From e11af13b12413bfa029d89f1333790e03bae3772 Mon Sep 17 00:00:00 2001
From: Sam <sam@ubuntu.(none)>
Date: Fri, 8 Mar 2013 05:54:40 -0800
Subject: [PATCH] add fast xor, we need really fast xor to keep our password
 function honest.

---
 Gemfile       | 1 +
 Gemfile.lock  | 6 ++++++
 lib/pbkdf2.rb | 4 +++-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 0c1ade10891..b1f58366cdd 100644
--- a/Gemfile
+++ b/Gemfile
@@ -17,6 +17,7 @@ gem 'clockwork', require: false
 gem 'em-redis'
 gem 'eventmachine'
 gem 'fast_xs'
+gem 'fast_xor'
 gem 'fastimage'
 gem 'fog', require: false
 gem 'has_ip_address'
diff --git a/Gemfile.lock b/Gemfile.lock
index 927b70c1770..977aba11156 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -169,6 +169,9 @@ GEM
     fakeweb (1.3.0)
     faraday (0.8.5)
       multipart-post (~> 1.1)
+    fast_xor (1.1.1)
+      rake
+      rake-compiler
     fast_xs (0.8.0)
     fastimage (1.2.13)
     ffi (1.3.1)
@@ -344,6 +347,8 @@ GEM
       rdoc (~> 3.4)
       thor (>= 0.14.6, < 2.0)
     rake (10.0.3)
+    rake-compiler (0.8.3)
+      rake
     rb-fsevent (0.9.3)
     rb-inotify (0.8.8)
       ffi (>= 0.5.0)
@@ -477,6 +482,7 @@ DEPENDENCIES
   eventmachine
   fabrication
   fakeweb (~> 1.3.0)
+  fast_xor
   fast_xs
   fastimage
   fog
diff --git a/lib/pbkdf2.rb b/lib/pbkdf2.rb
index 9027edbb014..553841ef1b3 100644
--- a/lib/pbkdf2.rb
+++ b/lib/pbkdf2.rb
@@ -9,6 +9,7 @@
 # 3. It does not monkey patch string
 
 require 'openssl'
+require 'xor'
 
 class Pbkdf2
   
@@ -20,7 +21,7 @@ class Pbkdf2
 
     2.upto(iterations) do 
      u = prf(h, password, u)
-     ret = xor(ret, u)
+     ret.xor!(u) 
     end
 
     ret.bytes.map{|b| ("0" + b.to_s(16))[-2..-1]}.join("")
@@ -28,6 +29,7 @@ class Pbkdf2
 
   protected 
 
+  # fallback xor in case we need it for jruby ... way slower
   def self.xor(x,y)
     x.bytes.zip(y.bytes).map{|x,y| x ^ y}.pack('c*')
   end