Hi,

Could you please add release tags to the git repo? It would be useful when building packages and to get notifications of new releases via RSS :)

Thanks :)

Suggestion to add documentation for intended OTP support. Failed to compile for me on 17.1 - worked fine with 17.3.

Can you provide a guide for how to install this plugin on windows?

I've installed MinGW and VS (as the error message says to do) on Windows 10, and it still cannot find nmake. The vcvarsall.bat` command as suggested by the error message cannot be found from the VS developer command prompt.

Building on Ubuntu 14.04 with Erlang 17.5 and Elixir 1.0.4

==> comeonin
could not compile dependency comeonin, mix compile failed. You can recompile this dependency with `mix deps.compile comeonin` or update it with `mix deps.update comeonin`
** (ErlangError) erlang error: :enoent
    (elixir) lib/system.ex:440: System.cmd("make", ["priv/bcrypt_nif.so"], [stderr_to_stdout: true])
    mix.exs:15: Mix.Tasks.Compile.Comeonin.run/1
    (elixir) lib/enum.ex:977: anonymous fn/3 in Enum.map/2
    (elixir) lib/enum.ex:1261: Enum."-reduce/3-lists^foldl/2-0-"/3
    (elixir) lib/enum.ex:977: Enum.map/2
    (mix) lib/mix/tasks/compile.all.ex:15: Mix.Tasks.Compile.All.run/1
    (mix) lib/mix/tasks/compile.ex:64: Mix.Tasks.Compile.run/1
    (mix) lib/mix/tasks/deps.compile.ex:105: anonymous fn/2 in Mix.Tasks.Deps.Compile.do_mix/1

I took a look inside deps/comeonin/priv:

root@7547197e4ffd:~/khronika# ls -al deps/comeonin/priv/
total 8
drwxr-xr-x 2 root root 4096 Apr 25 01:01 .
drwxr-xr-x 5 root root 4096 Apr 25 01:01 ..

There are no files.

Is this a bug?

Potentially related to #48.

I started my day today attempting to install comeonin on a side project I am working on. At that time, I was using OSX 10.10 and gcc-4.9(homebrew). Every time I attempted to mix do deps.get, deps.compile I would get a long error message which terminated like this:

...

/var/folders/cs/2l7gb1tx7rxfr38hk9mrq5080000gn/T//ccgxi170.s:2409:7: error: register %r14 is only available in 64-bit mode
        popq    %r14
                ^~~~
/var/folders/cs/2l7gb1tx7rxfr38hk9mrq5080000gn/T//ccgxi170.s:2411:7: error: register %r15 is only available in 64-bit mode
        popq    %r15
                ^~~~
Makefile:23: recipe for target 'priv/bcrypt_nif.so' failed
make: *** [priv/bcrypt_nif.so] Error 1
==> comeonin

So I said; "maybe I have something thats not up to date installed", and upgraded to gcc-5(homebrew). gcc-5 failed with the same issue.

On a lark, I decided to try compiling with clang(default), and everything compiled fine.

I thought this might be useful to document.

Hex currently has package version 1.5.0 uploaded.

Github appears to be missing a version tag and a changelog notice for 1.5.0.

Thanks, and sorry if you're already working on it!

nvm

After upgrading to 1.2, my tests are running in over a minute, when before they were running under a second.
This is because of the common password checks - when disabled the running time is back to normal. Unfortunately this makes this feature generally unusable to me.
I understand bcrypt is designed to be slow, but such additional slow-downs are far from ideal. Even when running with bcrypt_log_rounds of 12, this adds additional 30% to the execution time.

Hi,

Tyying to compile on Erlang 18.2.1 and Elixir 1.2 and got this error :

== Compilation error on file lib/comeonin/bcrypt.ex ==
** (MatchError) no match of right hand side value: {:error, :on_load_failure}
    (stdlib) erl_eval.erl:669: :erl_eval.do_apply/6


21:18:47.374 [error] Process #PID<0.232.0> raised an exception
** (MatchError) no match of right hand side value: {:error, {:upgrade, 'Upgrade not supported by this NIF library.'}}
    lib/comeonin/bcrypt.ex:45: Comeonin.Bcrypt.init/0
    (kernel) code_server.erl:1674: anonymous fn/1 in :code_server.handle_on_load/4
could not compile dependency :comeonin, "mix compile" failed. You can recompile this dependency with "mix deps.compile comeonin", update it with "mix deps.update comeonin" or clean it with "mix deps.clean comeonin"

21:18:47.378 [warn]  The on_load function for module Elixir.Comeonin.Bcrypt returned {{:badmatch,
  {:error, {:upgrade, 'Upgrade not supported by this NIF library.'}}},
 [{Comeonin.Bcrypt, :init, 0, [file: 'lib/comeonin/bcrypt.ex', line: 45]},
  {:code_server, :"-handle_on_load/4-fun-0-", 1,
   [file: 'code_server.erl', line: 1674]}]}

Environment:
Windows 10 Preview 10162
Elixir 1.0.5
Erlang/OTP 18
Visual Studio Community 2015 RC
When I compile comeonin with mix do deps.get, compile, it gets:
comeonin>mix do deps.get,compile
** (ArgumentError) argument error
(stdlib) :io.put_chars(#PID<0.23.0>, :unicode, [[[], <<13, 10, 77, 105, 99, 114, 111, 115, 111, 102, 116, 32, 40, 82, 41, 32, 179, 204, 208, 242, 206, 172, 187, 164, 202, 181, 211, 195, 185, 164, 190, 223, 32, 49, 52, 46, 48, 48, 46, 50, 50, 56, 49, 54, 46, 48, 32, 176, ...>>], 10])
(elixir) lib/enum.ex:977: anonymous fn/3 in Enum.map/2
(elixir) lib/enum.ex:1261: Enum."-reduce/3-lists^foldl/2-0-"/3
(elixir) lib/enum.ex:977: Enum.map/2
(mix) lib/mix/tasks/compile.all.ex:15: Mix.Tasks.Compile.All.run/1
(mix) lib/mix/tasks/compile.ex:64: Mix.Tasks.Compile.run/1
(mix) lib/mix/task.ex:251: Mix.Task.run_task/3
(elixir) lib/enum.ex:537: Enum."-each/2-lists^foreach/1-0-"/2

I'm creating an auth system to be compatible with a ruby lib that uses bcrypt-ruby (Devise).
The Comeonin can compare a hash generated with a random bcrypt-ruby salt but the bcrypt-ruby can't compare with the salt generated by this lib. Is there a way to know what lib is wrong?

Both using bcrypt_log_rounds = 10.
Ex: "$2b$10..."

1. Create a new mix project, add comeonin as a dependency

2. Run mix do deps.get, deps.compile

3. Error :)

   msch@iMartinMB12 ~/tmp/comeoncrash [master] % mix do deps.get, deps.compile
   Running dependency resolution
   * Getting comeonin (Hex package)
   Checking package (https://s3.amazonaws.com/s3.hex.pm/tarballs/comeonin-1.1.2.tar)
   Using locally cached package
   Unpacked package tarball (/Users/msch/.hex/packages/comeonin-1.1.2.tar)
   cc -g -O3 -Wall -I/usr/local/Cellar/erlang/18.0.3/lib/erlang/erts-7.0.3/include -Ic_src -fPIC -shared -dynamiclib -undefined dynamic_lookup -o priv/bcrypt_nif.so c_src/bcrypt_nif.c c_src/blowfish.c
   ==> comeonin
   Compiled lib/comeonin/config.ex
   Compiled lib/comeonin/bcrypt_base64.ex
   Compiled lib/comeonin.ex
   
   == Compilation error on file lib/comeonin/bcrypt.ex ==
   ** (MatchError) no match of right hand side value: {:error, :on_load_failure}
       (stdlib) erl_eval.erl:669: :erl_eval.do_apply/6
   
   could not compile dependency comeonin, mix compile failed. You can recompile this dependency with `mix deps.compile comeonin` or update it with `mix deps.update comeonin`
   
   17:30:02.495 [error] Process #PID<0.141.0> raised an exception
   ** (MatchError) no match of right hand side value: {:error, {:load_failed, 'Failed to load NIF library: \'dlopen(/Users/msch/tmp/comeoncrash/_build/dev/lib/comeonin/priv/bcrypt_nif.so, 2): image not found\''}}
       lib/comeonin/bcrypt.ex:28: Comeonin.Bcrypt.init/0
       (kernel) code_server.erl:1674: anonymous fn/1 in :code_server.handle_on_load/4
   
   17:30:02.498 [warn]  The on_load function for module Elixir.Comeonin.Bcrypt returned {{:badmatch,
     {:error,
      {:load_failed,
       'Failed to load NIF library: \'dlopen(/Users/msch/tmp/comeoncrash/_build/dev/lib/comeonin/priv/bcrypt_nif.so, 2): image not found\''}}},
   [{Comeonin.Bcrypt, :init, 0, [file: 'lib/comeonin/bcrypt.ex', line: 28]},
   {:code_server, :"-handle_on_load/4-fun-0-", 1,
    [file: 'code_server.erl', line: 1674]}]}
   

4. Do it again, now it works

   msch@iMartinMB12 ~/tmp/comeoncrash [master] % mix do deps.get, deps.compile
   Running dependency resolution
   All dependencies up to date
   make: `priv/bcrypt_nif.so' is up to date.
   ==> comeonin
   Compiled lib/comeonin/config.ex
   Compiled lib/comeonin/bcrypt_base64.ex
   Compiled lib/comeonin.ex
   Compiled lib/comeonin/bcrypt.ex
   Compiled lib/comeonin/password.ex
   Compiled lib/comeonin/pbkdf2.ex
   Compiled lib/comeonin/tools.ex
   Compiled lib/comeonin/pbkdf2_base64.ex
   Generated comeonin app
   

5. Doing rm -rf deps _build reproduces the error.

OS X, Elixir 1.1.0-beta, Erlang 18.0.3

Example repo: https://github.com/MSch/comeoncrash

comeonin already has a great error message for building on multiple systems. However, System.cmd can still fail if the command we are trying to run does not exist. I recommend to explicitly check for System.find_executable OR catch :error, :enoent. Source: http://stackoverflow.com/questions/31675375/addict-hex-package-dependencies-error-on-windows-that-does-not-occur-on-mac/31677545#31677545

Hi
i'm trying to compile on my main dev machine with the following setup:

• Windows 10
• VS2015
• Erlang 18.2.1 (installed in C:\erl7.2.1)
• Elixir 1.2.0

When I launch mix do deps.get, compile from the VS2015 dev console at the root of my Elixir/Phoenix project I get the following:

== Compilation error on file lib/comeonin/bcrypt.ex ==
** (MatchError) no match of right hand side value: {:error, :on_load_failure}
    (stdlib) erl_eval.erl:669: :erl_eval.do_apply/6

could not compile dependency :comeonin, "mix compile" failed. You can recompile this dependency with "mix deps.compile comeonin", update it with "mix deps.update comeonin" or clean it with "mix deps.clean comeonin"

17:36:11.214 [error] Process #PID<0.239.0> raised an exception
** (MatchError) no match of right hand side value: {:error, {:load_failed, 'Failed to load NIF library d:/test/_build/dev/lib/comeonin/priv/bcrypt_nif: \'Unspecified error\''}}
    lib/comeonin/bcrypt.ex:46: Comeonin.Bcrypt.init/0
    (kernel) code_server.erl:1674: anonymous fn/1 in :code_server.handle_on_load/4

17:36:11.223 [warn]  The on_load function for module Elixir.Comeonin.Bcrypt returned {{:badmatch,
  {:error,
   {:load_failed,
    'Failed to load NIF library d:/test/_build/dev/lib/comeonin/priv/bcrypt_nif: \'Unspecified error\''}}},
 [{Comeonin.Bcrypt, :init, 0, [file: 'lib/comeonin/bcrypt.ex', line: 46]},
  {:code_server, :"-handle_on_load/4-fun-0-", 1,
   [file: 'code_server.erl', line: 1674]}]}

I've found similar error messages in previous, closed issues but I'm still unable to solve my problem with the suggestions given in these threads.

Michele

Research password policies for addition to the documentation.

See Travis CI job from Pull Request #12. I have confirmed it is reproducible. The bug doesn't appear to be present for older versions of Elixir (current Travis is running tests on 1.0.2), nor does it appear to be present in my own build environment of OTP 17.5.1 and Elixir 1.0.4.

An attacker can force the system to run out of entropy (for example with a DOS attack) so automatic fallback to a less secure function should not be used.

EDIT: I am talking specifically about Comeonin.Tools.random_bytes/1.

Since Windows systems do not ship with pre-installed build tools, and many Windows developers are not very familiar with building C stuff, it might be a good idea to ship a pre-built bcrypt_nif.dll in priv.

For example, see how the "fs" package (shipped by default with Phoenix) does it: https://github.com/synrc/fs/tree/master/priv

In general, I've found that the Elixir and Phoenix ecosystem works very smoothly on Windows, and I think this is a very positive thing for helping the adoption of these tools on as wide an audience as possible.

I installed El Capitan yesterday (yes, I know..) and now I am unable to compile comeonin into my Phoenix application. Here's the error message:

$ mix do deps.get, compile
Running dependency resolution
All dependencies up to date
==> comeonin
could not compile dependency :comeonin, "mix compile" failed. You can recompile this dependency with "mix deps.compile comeonin", update it with "mix deps.update comeonin" or clean it with "mix deps.clean comeonin"
** (Mix.Error) Could not compile Comeonin.

Please make sure that you are using Erlang / OTP version 17.0 or later
and that you have a C compiler installed.

Please follow the directions below for the operating system you are
using:

Mac OS X: You need to have gcc and make installed. Try running the
commands `gcc --version` and / or `make --version`. If these programs
are not installed, you will be prompted to install them.

Linux: You need to have gcc and make installed. If you are using
Ubuntu or any other Debian-based system, install the packages
`build-essential`. Also install `erlang-dev` package if not
included in your Erlang/OTP version.


    mix.exs:42: Mix.Tasks.Compile.Comeonin.build_error/1
    mix.exs:18: Mix.Tasks.Compile.Comeonin.run/1
    (elixir) lib/enum.ex:1043: anonymous fn/3 in Enum.map/2
    (elixir) lib/enum.ex:1387: Enum."-reduce/3-lists^foldl/2-0-"/3
    (elixir) lib/enum.ex:1043: Enum.map/2
    (mix) lib/mix/tasks/compile.all.ex:19: anonymous fn/1 in Mix.Tasks.Compile.All.run/1
    (mix) lib/mix/tasks/compile.all.ex:37: Mix.Tasks.Compile.All.with_logger_app/1
    (mix) lib/mix/tasks/compile.ex:64: Mix.Tasks.Compile.run/1

I confirmed that make and gcc are both working. I also have used xcode, so I don't need to accept any agreements on their end.

I'm using Elixir 1.1.1 / Erlang/OTP 18

Hello,

I'm getting an odd error when I try to build on windows.

Microsoft (R) Program Maintenance Utility Version 14.00.23026.0
Copyright (C) Microsoft Corporation.  All rights reserved.

cl /O2 /EHsc /I"c_src" /I"c:/Program Files/erl6.2/erts-6.2/include" /LD /MD /Fepriv\bcrypt_nif.dll  c_src\bcrypt
_nif.c c_src\blowfish.c
Microsoft (R) C/C++ Optimizing Compiler Version 19.00.23026 for x64
Copyright (C) Microsoft Corporation.  All rights reserved.

bcrypt_nif.c
c_src\bcrypt_nif.c(36): fatal error C1083: Cannot open include file: 'stdio.h': No such file or directory
blowfish.c
c_src\blowfish.c(47): fatal error C1083: Cannot open include file: 'sys/types.h': No such file or directory
Generating Code...
NMAKE : fatal error U1077: '"c:\program files (x86)\Microsoft Visual Studio 14.0\VC\bin\amd64\cl.EXE"' : return code '0x
2'
Stop.
==> comeonin
could not compile dependency :comeonin, "mix compile" failed. You can recompile this dependency with "mix deps.compile c
omeonin", update it with "mix deps.update comeonin" or clean it with "mix deps.clean comeonin"
** (Mix.Error) Could not compile Comeonin.

Does anyone know why the header files aren't showing up? This is the first time I've used Microsoft's compiler.

I ran this: "C:\program files (x86)\Microsoft Visual Studio 14.0\VC> vcvarsall amd64" before I tried to compile.

Thanks!

Description:

Current implementation of Comeonin.create_user only accepts a map with a binary key for password.

 def create_user(user_params, valid \\ true) do

--> user_params must have binary key for password

Problem:

This is quite restrictive since atoms are commonly used in maps in elixir.

Solution:

Add support for atoms.

Hello all,
I am using this bcrypt implementation for a while with erlang bcrypt library, and because the bcrypt C function is a "long" running function, the erlang vm cannot do its work and all the other processes are blocked during its execution...

The standard solution which I implemented was to break the nif into multiple erlang calls, but
since I saw that you use Erlang 17.3 as a requirement, it is simpler to solve the problem with

• http://www.erlang.org/doc/man/erl_nif.html#enif_schedule_nif

to break each bcrypt round into an erlang "reduction", which allows the vm to schedule theses reductions.

What do you think about that ? I will be happy to Pull request it but I have not much free time this month.

Add a random password generator.
Rationale: random passwords are generally a lot stronger although they can be more difficult to remember. They are ideal for cases when passwords do not need to be remembered.

I was a bit surprised when the comeonin checked for certain digits:

https://xkcd.com/936/

And then I was even more surprised when disabling the strength also disabled the min length check.

My advice would be to make the API a little bit more flexible so:

1. Minimum password length is configurable
2. Checking for digits is opt-in and configurable

Here is a proposed API:

create_hash "some_string", minimum: 8, check_digits: true

Also avoid application configuration as much as possible. The reason is that application configuration is singleton. For example, if project A configures application comeonin in a certain way, then project B configures it differently, when I use A and B together, I can get a clash. If those things can be given as options to function calls, it would be better.

Compiled and installed Erlang/OTP and Elixir from latest maint resp. master branch on Mac OS X 10.7.5, executing mix deps.compile gives the following error (formatted):

** (MatchError) no match of right hand side value:
  {:error, {
    :load_failed,
    'Failed to load NIF library: \'dlopen(/tmp/testapp/_build/dev/lib/comeonin/priv/bcrypt_nif.so, 2):
    no suitable image found.
    Did find:\n\t/tmp/testapp/_build/dev/lib/comeonin/priv/bcrypt_nif.so:
    mach-o, but wrong architecture\''}}

It turns out that bcrypt_nif.so is compiled as x86_64, while Erlang/Elixir is i386.
Adding -arch i386 -arch x86_64 to both CFLAGS and LDFLAGS in Makefile solves the problem.

Similar problem description and solution:
rofl0r/proxychains-ng#26

Should indicate more clearly which component of Visual Studio Community Edition needs to be installed.

Maybe it's worth mentioning that without the build-essentials package you have to install g++ too, to successfully build it.

Without it, i get the following error in alpine linux

cc -g -O3 -Wall -I/usr/lib/erlang/erts-7.1/include -Ic_src -fPIC -shared  -o priv/bcrypt_nif.so c_src/bcrypt_nif.c c_src/blowfish.c
c_src/bcrypt_nif.c:36:19: fatal error: stdio.h: No such file or directory
compilation terminated.
c_src/blowfish.c:42:23: fatal error: sys/types.h: No such file or directory
compilation terminated.
Makefile:27: recipe for target 'priv/bcrypt_nif.so' failed
make: *** [priv/bcrypt_nif.so] Error 1
could not compile dependency :comeonin, "mix compile" failed. You can recompile this dependency with "mix deps.compile comeonin", update it with "mix deps.update comeonin" or clean it with "mix deps.clean comeonin"
==> comeonin
** (Mix.Error) Could not compile Comeonin.

The docs for 2.4.0 at https://hexdocs.pm/comeonin/ have no styles applied. They're quite Web 1.0. :)

I use Mac OS X for the most part but I've been testing my Phoenix app on Windows8.1 recently to make sure it plays nicely there.

I tried to run "mix do deps.get, compile" but it fails on the comeonin dependency (I'm using https://github.com/opendrops/passport)

I ran vcvarsall.bat amd64 before running mix deps.compile (as suggested by this issue: #18) but it still chokes on running 'nmake' per the Makefile.win

I have Visual Studio installed, which allowed me to run 'vcvarsall.bat amd64' but I don't know what to do. Pre-shipping the bcrypt_nif.dll would be awesome, but if not how can I get around this issue?

Thanks very much for any assistance

An example of a fairly robust solution can be seen https://github.com/dropbox/zxcvbn

Proposal to implement Argon2 support from Comeonin.

Why? Recommended by the PHC over 23 other submissions and regarded as the successor to bcrypt.

Technical details

There are 2 variants of the algorithm with Argon2i being more suited to password hashing.

"Argon2i uses data-independent memory access, which is preferred for password hashing and password-based key derivation. Argon2i is slower as it makes more passes over the memory to protect from tradeoff attacks."

"Argon2d is faster and uses data-depending memory access, which makes it suitable for cryptocurrencies and applications with no threats from side-channel timing attacks."

Specifications PDF
Argon2 and Egalitarian Computing (slides)
Password Hashing Competition
Argon2 GitHub repo

Currently if you try to use checkpw/2 with a non-hashed password it fails with the following error:

Comeonin.Bcrypt.checkpw("password", "notahashedpw")
** (MatchError) no match of right hand side value: ['notahashedpw']
    (comeonin) lib/comeonin/bcrypt.ex:161: Comeonin.Bcrypt.hashpw/2
    (comeonin) lib/comeonin/bcrypt.ex:122: Comeonin.Bcrypt.checkpw/2

I'm wondering if it would be useful to return an {:error, reason} tuple or something to indicate that there was an error. Otherwise you need to wrap it try..catch block.

I ran into this issue because I was not hashing the password before inserting them in the DB, so when I tried to log in I got this error.

Hi there
under os x 10.10.1, when i use comeonin 0.2.1 as a dependency on mix i get the following error

$ mix deps.compile comeonin                                                                                                                              
==> comeonin
make: Nothing to be done for `priv/bcrypt_nif.so'.

Compiled lib/comeonin.ex

== Compilation error on file lib/comeonin/bcrypt.ex ==

19:52:52.355 [error] Error in process <0.123.0> with exit value: {{badmatch,{error,{load_failed,"Failed to load NIF library: 'dlopen(/Volumes/data/dev/jxs/addict/_build/dev/lib/comeonin/priv/bcrypt_nif.so, 2): no suitable image found.  Did find:\n /Volumes/data/dev/...


** (MatchError) no match of right hand side value: {:error, :on_load_failure}
    (stdlib) erl_eval.erl:657: :erl_eval.do_apply/6

could not compile dependency comeonin, mix compile failed. You can recompile this dependency with `mix deps.compile comeonin` or update it with `mix deps.update comeonin` 

i am able to compile comeonin if specify the github version on the mix file though

thanks :)

Hi, I have a project that requires the older 1.0.2 library.
Can I make Comeonin to use it?

Thank you in advance!
--Kai

I've added the log_rounds config option to my test config file to speed up the tests, but no matter what value I put it doesn't seem to make a difference.

config/config.test.exs:

# Speed up our test suite
config :comeonin, :bcrypt_log_rounds, 4

I tried bumping the number up to 200 to see if it was taking effect, and the tests ran in exactly the same time. I also added the configuration to config/config.exs to be 100% sure it was being loaded, and got the same results.

I had added this line in my test config:

config :comeonin, :bcrypt_log_rounds, 1

which did not make my tests any faster. I looked into the source code, and found that if the value is not between 4 and 32, it gets thrown out and 12 gets used (changing my config to 4 made my tests fast again). I asked about this in the Elixir Slack channel and found that this has confused others in the past.

I think this should either be strongly documented or throw a warning instead of just silently using 12.

Thanks!

Hi, can you please tag version 1.1.3? Then I can update the FreeBSD port :)

Need to cite sources for the information in the documentation.
I don't want to cite the sources inline, as the documentation is very different from an academic paper, so I will probably add links to the information on a wiki page at the github repo.

I'm seeing this error consistently when compiling my Elixir app:

$ mix compile
Compiled lib/api.ex
Compiled lib/api/repo.ex
Compiled web/channels/user_socket.ex
Compiled web/web.ex

15:41:10.878 [error] Process #PID<0.193.0> raised an exception
** (MatchError) no match of right hand side value: {:error, {:load_failed, 'Failed to load NIF library: \'/app/user/_build/dev/lib/comeonin/priv/bcrypt_nif.so: invalid ELF header\''}}
    lib/comeonin/bcrypt.ex:28: Comeonin.Bcrypt.init/0
    (kernel) code_server.erl:1674: anonymous fn/1 in :code_server.handle_on_load/4

15:41:10.898 [warn]  The on_load function for module Elixir.Comeonin.Bcrypt returned {{:badmatch,
  {:error,
   {:load_failed,
    'Failed to load NIF library: \'/app/user/_build/dev/lib/comeonin/priv/bcrypt_nif.so: invalid ELF header\''}}},
 [{Comeonin.Bcrypt, :init, 0, [file: 'lib/comeonin/bcrypt.ex', line: 28]},
  {:code_server, :"-handle_on_load/4-fun-0-", 1,
   [file: 'code_server.erl', line: 1674]}]}

This is with OTP 18.1.2 and Elixir 1.1.1. I'm running a dockerized environment, not sure if that's contributing, but here's some info on my machine:

$ uname -a
Linux 981aa2f6b3c4 4.1.10-boot2docker #1 SMP Mon Oct 12 18:36:49 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/debian_version
jessie/sid
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.3 LTS"

The rest of my app is functioning correctly, so I think this could be a comeonin issue.

My operation:

iex(1)> Comeonin.Bcrypt.hashpwsalt("foobar")
"$2b$12$mvYLIYgSZcpK3TXDs52md..nmVzt8KoDL8acurFpU7QVdbvP6yiW6"

and I try to verify it by python:
>>> from passlib.hash import bcrypt
>>> bcrypt.verify("foo", "$2b$12$mvYLIYgSZcpK3TXDs52md..nmVzt8KoDL8acurFpU7QVdbvP6yiW6")
It failed:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/Cifer/nsbdata/venv/lib/python2.7/site-packages/passlib/utils/handlers.py", line 567, in verify
    self = cls.from_string(hash, **context)
  File "/Users/Cifer/nsbdata/venv/lib/python2.7/site-packages/passlib/handlers/bcrypt.py", line 143, in from_string
    ident, tail = cls._parse_ident(hash)
  File "/Users/Cifer/nsbdata/venv/lib/python2.7/site-packages/passlib/utils/handlers.py", line 897, in _parse_ident
    raise exc.InvalidHashError(cls)
ValueError: not a valid bcrypt hash

By the way, python encrypted password can verify successfully by commeonin.

And I check the result which python encrypted:

>>> bcrypt.encrypt("foo")
'$2a$12$Jc4dQXqaxQ56o11ZOxqHMetGCFIGNo5Wfx.lwZMF7F0lkQHVs0D9O'

So,
Elixir one: "$2b$12$mvYLIYgSZcpK3TXDs52md..nmVzt8KoDL8acurFpU7QVdbvP6yiW6"
Python one: '$2a$12$Jc4dQXqaxQ56o11ZOxqHMetGCFIGNo5Wfx.lwZMF7F0lkQHVs0D9O'

I noticed the big difference is elixir one is $2b, the other one is $2a, and I try to modify the Elixir one to
"$2a$12$mvYLIYgSZcpK3TXDs52md..nmVzt8KoDL8acurFpU7QVdbvP6yiW6", just replace b to a,
as follow:

>>> bcrypt.verify("foo", "$2a$12$mvYLIYgSZcpK3TXDs52md..nmVzt8KoDL8acurFpU7QVdbvP6yiW6")
False

AhHa, this time, no error report, and return a result, but that isn't the point ! (,,#ﾟДﾟ)

Anyway, why comeonin encrypted password can not be verified by python passlib.hash package's bcrypt_verify function?

Thank you

After upgrading to a new version of Erlang or Elixir, the NIF library often fails to load.
One workaround is to delete the _build directory, which forces the C source code to be recompiled, after which the NIF library loads fine.
We need to find some way of detecting when the C code needs to be recompiled.

I'm using Windows 10 x64 bits and I'm trying to use the addict package, however comeonin is a depency for that package and fails to compile. I'm also using this in the Phoenix Framework.

I'm also already using the Visual Studio Developer Command Prompt which a lot of people mentioned to be necessary to execute nmake.

The error I get is with bcrypt.

C:\Users\mesos_000\Desktop\elixir Projects\testLogin>mix deps.compile comeonin
==> comeonin

Microsoft (R) Program Maintenance Utility Version 14.00.23026.0
Copyright (C) Microsoft Corporation.  All rights reserved.

'priv\bcrypt_nif.dll' is up-to-date

Compiled lib/comeonin/config.ex
Compiled lib/comeonin/pbkdf2_base64.ex
Compiled lib/comeonin/tools.ex
Compiled lib/comeonin/bcrypt_base64.ex
Compiled lib/comeonin.ex
Compiled lib/comeonin/password.ex
Compiled lib/comeonin/pbkdf2.ex

== Compilation error on file lib/comeonin/bcrypt.ex ==

09:40:21.089 [error] Process #PID<0.155.0> raised an exception
** (MatchError) no match of right hand side value: {:error, {:load_failed, 'Failed to load NIF library c:/Users/mesos_000/Desktop/elixir Projects/testLogin/_build/dev/lib
/comeonin/priv/bcrypt_nif: \'Unspecified error\''}}
    lib/comeonin/bcrypt.ex:24: Comeonin.Bcrypt.init/0
    (kernel) code_server.erl:1674: anonymous fn/1 in :code_server.handle_on_load/4

** (MatchError) no match of right hand side value: {:error, :on_load_failure}
    (stdlib) erl_eval.erl:669: :erl_eval.do_apply/6

could not compile dependency comeonin, mix compile failed. You can recompile this dependency with `mix deps.compile comeonin` or update it with `mix deps.update comeonin`


09:40:21.200 [warn]  The on_load function for module Elixir.Comeonin.Bcrypt returned {{:badmatch,
  {:error,
   {:load_failed,
    'Failed to load NIF library c:/Users/mesos_000/Desktop/elixir Projects/testLogin/_build/dev/lib/comeonin/priv/bcrypt_nif: \'Unspecified error\''}}},
 [{Comeonin.Bcrypt, :init, 0, [file: 'lib/comeonin/bcrypt.ex', line: 24]},
  {:code_server, :"-handle_on_load/4-fun-0-", 1,
   [file: 'code_server.erl', line: 1674]}]}

I have tried deleting the priv folder but the error occurs nontheless.

Hello I am trying to use the library with the use of bakeware.io to cross-compile on OS X for the rpi2 ...
Using

defp deps do
    [     
      ...
      {:comeonin, "~> 2.0"},
     ....
   ]
  end

When using

bake firmware

I get following error:

.nerves/toolchains/nerves-arm-unknown-linux-gnueabihf-darwin-x86_64-v0.5.0/bin/arm-unknown-linux-gnueabihf-gcc -g -O3 -Wall -I/Users/stefan/.nerves/toolchains/nerves-arm-unknown-linux-gnueabihf-darwin-x86_64-v0.5.0/lib/erlang/erts-7.1/bin/../../erts-7.1/include -Ic_src -fPIC -shared  -dynamiclib -undefined dynamic_lookup -o priv/bcrypt_nif.so c_src/bcrypt_nif.c c_src/blowfish.c
arm-unknown-linux-gnueabihf-gcc: error: dynamic_lookup: No such file or directory
make: *** [priv/bcrypt_nif.so] Error 1
could not compile dependency :comeonin, "mix compile" failed. You can recompile this dependency with "mix deps.compile comeonin", update it with "mix deps.update comeonin" or clean it with "mix deps.clean comeonin"
==> comeonin
** (Mix.Error) Could not compile Comeonin.

Looking through the Makefile I see

...
ifneq ($(OS),Windows_NT)
    CFLAGS += -fPIC

    ifeq ($(shell uname),Darwin)
        LDFLAGS += -dynamiclib -undefined dynamic_lookup
    endif
endif
...

So even within a cross-compile environment comeonin uses uname to detect Darwin ....

How could I cross-compile this under OS X ? Please help

This is for all Windows users who are trying to compile comeonin.

For the past few hours I, a Phoenix newbie, have been fighting, trying to get a Phoenix demo app to compile that uses comeonin. I am on Windows 10 (x64), and below I document two problems I had, in addition to the resolution. Perhaps my experiences can in some manner be integrated into the error reported when deps.compile fails for comeonin.

mix phoenix.server

kept reporting the following error:

==> comeonin
could not compile dependency :comeonin, "mix compile" failed. You can 
recompile this dependency with "mix deps.compile comeonin", update it with "mix
deps.update comeonin" or clean it with "mix deps.clean comeonin"
** (Mix.Error) Could not find the program `nmake`.

You will need to install the C compiler `nmake` to be able to build
Comeonin.

One option is to install a recent version of Visual Studio (the
free Community edition will be enough for this task). Then try running
`mix deps.compile comeonin` from the `Developer Command Prompt`.

If you are using 64-bit erlang, you might need to run the command
`vcvarsall.bat amd64` in the Visual Studio {version}VC directory
before running `mix deps.compile`.
See: https://msdn.microsoft.com/en-us/library/x4d2c09s.aspx

If you are using Visual Studio 2015, you need to install the C++ build
tools before running the `vcvarsall.bat amd64`. Do this by going to
"Create New Project" and select "C++" to prompt to install the
required dependencies.
See: https://msdn.microsoft.com/en-us/library/60k1461a.aspx


    mix.exs:34: Mix.Tasks.Compile.Comeonin.nocompiler_error/1

I installed Visual Studio 2015 community edition as advised. Selected the advanced install and installed the Visual C components. I had to add

C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\bin\amd64

to my PATH manually for mix deps.compile comeonin to be able to find nmake.

The error message did not go away.

It took a while, but only after trying to follow the steps documented in the error message did I find the requirements.

The important step:

• cd to the VC directory, run vcvarsall.bat amd64 -- this must be run every time you try to compile comeonin
• cd over to your project, mix deps.get, mix deps.compile

You need to open the cmd

cd C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC
vcvarsall.bat amd64
cd c:\dev\elixir\phoenix_test
mix deps.compile comeonin

What is important here is, that this has to be done in the one and the same CMD window. The compilation error message indicates the resolution to my problem, but I had two CMD windows open, and the compilation kept failing. It was important to follow the steps in one CMD window, as indicated in the requirements.

Perhaps the compilation error message could be improved.

On Windows, it might be necessary to add the path to the Visual Studio
nmake.exe directory to your PATH for deps.compile to find nmake.

If you are using 64-bit erlang, you might need to run the command
`vcvarsall.bat amd64` in the Visual Studio {version}VC directory
before running `mix deps.compile`.
See: https://msdn.microsoft.com/en-us/library/x4d2c09s.aspx
In the same command prompt window, you might do the following:
  cd C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC
  vcvarsall.bat amd64
  cd {myphoenixprojectpath}
  mix deps.compile comeonin
Note: this is an example.
Your path to VC will depend on the installed version of Visual Studio.

Hope this helps someone with the same problems as I was having.

A C compiler is needed for the build, so we should find out what the build dependencies are for each OS and put this information in the docs/README.

Passing empty strings to BCrypt is always a security bug. We should detect and raise at least such cases.

I'm getting the following compilation error with comeonin 1.4 on Heroku, but can't reproduce it locally on OS X 10.11

remote: cc -g -O3 -Wall -I/app/.platform_tools/erlang/erts-7.1/include -Ic_src -fPIC -shared  -o priv/bcrypt_nif.so c_src/bcrypt_nif.c c_src/blowfish.c
remote: lib/comeonin.ex:1: warning: redefining module Comeonin
remote: lib/comeonin/bcrypt.ex:1: warning: redefining module Comeonin.Bcrypt
remote: lib/comeonin/config.ex:1: warning: redefining module Comeonin.Config
remote: lib/comeonin/bcrypt/base64.ex:1: warning: redefining module Comeonin.Bcrypt.Base64
remote: ==> comeonin
remote: Compiled lib/comeonin/config.ex
remote: lib/comeonin/password.ex:1: warning: redefining module Comeonin.Password
remote: lib/comeonin/password/common.ex:1: warning: redefining module Comeonin.Password.Common
remote: Compiled lib/comeonin/gettext.ex
remote:
remote: == Compilation error on file lib/comeonin/password/common.ex ==
remote: ** (File.Error) could not read file /tmp/build_7efc4a98dc62e436eaf241f3e1b52416/deps/comeonin/lib/comeonin/password/10k_6chars.txt: no such file or directory
remote:     (elixir) lib/file.ex:244: File.read!/1
remote:     lib/comeonin/password/tools.ex:5: Comeonin.Password.Tools.get_words/0
remote:     lib/comeonin/password/common.ex:15: (module)
remote:     (stdlib) erl_eval.erl:669: :erl_eval.do_apply/6