Giter Club home page Giter Club logo

armor's Introduction

Armor

Shield's partner in crime.

Description

Armor is a pure Ruby implementation of PBKDF2, a password-based key derivation function recommended for the protection of electronically-stored data.

Basic Use

Simply pass in the password and salt, and you'll get the derived key, i.e.

result = Armor.digest("password1", "salt")

# You can now store this in your database, together with your salt.
User.create(email: "[email protected]", crypted_password: result, salt: "salt")

# Or you can do it shield style and compress the password into one
# field by utilizing a constant length salt, e.g.
salt = SecureRandom.hex(32) # 64 characters
result = Armor.digest("password1", salt)

User.create(email: "[email protected]", crypted_password: result + salt)

Advanced Usage

Armor comes with some very sane defaults, namely:

  1. Number of iterations:

    ENV['ARMOR_ITER'] || 5000

  2. Hashing function to be used:

    ENV['ARMOR_HASH'] || 'sha512'

This line will run your app in a different configuration:

$ ARMOR_HASH=sha1 ARMOR_ITER=50_000 rackup

Measuring the target slowness

So the main reason for PBKDF2 is to slow down the hashing function. Normally you would measure the desired average time delay that you want, i.e. 50ms.

For this, you can use the command line tool to quickly estimate a good iteration value:

$ armor 5000
Iterations: 5000, Time: 0.12

$ armor 10000
Iterations: 10000, Time: 0.24

$ armor 20000
Iterations: 20000, Time: 0.48

Installation

As usual, you can install it using rubygems.

$ gem install armor

armor's People

Contributors

cyx avatar soveran avatar iankits avatar frodsan avatar

Watchers

avatar James Cloos avatar Ankit Singh avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.