X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/ef7f3d800cbdd49b692df10d312e5fd880e2e938..ac9319f4d4568068d7b58fe47454b45bd11896ed:/lib/password_hash.rb

diff --git a/lib/password_hash.rb b/lib/password_hash.rb
index fe618ba7a..9f77fdc0d 100644
--- a/lib/password_hash.rb
+++ b/lib/password_hash.rb
@@ -6,8 +6,8 @@ require "digest/md5"
 module PasswordHash
   SALT_BYTE_SIZE = 32
   HASH_BYTE_SIZE = 32
-  PBKDF2_ITERATIONS = 1000
-  DIGEST_ALGORITHM = "sha512"
+  PBKDF2_ITERATIONS = 10000
+  DIGEST_ALGORITHM = "sha512".freeze
 
   def self.create(password)
     salt = SecureRandom.base64(SALT_BYTE_SIZE)
@@ -18,7 +18,7 @@ module PasswordHash
   def self.check(hash, salt, candidate)
     if salt.nil?
       candidate = Digest::MD5.hexdigest(candidate)
-    elsif salt =~ /!/
+    elsif salt.match?(/!/)
       algorithm, iterations, salt = salt.split("!")
       size = Base64.strict_decode64(hash).length
       candidate = self.hash(candidate, salt, iterations.to_i, size, algorithm)
@@ -32,7 +32,7 @@ module PasswordHash
   def self.upgrade?(hash, salt)
     if salt.nil?
       return true
-    elsif salt =~ /!/
+    elsif salt.match?(/!/)
       algorithm, iterations, salt = salt.split("!")
       return true if Base64.strict_decode64(salt).length != SALT_BYTE_SIZE
       return true if Base64.strict_decode64(hash).length != HASH_BYTE_SIZE
@@ -45,8 +45,6 @@ module PasswordHash
     false
   end
 
-  private
-
   def self.hash(password, salt, iterations, size, algorithm)
     digest = OpenSSL::Digest.new(algorithm)
     pbkdf2 = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, size, digest)