class Sequel::Plugins::Password::PBKDF2Hasher

PBKDF2Hasher implements a PBKDF2 password hasher using 24000 iterations by default.

Public Class Methods

new() click to toggle source
# File lib/sequel_password/hashers.rb, line 63
def initialize
  @algorithm = :pbkdf2_sha256
  @iterations = 24_000
  @digest = OpenSSL::Digest::SHA256.new
end

Public Instance Methods

encode(password, salt, iterations = nil) click to toggle source
# File lib/sequel_password/hashers.rb, line 69
def encode(password, salt, iterations = nil)
  iterations = @iterations if iterations.nil?
  hash = PBKDF2.new(password: password, salt: salt,
                    iterations: iterations, hash_function: @digest)
  hash = Base64.strict_encode64(hash.value)
  "#{@algorithm}$#{iterations}$#{salt}$#{hash}"
end
must_update(encoded) click to toggle source
# File lib/sequel_password/hashers.rb, line 83
def must_update(encoded)
  _, iterations, = encoded.split('$', 4)
  iterations.to_i != @iterations
end
verify(password, encoded) click to toggle source
# File lib/sequel_password/hashers.rb, line 77
def verify(password, encoded)
  _, iterations, salt, = encoded.split('$', 4)
  hash = encode(password, salt, iterations.to_i)
  constant_time_compare(encoded, hash)
end