class Crypto::Bcrypt
Overview
Pure Crystal implementation of the Bcrypt algorithm by Niels Provos and David Mazières, as presented at USENIX in 1999.
The algorithm has a maximum password length limit of 71 characters (see this comment on stackoverflow).
Refer to Crypto::Bcrypt::Password for a higher level interface.
About the Cost
Bcrypt, like the PBKDF2 or scrypt ciphers, are designed to be slow, so generating rainbow tables or cracking passwords is nearly impossible. Yet, computers are always getting faster and faster, so the actual cost must be incremented every once in a while. Always use the maximum cost that is tolerable, performance wise, for your application. Be sure to test and select this based on your server, not your home computer.
This implementation of Bcrypt is currently 50% slower than pure C solutions, so keep this in mind when selecting your cost. It may be wise to test with Ruby's bcrypt gem which is a binding to OpenBSD's implementation.
Last but not least: beware of denial of services! Always protect your application using an external strategy (eg: rate limiting), otherwise endpoints that verifies bcrypt hashes will be an easy target.
Defined in:
crypto/bcrypt.crConstant Summary
- 
        COST_RANGE = 4..31
- 
        DEFAULT_COST = 11
- 
        PASSWORD_RANGE = 1..72
- 
        SALT_SIZE = 16
Constructors
- .new(password : String, salt : String, cost = DEFAULT_COST)
- .new(password : Bytes, salt : Bytes, cost = DEFAULT_COST)
Class Method Summary
Instance Method Summary
- #cost : Int32
- #digest
- 
        #inspect(io : IO) : Nil
        
          Appends a String representation of this object which includes its class name, its object address and the values of all instance variables. 
- #password : Bytes
- #salt : Bytes
- 
        #to_s(io : IO) : Nil
        
          Appends a short String representation of this object which includes its class name and its object address. 
- 
        #to_s
        
          Returns a string representation of this object. 
- #to_slice(*args, **options)
- #to_slice(*args, **options, &block)
Instance methods inherited from class Reference
  
  
    
      ==(other : self)==(other : JSON::Any)
==(other : YAML::Any)
==(other) ==, dup dup, hash(hasher) hash, inspect(io : IO) : Nil inspect, object_id : UInt64 object_id, pretty_print(pp) : Nil pretty_print, same?(other : Reference)
same?(other : Nil) same?, to_s(io : IO) : Nil to_s
Constructor methods inherited from class Reference
  
  
    
      new
    new
    
  
    
  
    
  Instance methods inherited from class Object
  
  
    
      !=(other)
    !=, 
    
  
    
      !~(other)
    !~, 
    
  
    
      ==(other)
    ==, 
    
  
    
      ===(other : JSON::Any)===(other : YAML::Any)
===(other) ===, =~(other) =~, class class, dup dup, hash(hasher)
hash hash, inspect(io : IO) : Nil
inspect : String inspect, itself itself, not_nil! not_nil!, pretty_inspect(width = 79, newline = "\n", indent = 0) : String pretty_inspect, pretty_print(pp : PrettyPrint) : Nil pretty_print, tap(&block) tap, to_json(io : IO)
to_json to_json, to_pretty_json(indent : String = " ")
to_pretty_json(io : IO, indent : String = " ") to_pretty_json, to_s : String
to_s(io : IO) : Nil to_s, to_yaml(io : IO)
to_yaml to_yaml, try(&block) try, unsafe_as(type : T.class) forall T unsafe_as
Constructor methods inherited from class Object
  
  
    
      from_json(string_or_io, root : String) : selffrom_json(string_or_io) : self from_json, from_yaml(string_or_io : String | IO) : self from_yaml
Constructor Detail
Class Method Detail
Instance Method Detail
Appends a String representation of this object which includes its class name, its object address and the values of all instance variables.
class Person
  def initialize(@name : String, @age : Int32)
  end
end
Person.new("John", 32).inspect # => #<Person:0x10fd31f20 @name="John", @age=32>Appends a short String representation of this object which includes its class name and its object address.
class Person
  def initialize(@name : String, @age : Int32)
  end
end
Person.new("John", 32).to_s # => #<Person:0x10a199f20>