lib/blind_index.rb in blind_index-0.3.0 vs lib/blind_index.rb in blind_index-0.3.2
- old
+ new
@@ -13,11 +13,12 @@
end
self.default_options = {
iterations: 10000,
algorithm: :pbkdf2_hmac,
insecure_key: false,
- encode: true
+ encode: true,
+ cost: {}
}
def self.generate_bidx(value, key:, **options)
options = default_options.merge(options)
@@ -37,20 +38,26 @@
raise BlindIndex::Error, "Key must be 32 bytes" if key.bytesize != 32
end
# gist to compare algorithm results
# https://gist.github.com/ankane/fe3ac63fbf1c4550ee12554c664d2b8c
+ cost_options = options[:cost]
+
value =
case algorithm
when :scrypt
- # n, p (keep r at 8)
- SCrypt::Engine.scrypt(value.to_s, key, 4096, 8, 1, 32)
+ n = cost_options[:n] || 4096
+ r = cost_options[:r] || 8
+ cp = cost_options[:p] || 1
+ SCrypt::Engine.scrypt(value.to_s, key, n, r, cp, 32)
when :argon2
- # t_cost, m_cost
- [Argon2::Engine.hash_argon2i(value.to_s, key, 2, 12)].pack("H*")
+ t = cost_options[:t] || 3
+ m = cost_options[:m] || 12
+ [Argon2::Engine.hash_argon2i(value.to_s, key, t, m)].pack("H*")
when :pbkdf2_hmac
- OpenSSL::PKCS5.pbkdf2_hmac(value.to_s, key, options[:iterations], 32, "sha256")
+ iterations = cost_options[:iterations] || options[:iterations]
+ OpenSSL::PKCS5.pbkdf2_hmac(value.to_s, key, iterations, 32, "sha256")
else
raise BlindIndex::Error, "Unknown algorithm"
end
encode = options[:encode]
@@ -74,9 +81,11 @@
if defined?(ActiveRecord::TableMetadata)
ActiveRecord::TableMetadata.prepend(BlindIndex::Extensions::TableMetadata)
else
ActiveRecord::PredicateBuilder.singleton_class.prepend(BlindIndex::Extensions::PredicateBuilder)
end
+
+ ActiveRecord::DynamicMatchers::Method.prepend(BlindIndex::Extensions::DynamicMatchers)
unless ActiveRecord::VERSION::STRING.start_with?("5.1.")
ActiveRecord::Validations::UniquenessValidator.prepend(BlindIndex::Extensions::UniquenessValidator)
end
end