(MODULES-1737) Add pw_hash() function

[elyscape]

As per MODULES-1737, this PR provides a method of generating password hashes. Tests coming.

[elyscape]

Tests added.

[elyscape]

Rebased onto master, so tests should pass soon.

[cyberious]

Please update to have graceful failure on unsupported platforms for this function. They way it is currently written if attempted on Windows it will fail hard.

[hunner]

Why is this not just module String def crypt ... or something?

[elyscape]

I could change it to that. It was based on some code I found elsewhere to work around this issue.

[elyscape]

@cyberious I'm not sure what you mean. Ruby provides a basic implementation of String#crypt() on Windows, albeit one that only offers the default DES hashing scheme.

[daenney]

Why are we only salting on the JVM?

[elyscape]

We salt everywhere. See line 42. This just checks for a faulty String#crypt implementation that doesn't support extended hashes, which is known to exist in older versions of JRuby, and overrides it with a proper Java implementation of crypt(). This weak implementation also exists on MRI on Windows, but we don't have a proper Java implementation under that scenario. I could change this to fail if the implementation is weak and we're not on Java, though. That seems like it would probably be a good idea.

[elyscape]

Documentation and checking for unsupported platforms has been added. Working on a spec test for unsupported platforms now.

[elyscape]

Spec test is in. Pinging @daenney, @cyberious, and @hunner for review. If the review is positive, I'll squash the commits together.

[igalic]

why do we even implement hashes which we don't recommend?
why not make this the third, optional argument?

[daenney]

There's a difference between "you shouldn't use this" and "we recommend you to use the strongest one".

[elyscape]

Rebased onto master and squashed.

[daenney]

Can we do this the other way around?

User-understanding wise I much prefer: pw_hash('lalalala', 'sha-256', 'oseatnoirsentaiore') over pw_hash('lalalala', '5', 'oseatnoirsentaiore').

The first case I can immediately see what's going on. The second case I need to look up some implementation detail around specifiers to understand what type of hash this function call will be computing.

[elyscape]

Sure. Give me a few minutes to make the change.

[elyscape]

@daenney How's it look now?

[daenney]

Much better but the tests are red.

the pw_hash function
should return nil if the first argument is empty (FAILED - 1)
should raise an ArgumentError if the second argument is an invalid hash type (FAILED - 2)
should raise an ArgumentError if the third argument is not a string (FAILED - 3)
should raise an ArgumentError if the third argument is empty (FAILED - 4)
should raise an ArgumentError if the third argument has invalid characters (FAILED - 5)
should fail on platforms with weak implementations of String#crypt (FAILED - 6)
should return a hashed password (FAILED - 7)
should use the specified salt (FAILED - 8)
should use the specified hash type (FAILED - 9)
should generate a valid hash (FAILED - 10)

[elyscape]

@daenney I knew I forgot to do something! Fixed.

[daenney]

@hunner @cyberious I'm okay with this. Up to you now.