X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/56fd5c4d90c7d3757fb97ff16c40aaa307ae1d22..870e9e41e3c2b23b8b5e6730d91ea9ad1c89463d:/lib/password_hash.rb?ds=sidebyside diff --git a/lib/password_hash.rb b/lib/password_hash.rb index 5adfc7a34..c65df2c4f 100644 --- a/lib/password_hash.rb +++ b/lib/password_hash.rb @@ -6,13 +6,13 @@ require "digest/md5" module PasswordHash SALT_BYTE_SIZE = 32 HASH_BYTE_SIZE = 32 - PBKDF2_ITERATIONS = 1000 - DIGEST_ALGORITHM = "sha512" + PBKDF2_ITERATIONS = 10000 + DIGEST_ALGORITHM = "sha512".freeze def self.create(password) salt = SecureRandom.base64(SALT_BYTE_SIZE) hash = self.hash(password, salt, PBKDF2_ITERATIONS, HASH_BYTE_SIZE, DIGEST_ALGORITHM) - return hash, [DIGEST_ALGORITHM, PBKDF2_ITERATIONS, salt].join("!") + [hash, [DIGEST_ALGORITHM, PBKDF2_ITERATIONS, salt].join("!")] end def self.check(hash, salt, candidate) @@ -26,7 +26,7 @@ module PasswordHash candidate = Digest::MD5.hexdigest(salt + candidate) end - return hash == candidate + hash == candidate end def self.upgrade?(hash, salt) @@ -42,14 +42,12 @@ module PasswordHash return true end - return false + false end -private - def self.hash(password, salt, iterations, size, algorithm) digest = OpenSSL::Digest.new(algorithm) - pbkdf2 = OpenSSL::PKCS5::pbkdf2_hmac(password, salt, iterations, size, digest) + pbkdf2 = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, size, digest) Base64.strict_encode64(pbkdf2) end end