bcrypt 3.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +10 -0
- data/.rspec +3 -0
- data/.travis.yml +15 -0
- data/CHANGELOG +63 -0
- data/COPYING +28 -0
- data/Gemfile +2 -0
- data/Gemfile.lock +36 -0
- data/README.md +203 -0
- data/Rakefile +73 -0
- data/bcrypt.gemspec +29 -0
- data/ext/jruby/bcrypt_jruby/BCrypt.java +752 -0
- data/ext/mri/bcrypt_ext.c +64 -0
- data/ext/mri/crypt.c +57 -0
- data/ext/mri/crypt.h +13 -0
- data/ext/mri/crypt_blowfish.c +786 -0
- data/ext/mri/crypt_gensalt.c +111 -0
- data/ext/mri/extconf.rb +17 -0
- data/ext/mri/ow-crypt.h +35 -0
- data/ext/mri/wrapper.c +262 -0
- data/lib/bcrypt.rb +21 -0
- data/lib/bcrypt/engine.rb +116 -0
- data/lib/bcrypt/error.rb +22 -0
- data/lib/bcrypt/password.rb +87 -0
- data/spec/TestBCrypt.java +194 -0
- data/spec/bcrypt/engine_spec.rb +82 -0
- data/spec/bcrypt/error_spec.rb +37 -0
- data/spec/bcrypt/password_spec.rb +123 -0
- data/spec/spec_helper.rb +2 -0
- metadata +117 -0
@@ -0,0 +1,37 @@
|
|
1
|
+
require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
|
2
|
+
|
3
|
+
describe "Errors" do
|
4
|
+
|
5
|
+
shared_examples "descends from StandardError" do
|
6
|
+
it "can be rescued as a StandardError" do
|
7
|
+
described_class.should < StandardError
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
shared_examples "descends from BCrypt::Error" do
|
12
|
+
it "can be rescued as a BCrypt::Error" do
|
13
|
+
described_class.should < BCrypt::Error
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
describe BCrypt::Error do
|
18
|
+
include_examples "descends from StandardError"
|
19
|
+
end
|
20
|
+
|
21
|
+
describe BCrypt::Errors::InvalidCost do
|
22
|
+
include_examples "descends from BCrypt::Error"
|
23
|
+
end
|
24
|
+
|
25
|
+
describe BCrypt::Errors::InvalidHash do
|
26
|
+
include_examples "descends from BCrypt::Error"
|
27
|
+
end
|
28
|
+
|
29
|
+
describe BCrypt::Errors::InvalidSalt do
|
30
|
+
include_examples "descends from BCrypt::Error"
|
31
|
+
end
|
32
|
+
|
33
|
+
describe BCrypt::Errors::InvalidSecret do
|
34
|
+
include_examples "descends from BCrypt::Error"
|
35
|
+
end
|
36
|
+
|
37
|
+
end
|
@@ -0,0 +1,123 @@
|
|
1
|
+
require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
|
2
|
+
|
3
|
+
describe "Creating a hashed password" do
|
4
|
+
|
5
|
+
before :each do
|
6
|
+
@secret = "wheedle"
|
7
|
+
@password = BCrypt::Password.create(@secret, :cost => 4)
|
8
|
+
end
|
9
|
+
|
10
|
+
specify "should return a BCrypt::Password" do
|
11
|
+
@password.should be_an_instance_of(BCrypt::Password)
|
12
|
+
end
|
13
|
+
|
14
|
+
specify "should return a valid bcrypt password" do
|
15
|
+
lambda { BCrypt::Password.new(@password) }.should_not raise_error
|
16
|
+
end
|
17
|
+
|
18
|
+
specify "should behave normally if the secret is not a string" do
|
19
|
+
lambda { BCrypt::Password.create(nil) }.should_not raise_error(BCrypt::Errors::InvalidSecret)
|
20
|
+
lambda { BCrypt::Password.create({:woo => "yeah"}) }.should_not raise_error(BCrypt::Errors::InvalidSecret)
|
21
|
+
lambda { BCrypt::Password.create(false) }.should_not raise_error(BCrypt::Errors::InvalidSecret)
|
22
|
+
end
|
23
|
+
|
24
|
+
specify "should tolerate empty string secrets" do
|
25
|
+
lambda { BCrypt::Password.create( "\n".chop ) }.should_not raise_error
|
26
|
+
lambda { BCrypt::Password.create( "" ) }.should_not raise_error
|
27
|
+
lambda { BCrypt::Password.create( String.new ) }.should_not raise_error
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
describe "Reading a hashed password" do
|
32
|
+
before :each do
|
33
|
+
@secret = "U*U"
|
34
|
+
@hash = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
|
35
|
+
end
|
36
|
+
|
37
|
+
specify "the cost is too damn high" do
|
38
|
+
lambda {
|
39
|
+
BCrypt::Password.create("hello", :cost => 32)
|
40
|
+
}.should raise_error(ArgumentError)
|
41
|
+
end
|
42
|
+
|
43
|
+
specify "the cost should be set to the default if nil" do
|
44
|
+
BCrypt::Password.create("hello", :cost => nil).cost.should equal(BCrypt::Engine::DEFAULT_COST)
|
45
|
+
end
|
46
|
+
|
47
|
+
specify "the cost should be set to the default if empty hash" do
|
48
|
+
BCrypt::Password.create("hello", {}).cost.should equal(BCrypt::Engine::DEFAULT_COST)
|
49
|
+
end
|
50
|
+
|
51
|
+
specify "the cost should be set to the passed value if provided" do
|
52
|
+
BCrypt::Password.create("hello", :cost => 5).cost.should equal(5)
|
53
|
+
end
|
54
|
+
|
55
|
+
specify "the cost should be set to the global value if set" do
|
56
|
+
BCrypt::Engine.cost = 5
|
57
|
+
BCrypt::Password.create("hello").cost.should equal(5)
|
58
|
+
# unset the global value to not affect other tests
|
59
|
+
BCrypt::Engine.cost = nil
|
60
|
+
end
|
61
|
+
|
62
|
+
specify "the cost should be set to an overridden constant for backwards compatibility" do
|
63
|
+
# suppress "already initialized constant" warning
|
64
|
+
old_verbose, $VERBOSE = $VERBOSE, nil
|
65
|
+
old_default_cost = BCrypt::Engine::DEFAULT_COST
|
66
|
+
|
67
|
+
BCrypt::Engine::DEFAULT_COST = 5
|
68
|
+
BCrypt::Password.create("hello").cost.should equal(5)
|
69
|
+
|
70
|
+
# reset default to not affect other tests
|
71
|
+
BCrypt::Engine::DEFAULT_COST = old_default_cost
|
72
|
+
$VERBOSE = old_verbose
|
73
|
+
end
|
74
|
+
|
75
|
+
specify "should read the version, cost, salt, and hash" do
|
76
|
+
password = BCrypt::Password.new(@hash)
|
77
|
+
password.version.should eql("2a")
|
78
|
+
password.cost.should equal(5)
|
79
|
+
password.salt.should eql("$2a$05$CCCCCCCCCCCCCCCCCCCCC.")
|
80
|
+
password.salt.class.should eq String
|
81
|
+
password.checksum.should eq("E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW")
|
82
|
+
password.checksum.class.should eq String
|
83
|
+
password.to_s.should eql(@hash)
|
84
|
+
end
|
85
|
+
|
86
|
+
specify "should raise an InvalidHashError when given an invalid hash" do
|
87
|
+
lambda { BCrypt::Password.new('weedle') }.should raise_error(BCrypt::Errors::InvalidHash)
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
describe "Comparing a hashed password with a secret" do
|
92
|
+
before :each do
|
93
|
+
@secret = "U*U"
|
94
|
+
@hash = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
|
95
|
+
@password = BCrypt::Password.create(@secret)
|
96
|
+
end
|
97
|
+
|
98
|
+
specify "should compare successfully to the original secret" do
|
99
|
+
(@password == @secret).should be(true)
|
100
|
+
end
|
101
|
+
|
102
|
+
specify "should compare unsuccessfully to anything besides original secret" do
|
103
|
+
(@password == "@secret").should be(false)
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
107
|
+
describe "Validating a generated salt" do
|
108
|
+
specify "should not accept an invalid salt" do
|
109
|
+
BCrypt::Engine.valid_salt?("invalid").should eq(false)
|
110
|
+
end
|
111
|
+
specify "should accept a valid salt" do
|
112
|
+
BCrypt::Engine.valid_salt?(BCrypt::Engine.generate_salt).should eq(true)
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
describe "Validating a password hash" do
|
117
|
+
specify "should not accept an invalid password" do
|
118
|
+
BCrypt::Password.valid_hash?("i_am_so_not_valid").should be_false
|
119
|
+
end
|
120
|
+
specify "should accept a valid password" do
|
121
|
+
BCrypt::Password.valid_hash?(BCrypt::Password.create "i_am_so_valid").should be_true
|
122
|
+
end
|
123
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
ADDED
@@ -0,0 +1,117 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: bcrypt
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 3.1.3
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Coda Hale
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2014-02-21 00:00:00 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: rake-compiler
|
16
|
+
prerelease: false
|
17
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: 0.9.2
|
22
|
+
type: :development
|
23
|
+
version_requirements: *id001
|
24
|
+
- !ruby/object:Gem::Dependency
|
25
|
+
name: rspec
|
26
|
+
prerelease: false
|
27
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
28
|
+
requirements:
|
29
|
+
- &id004
|
30
|
+
- ">="
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: "0"
|
33
|
+
type: :development
|
34
|
+
version_requirements: *id002
|
35
|
+
- !ruby/object:Gem::Dependency
|
36
|
+
name: rdoc
|
37
|
+
prerelease: false
|
38
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
39
|
+
requirements:
|
40
|
+
- - ~>
|
41
|
+
- !ruby/object:Gem::Version
|
42
|
+
version: "3.12"
|
43
|
+
type: :development
|
44
|
+
version_requirements: *id003
|
45
|
+
description: " bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD project\n for hashing passwords. The bcrypt Ruby gem provides a simple wrapper for safely handling\n passwords.\n"
|
46
|
+
email: coda.hale@gmail.com
|
47
|
+
executables: []
|
48
|
+
|
49
|
+
extensions:
|
50
|
+
- ext/mri/extconf.rb
|
51
|
+
extra_rdoc_files:
|
52
|
+
- README.md
|
53
|
+
- COPYING
|
54
|
+
- CHANGELOG
|
55
|
+
- lib/bcrypt/engine.rb
|
56
|
+
- lib/bcrypt/error.rb
|
57
|
+
- lib/bcrypt/password.rb
|
58
|
+
- lib/bcrypt.rb
|
59
|
+
files:
|
60
|
+
- .gitignore
|
61
|
+
- .rspec
|
62
|
+
- .travis.yml
|
63
|
+
- CHANGELOG
|
64
|
+
- COPYING
|
65
|
+
- Gemfile
|
66
|
+
- Gemfile.lock
|
67
|
+
- README.md
|
68
|
+
- Rakefile
|
69
|
+
- bcrypt.gemspec
|
70
|
+
- ext/jruby/bcrypt_jruby/BCrypt.java
|
71
|
+
- ext/mri/bcrypt_ext.c
|
72
|
+
- ext/mri/crypt.c
|
73
|
+
- ext/mri/crypt.h
|
74
|
+
- ext/mri/crypt_blowfish.c
|
75
|
+
- ext/mri/crypt_gensalt.c
|
76
|
+
- ext/mri/extconf.rb
|
77
|
+
- ext/mri/ow-crypt.h
|
78
|
+
- ext/mri/wrapper.c
|
79
|
+
- lib/bcrypt.rb
|
80
|
+
- lib/bcrypt/engine.rb
|
81
|
+
- lib/bcrypt/error.rb
|
82
|
+
- lib/bcrypt/password.rb
|
83
|
+
- spec/TestBCrypt.java
|
84
|
+
- spec/bcrypt/engine_spec.rb
|
85
|
+
- spec/bcrypt/error_spec.rb
|
86
|
+
- spec/bcrypt/password_spec.rb
|
87
|
+
- spec/spec_helper.rb
|
88
|
+
homepage: https://github.com/codahale/bcrypt-ruby
|
89
|
+
licenses:
|
90
|
+
- MIT
|
91
|
+
metadata: {}
|
92
|
+
|
93
|
+
post_install_message:
|
94
|
+
rdoc_options:
|
95
|
+
- --title
|
96
|
+
- bcrypt-ruby
|
97
|
+
- --line-numbers
|
98
|
+
- --inline-source
|
99
|
+
- --main
|
100
|
+
- README.md
|
101
|
+
require_paths:
|
102
|
+
- lib
|
103
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
104
|
+
requirements:
|
105
|
+
- *id004
|
106
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- *id004
|
109
|
+
requirements: []
|
110
|
+
|
111
|
+
rubyforge_project:
|
112
|
+
rubygems_version: 2.0.14
|
113
|
+
signing_key:
|
114
|
+
specification_version: 4
|
115
|
+
summary: OpenBSD's bcrypt() password hashing algorithm.
|
116
|
+
test_files: []
|
117
|
+
|