, salt, iterations, size, algorithm)
digest = OpenSSL::Digest.new(algorithm)
- pbkdf2 = OpenSSL::PKCS5::pbkdf2_hmac(password, salt, iterations, size, digest)
+ pbkdf2 = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, size, digest)
Base64.strict_encode64(pbkdf2)
end
end