bcrypt 3.1.18-java → 3.1.20-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f35948f2d6985ec5e338d0dd89e2481e0c2e91df63a9623b02bad157c1da0967
4
- data.tar.gz: c9cdd80dbf146b2497091bc2e09b613fea5784eacf7e570bcebb7e4a0c3b175c
3
+ metadata.gz: 18e51a94af441c07a71cba0f9d5c8e813ed65b0206e6d143784215d43404be78
4
+ data.tar.gz: 0f593432119c2166fb96c65786b3bf119d42ecc35d7de1322b7700c81679e3b5
5
5
  SHA512:
6
- metadata.gz: 3c5d43f9ff8813d14f866a5a87354b0f3152dff9c2b75ab08a7b70e0e84e8f71d2582b36cbdb71b3d45f68fa1a3cd38f30de75db812c5bc23ff613918070a09a
7
- data.tar.gz: 8ec660bd584fc110d347dbd5a4d1d0c1cf75e36e7ac9f455a7ed86c100c8111c3f62ef3b4ae5aa15275d30d034d1289756eb1104ed55ad4ff8656c21836cdab6
6
+ metadata.gz: 92e7ac49940ed3c1ac8929da228dc90e48ef9ec12819fe9a83102211f7695c47ad9dd6e7aeb333b6499308556995405c9b7a7fd1b70eb0b12231d070f111f2d3
7
+ data.tar.gz: bdbfa55d1c5e8c111b31f3c2bd0d90f4408799af5afcca5d53f2c47604033f991238948905f95f91f16a2f08d315283ceda37ea770cbe612d98170771da24394
data/CHANGELOG CHANGED
@@ -1,3 +1,10 @@
1
+ 3.1.20 Nov 17 2023
2
+ - Limit packaged files -- decrease gem filesize by ~28% [GH #272 by @pusewicz]
3
+
4
+ 3.1.19 June 22 2023
5
+ - Deprecate passing the third argument to `BCrypt::Engine.hash_secret` [GH #207 by @sergey-alekseev]
6
+ - Add GC guards so the C compiler won't optimize out references [GH #270]
7
+
1
8
  3.1.18 May 16 2022
2
9
  - Unlock GVL when calculating hashes and salts [GH #260]
3
10
  - Fix compilation warnings in `ext/mri/bcrypt_ext.c` [GH #261]
data/ext/mri/bcrypt_ext.c CHANGED
@@ -49,6 +49,9 @@ static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
49
49
  if(!salt) return Qnil;
50
50
 
51
51
  str_salt = rb_str_new2(salt);
52
+
53
+ RB_GC_GUARD(prefix);
54
+ RB_GC_GUARD(input);
52
55
  free(salt);
53
56
 
54
57
  return str_salt;
@@ -99,6 +102,8 @@ static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
99
102
 
100
103
  out = rb_str_new2(value);
101
104
 
105
+ RB_GC_GUARD(key);
106
+ RB_GC_GUARD(setting);
102
107
  free(args.data);
103
108
 
104
109
  return out;
data/lib/bcrypt/engine.rb CHANGED
@@ -53,6 +53,13 @@ module BCrypt
53
53
  # Given a secret and a valid salt (see BCrypt::Engine.generate_salt) calculates
54
54
  # a bcrypt() password hash. Secrets longer than 72 bytes are truncated.
55
55
  def self.hash_secret(secret, salt, _ = nil)
56
+ unless _.nil?
57
+ warn "[DEPRECATION] Passing the third argument to " \
58
+ "`BCrypt::Engine.hash_secret` is deprecated. " \
59
+ "Please do not pass the third argument which " \
60
+ "is currently not used."
61
+ end
62
+
56
63
  if valid_secret?(secret)
57
64
  if valid_salt?(salt)
58
65
  if RUBY_PLATFORM == "java"
data/lib/bcrypt_ext.jar CHANGED
Binary file
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bcrypt
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.18
4
+ version: 3.1.20
5
5
  platform: java
6
6
  authors:
7
7
  - Coda Hale
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-05-16 00:00:00.000000000 Z
11
+ date: 2023-11-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -17,8 +17,8 @@ dependencies:
17
17
  - !ruby/object:Gem::Version
18
18
  version: 1.2.0
19
19
  name: rake-compiler
20
- prerelease: false
21
20
  type: :development
21
+ prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
@@ -31,8 +31,8 @@ dependencies:
31
31
  - !ruby/object:Gem::Version
32
32
  version: '3'
33
33
  name: rspec
34
- prerelease: false
35
34
  type: :development
35
+ prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - ">="
@@ -50,19 +50,13 @@ extra_rdoc_files:
50
50
  - COPYING
51
51
  - CHANGELOG
52
52
  - lib/bcrypt.rb
53
- - lib/bcrypt/password.rb
54
53
  - lib/bcrypt/engine.rb
55
54
  - lib/bcrypt/error.rb
55
+ - lib/bcrypt/password.rb
56
56
  files:
57
- - ".github/workflows/ruby.yml"
58
- - ".gitignore"
59
- - ".rspec"
60
57
  - CHANGELOG
61
58
  - COPYING
62
- - Gemfile
63
59
  - README.md
64
- - Rakefile
65
- - bcrypt.gemspec
66
60
  - ext/jruby/bcrypt_jruby/BCrypt.java
67
61
  - ext/mri/bcrypt_ext.c
68
62
  - ext/mri/crypt.c
@@ -80,11 +74,6 @@ files:
80
74
  - lib/bcrypt/error.rb
81
75
  - lib/bcrypt/password.rb
82
76
  - lib/bcrypt_ext.jar
83
- - spec/TestBCrypt.java
84
- - spec/bcrypt/engine_spec.rb
85
- - spec/bcrypt/error_spec.rb
86
- - spec/bcrypt/password_spec.rb
87
- - spec/spec_helper.rb
88
77
  homepage: https://github.com/bcrypt-ruby/bcrypt-ruby
89
78
  licenses:
90
79
  - MIT
@@ -110,7 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
110
99
  - !ruby/object:Gem::Version
111
100
  version: '0'
112
101
  requirements: []
113
- rubygems_version: 3.2.29
102
+ rubygems_version: 3.3.26
114
103
  signing_key:
115
104
  specification_version: 4
116
105
  summary: OpenBSD's bcrypt() password hashing algorithm.
@@ -1,59 +0,0 @@
1
- name: Test Suite
2
-
3
- # Run against all commits and pull requests.
4
- on: [ push, pull_request ]
5
-
6
- jobs:
7
- test_matrix:
8
-
9
- strategy:
10
- fail-fast: false
11
- matrix:
12
- os:
13
- - ubuntu
14
- - macos
15
- - windows
16
- ruby:
17
- - 2.1
18
- - 2.2
19
- - 2.3
20
- - 2.4
21
- - 2.5
22
- - 2.6
23
- - 2.7
24
- - '3.0'
25
- - 3.1
26
- - head
27
- - jruby
28
- - jruby-head
29
- - truffleruby
30
- - truffleruby-head
31
- - mingw
32
- exclude:
33
- - { os: ubuntu, ruby: mingw }
34
- - { os: macos, ruby: mingw }
35
- - { os: windows, ruby: truffleruby }
36
- - { os: windows, ruby: truffleruby-head }
37
-
38
- runs-on: ${{ matrix.os }}-latest
39
-
40
- steps:
41
- - uses: actions/checkout@v2
42
- - name: Set up Ruby
43
- uses: ruby/setup-ruby@v1
44
- with:
45
- ruby-version: ${{ matrix.ruby }}
46
- bundler-cache: true
47
- env:
48
- JAVA_OPTS: -Djdk.io.File.enableADS=true
49
- - name: Run tests
50
- run: bundle exec rake default
51
- env:
52
- JAVA_OPTS: -Djdk.io.File.enableADS=true
53
-
54
- finish:
55
- runs-on: ubuntu-latest
56
- needs: [ test_matrix ]
57
- steps:
58
- - name: Wait for status checks
59
- run: echo "All Green!"
data/.gitignore DELETED
@@ -1,10 +0,0 @@
1
- doc
2
- pkg
3
- tmp
4
- *.o
5
- *.bundle
6
- *.so
7
- *.jar
8
- .DS_Store
9
- .rbenv-gemsets
10
- Gemfile.lock
data/.rspec DELETED
@@ -1,3 +0,0 @@
1
- --color
2
- --backtrace
3
- --format documentation
data/Gemfile DELETED
@@ -1,2 +0,0 @@
1
- source 'https://rubygems.org'
2
- gemspec
data/Rakefile DELETED
@@ -1,72 +0,0 @@
1
- require 'rspec/core/rake_task'
2
- require 'rubygems/package_task'
3
- require 'rake/extensiontask'
4
- require 'rake/javaextensiontask'
5
- require 'rake/clean'
6
- require 'rdoc/task'
7
- require 'benchmark'
8
-
9
- CLEAN.include(
10
- "tmp",
11
- "lib/bcrypt_ext.jar",
12
- "lib/bcrypt_ext.so"
13
- )
14
- CLOBBER.include(
15
- "doc",
16
- "pkg"
17
- )
18
-
19
- GEMSPEC = Gem::Specification.load("bcrypt.gemspec")
20
-
21
- task :default => [:compile, :spec]
22
-
23
- desc "Run all specs"
24
- RSpec::Core::RakeTask.new do |t|
25
- t.pattern = 'spec/**/*_spec.rb'
26
- t.ruby_opts = '-w'
27
- end
28
-
29
- desc "Run all specs, with coverage testing"
30
- RSpec::Core::RakeTask.new(:rcov) do |t|
31
- t.pattern = 'spec/**/*_spec.rb'
32
- t.rcov = true
33
- t.rcov_path = 'doc/coverage'
34
- t.rcov_opts = ['--exclude', 'rspec,diff-lcs,rcov,_spec,_helper']
35
- end
36
-
37
- desc 'Generate RDoc'
38
- RDoc::Task.new do |rdoc|
39
- rdoc.rdoc_dir = 'doc/rdoc'
40
- rdoc.options += GEMSPEC.rdoc_options
41
- rdoc.template = ENV['TEMPLATE'] if ENV['TEMPLATE']
42
- rdoc.rdoc_files.include(*GEMSPEC.extra_rdoc_files)
43
- end
44
-
45
- Gem::PackageTask.new(GEMSPEC) do |pkg|
46
- pkg.need_zip = true
47
- pkg.need_tar = true
48
- end
49
-
50
- if RUBY_PLATFORM =~ /java/
51
- Rake::JavaExtensionTask.new('bcrypt_ext', GEMSPEC) do |ext|
52
- ext.ext_dir = 'ext/jruby'
53
- ext.source_version = "1.7"
54
- ext.target_version = "1.7"
55
- end
56
- else
57
- Rake::ExtensionTask.new("bcrypt_ext", GEMSPEC) do |ext|
58
- ext.ext_dir = 'ext/mri'
59
- end
60
- end
61
-
62
- desc "Run a set of benchmarks on the compiled extension."
63
- task :benchmark do
64
- TESTS = 100
65
- TEST_PWD = "this is a test"
66
- require File.expand_path(File.join(File.dirname(__FILE__), "lib", "bcrypt"))
67
- Benchmark.bmbm do |results|
68
- 4.upto(10) do |n|
69
- results.report("cost #{n}:") { TESTS.times { BCrypt::Password.create(TEST_PWD, :cost => n) } }
70
- end
71
- end
72
- end
data/bcrypt.gemspec DELETED
@@ -1,27 +0,0 @@
1
- Gem::Specification.new do |s|
2
- s.name = 'bcrypt'
3
- s.version = '3.1.18'
4
-
5
- s.summary = "OpenBSD's bcrypt() password hashing algorithm."
6
- s.description = <<-EOF
7
- bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD project
8
- for hashing passwords. The bcrypt Ruby gem provides a simple wrapper for safely handling
9
- passwords.
10
- EOF
11
-
12
- s.files = `git ls-files`.split("\n")
13
- s.require_path = 'lib'
14
-
15
- s.add_development_dependency 'rake-compiler', '~> 1.2.0'
16
- s.add_development_dependency 'rspec', '>= 3'
17
-
18
- s.rdoc_options += ['--title', 'bcrypt-ruby', '--line-numbers', '--inline-source', '--main', 'README.md']
19
- s.extra_rdoc_files += ['README.md', 'COPYING', 'CHANGELOG', *Dir['lib/**/*.rb']]
20
-
21
- s.extensions = 'ext/mri/extconf.rb'
22
-
23
- s.authors = ["Coda Hale"]
24
- s.email = "coda.hale@gmail.com"
25
- s.homepage = "https://github.com/bcrypt-ruby/bcrypt-ruby"
26
- s.license = "MIT"
27
- end
data/spec/TestBCrypt.java DELETED
@@ -1,194 +0,0 @@
1
- // Copyright (c) 2006 Damien Miller <djm@mindrot.org>
2
- //
3
- // Permission to use, copy, modify, and distribute this software for any
4
- // purpose with or without fee is hereby granted, provided that the above
5
- // copyright notice and this permission notice appear in all copies.
6
- //
7
- // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8
- // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9
- // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
10
- // ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11
- // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12
- // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
13
- // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14
-
15
- import junit.framework.TestCase;
16
-
17
- /**
18
- * JUnit unit tests for BCrypt routines
19
- * @author Damien Miller
20
- * @version 0.2
21
- */
22
- public class TestBCrypt extends TestCase {
23
- String test_vectors[][] = {
24
- { "",
25
- "$2a$06$DCq7YPn5Rq63x1Lad4cll.",
26
- "$2a$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s." },
27
- { "",
28
- "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.",
29
- "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.Tl.ZHfXLhvt/SgVyWhQqgqcZ7ZuUtye" },
30
- { "",
31
- "$2a$10$k1wbIrmNyFAPwPVPSVa/ze",
32
- "$2a$10$k1wbIrmNyFAPwPVPSVa/zecw2BCEnBwVS2GbrmgzxFUOqW9dk4TCW" },
33
- { "",
34
- "$2a$12$k42ZFHFWqBp3vWli.nIn8u",
35
- "$2a$12$k42ZFHFWqBp3vWli.nIn8uYyIkbvYRvodzbfbK18SSsY.CsIQPlxO" },
36
- { "a",
37
- "$2a$06$m0CrhHm10qJ3lXRY.5zDGO",
38
- "$2a$06$m0CrhHm10qJ3lXRY.5zDGO3rS2KdeeWLuGmsfGlMfOxih58VYVfxe" },
39
- { "a",
40
- "$2a$08$cfcvVd2aQ8CMvoMpP2EBfe",
41
- "$2a$08$cfcvVd2aQ8CMvoMpP2EBfeodLEkkFJ9umNEfPD18.hUF62qqlC/V." },
42
- { "a",
43
- "$2a$10$k87L/MF28Q673VKh8/cPi.",
44
- "$2a$10$k87L/MF28Q673VKh8/cPi.SUl7MU/rWuSiIDDFayrKk/1tBsSQu4u" },
45
- { "a",
46
- "$2a$12$8NJH3LsPrANStV6XtBakCe",
47
- "$2a$12$8NJH3LsPrANStV6XtBakCez0cKHXVxmvxIlcz785vxAIZrihHZpeS" },
48
- { "abc",
49
- "$2a$06$If6bvum7DFjUnE9p2uDeDu",
50
- "$2a$06$If6bvum7DFjUnE9p2uDeDu0YHzrHM6tf.iqN8.yx.jNN1ILEf7h0i" },
51
- { "abc",
52
- "$2a$08$Ro0CUfOqk6cXEKf3dyaM7O",
53
- "$2a$08$Ro0CUfOqk6cXEKf3dyaM7OhSCvnwM9s4wIX9JeLapehKK5YdLxKcm" },
54
- { "abc",
55
- "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.",
56
- "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.hLA2W6N9AEBhEgrAOljy2Ae5MtaSIUi" },
57
- { "abc",
58
- "$2a$12$EXRkfkdmXn2gzds2SSitu.",
59
- "$2a$12$EXRkfkdmXn2gzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9q" },
60
- { "abcdefghijklmnopqrstuvwxyz",
61
- "$2a$06$.rCVZVOThsIa97pEDOxvGu",
62
- "$2a$06$.rCVZVOThsIa97pEDOxvGuRRgzG64bvtJ0938xuqzv18d3ZpQhstC" },
63
- { "abcdefghijklmnopqrstuvwxyz",
64
- "$2a$08$aTsUwsyowQuzRrDqFflhge",
65
- "$2a$08$aTsUwsyowQuzRrDqFflhgekJ8d9/7Z3GV3UcgvzQW3J5zMyrTvlz." },
66
- { "abcdefghijklmnopqrstuvwxyz",
67
- "$2a$10$fVH8e28OQRj9tqiDXs1e1u",
68
- "$2a$10$fVH8e28OQRj9tqiDXs1e1uxpsjN0c7II7YPKXua2NAKYvM6iQk7dq" },
69
- { "abcdefghijklmnopqrstuvwxyz",
70
- "$2a$12$D4G5f18o7aMMfwasBL7Gpu",
71
- "$2a$12$D4G5f18o7aMMfwasBL7GpuQWuP3pkrZrOAnqP.bmezbMng.QwJ/pG" },
72
- { "~!@#$%^&*() ~!@#$%^&*()PNBFRD",
73
- "$2a$06$fPIsBO8qRqkjj273rfaOI.",
74
- "$2a$06$fPIsBO8qRqkjj273rfaOI.HtSV9jLDpTbZn782DC6/t7qT67P6FfO" },
75
- { "~!@#$%^&*() ~!@#$%^&*()PNBFRD",
76
- "$2a$08$Eq2r4G/76Wv39MzSX262hu",
77
- "$2a$08$Eq2r4G/76Wv39MzSX262huzPz612MZiYHVUJe/OcOql2jo4.9UxTW" },
78
- { "~!@#$%^&*() ~!@#$%^&*()PNBFRD",
79
- "$2a$10$LgfYWkbzEvQ4JakH7rOvHe",
80
- "$2a$10$LgfYWkbzEvQ4JakH7rOvHe0y8pHKF9OaFgwUZ2q7W2FFZmZzJYlfS" },
81
- { "~!@#$%^&*() ~!@#$%^&*()PNBFRD",
82
- "$2a$12$WApznUOJfkEGSmYRfnkrPO",
83
- "$2a$12$WApznUOJfkEGSmYRfnkrPOr466oFDCaj4b6HY3EXGvfxm43seyhgC" },
84
- };
85
-
86
- /**
87
- * Entry point for unit tests
88
- * @param args unused
89
- */
90
- public static void main(String[] args) {
91
- junit.textui.TestRunner.run(TestBCrypt.class);
92
- }
93
-
94
- /**
95
- * Test method for 'BCrypt.hashpw(String, String)'
96
- */
97
- public void testHashpw() {
98
- System.out.print("BCrypt.hashpw(): ");
99
- for (int i = 0; i < test_vectors.length; i++) {
100
- String plain = test_vectors[i][0];
101
- String salt = test_vectors[i][1];
102
- String expected = test_vectors[i][2];
103
- String hashed = BCrypt.hashpw(plain, salt);
104
- assertEquals(hashed, expected);
105
- System.out.print(".");
106
- }
107
- System.out.println("");
108
- }
109
-
110
- /**
111
- * Test method for 'BCrypt.gensalt(int)'
112
- */
113
- public void testGensaltInt() {
114
- System.out.print("BCrypt.gensalt(log_rounds):");
115
- for (int i = 4; i <= 12; i++) {
116
- System.out.print(" " + Integer.toString(i) + ":");
117
- for (int j = 0; j < test_vectors.length; j += 4) {
118
- String plain = test_vectors[j][0];
119
- String salt = BCrypt.gensalt(i);
120
- String hashed1 = BCrypt.hashpw(plain, salt);
121
- String hashed2 = BCrypt.hashpw(plain, hashed1);
122
- assertEquals(hashed1, hashed2);
123
- System.out.print(".");
124
- }
125
- }
126
- System.out.println("");
127
- }
128
-
129
- /**
130
- * Test method for 'BCrypt.gensalt()'
131
- */
132
- public void testGensalt() {
133
- System.out.print("BCrypt.gensalt(): ");
134
- for (int i = 0; i < test_vectors.length; i += 4) {
135
- String plain = test_vectors[i][0];
136
- String salt = BCrypt.gensalt();
137
- String hashed1 = BCrypt.hashpw(plain, salt);
138
- String hashed2 = BCrypt.hashpw(plain, hashed1);
139
- assertEquals(hashed1, hashed2);
140
- System.out.print(".");
141
- }
142
- System.out.println("");
143
- }
144
-
145
- /**
146
- * Test method for 'BCrypt.checkpw(String, String)'
147
- * expecting success
148
- */
149
- public void testCheckpw_success() {
150
- System.out.print("BCrypt.checkpw w/ good passwords: ");
151
- for (int i = 0; i < test_vectors.length; i++) {
152
- String plain = test_vectors[i][0];
153
- String expected = test_vectors[i][2];
154
- assertTrue(BCrypt.checkpw(plain, expected));
155
- System.out.print(".");
156
- }
157
- System.out.println("");
158
- }
159
-
160
- /**
161
- * Test method for 'BCrypt.checkpw(String, String)'
162
- * expecting failure
163
- */
164
- public void testCheckpw_failure() {
165
- System.out.print("BCrypt.checkpw w/ bad passwords: ");
166
- for (int i = 0; i < test_vectors.length; i++) {
167
- int broken_index = (i + 4) % test_vectors.length;
168
- String plain = test_vectors[i][0];
169
- String expected = test_vectors[broken_index][2];
170
- assertFalse(BCrypt.checkpw(plain, expected));
171
- System.out.print(".");
172
- }
173
- System.out.println("");
174
- }
175
-
176
- /**
177
- * Test for correct hashing of non-US-ASCII passwords
178
- */
179
- public void testInternationalChars() {
180
- System.out.print("BCrypt.hashpw w/ international chars: ");
181
- String pw1 = "ππππππππ";
182
- String pw2 = "????????";
183
-
184
- String h1 = BCrypt.hashpw(pw1, BCrypt.gensalt());
185
- assertFalse(BCrypt.checkpw(pw2, h1));
186
- System.out.print(".");
187
-
188
- String h2 = BCrypt.hashpw(pw2, BCrypt.gensalt());
189
- assertFalse(BCrypt.checkpw(pw1, h2));
190
- System.out.print(".");
191
- System.out.println("");
192
- }
193
-
194
- }
@@ -1,176 +0,0 @@
1
- require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
2
- require 'securerandom'
3
-
4
- describe 'BCrypt::Engine' do
5
- describe '.calibrate(upper_time_limit_in_ms)' do
6
- context 'a tiny upper time limit provided' do
7
- it 'returns a minimum cost supported by the algorithm' do
8
- expect(BCrypt::Engine.calibrate(0.001)).to eq(4)
9
- end
10
- end
11
- end
12
- end
13
-
14
- describe "The BCrypt engine" do
15
- specify "should calculate the optimal cost factor to fit in a specific time" do
16
- start_time = Time.now
17
- BCrypt::Password.create("testing testing", :cost => BCrypt::Engine::MIN_COST + 1)
18
- min_time_ms = (Time.now - start_time) * 1000
19
- first = BCrypt::Engine.calibrate(min_time_ms)
20
- second = BCrypt::Engine.calibrate(min_time_ms * 4)
21
- expect(second).to be > first
22
- end
23
- end
24
-
25
- describe "Generating BCrypt salts" do
26
-
27
- specify "should produce strings" do
28
- expect(BCrypt::Engine.generate_salt).to be_an_instance_of(String)
29
- end
30
-
31
- specify "should produce random data" do
32
- expect(BCrypt::Engine.generate_salt).to_not equal(BCrypt::Engine.generate_salt)
33
- end
34
-
35
- specify "should raise a InvalidCostError if the cost parameter isn't numeric" do
36
- expect { BCrypt::Engine.generate_salt('woo') }.to raise_error(BCrypt::Errors::InvalidCost)
37
- end
38
-
39
- specify "should raise a InvalidCostError if the cost parameter isn't greater than 0" do
40
- expect { BCrypt::Engine.generate_salt(-1) }.to raise_error(BCrypt::Errors::InvalidCost)
41
- end
42
- end
43
-
44
- describe "Autodetecting of salt cost" do
45
-
46
- specify "should work" do
47
- expect(BCrypt::Engine.autodetect_cost("$2a$08$hRx2IVeHNsTSYYtUWn61Ou")).to eq 8
48
- expect(BCrypt::Engine.autodetect_cost("$2a$05$XKd1bMnLgUnc87qvbAaCUu")).to eq 5
49
- expect(BCrypt::Engine.autodetect_cost("$2a$13$Lni.CZ6z5A7344POTFBBV.")).to eq 13
50
- end
51
-
52
- end
53
-
54
- describe "Generating BCrypt hashes" do
55
-
56
- class MyInvalidSecret
57
- undef to_s
58
- end
59
-
60
- before :each do
61
- @salt = BCrypt::Engine.generate_salt(4)
62
- @password = "woo"
63
- end
64
-
65
- specify "should produce a string" do
66
- expect(BCrypt::Engine.hash_secret(@password, @salt)).to be_an_instance_of(String)
67
- end
68
-
69
- specify "should raise an InvalidSalt error if the salt is invalid" do
70
- expect { BCrypt::Engine.hash_secret(@password, 'nino') }.to raise_error(BCrypt::Errors::InvalidSalt)
71
- end
72
-
73
- specify "should raise an InvalidSecret error if the secret is invalid" do
74
- expect { BCrypt::Engine.hash_secret(MyInvalidSecret.new, @salt) }.to raise_error(BCrypt::Errors::InvalidSecret)
75
- expect { BCrypt::Engine.hash_secret(nil, @salt) }.not_to raise_error
76
- expect { BCrypt::Engine.hash_secret(false, @salt) }.not_to raise_error
77
- end
78
-
79
- specify "should call #to_s on the secret and use the return value as the actual secret data" do
80
- expect(BCrypt::Engine.hash_secret(false, @salt)).to eq BCrypt::Engine.hash_secret("false", @salt)
81
- end
82
-
83
- specify "should be interoperable with other implementations" do
84
- test_vectors = [
85
- # test vectors from the OpenWall implementation <https://www.openwall.com/crypt/>, found in wrapper.c
86
- ["U*U", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"],
87
- ["U*U*", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK"],
88
- ["U*U*U", "$2a$05$XXXXXXXXXXXXXXXXXXXXXO", "$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a"],
89
- ["0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789chars after 72 are ignored", "$2a$05$abcdefghijklmnopqrstuu", "$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui"],
90
- ["\xa3", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e"],
91
- ["\xff\xff\xa3", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e"],
92
- ["\xff\xff\xa3", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e"],
93
- ["\xff\xff\xa3", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.nqd1wy.pTMdcvrRWxyiGL2eMz.2a85."],
94
- ["\xff\xff\xa3", "$2b$05$/OK.fbVrR/bpIqNJ5ianF.", "$2b$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e"],
95
- ["\xa3", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq"],
96
- ["\xa3", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq"],
97
- ["\xa3", "$2b$05$/OK.fbVrR/bpIqNJ5ianF.", "$2b$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq"],
98
- ["1\xa3" "345", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi"],
99
- ["\xff\xa3" "345", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi"],
100
- ["\xff\xa3" "34" "\xff\xff\xff\xa3" "345", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi"],
101
- ["\xff\xa3" "34" "\xff\xff\xff\xa3" "345", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi"],
102
- ["\xff\xa3" "34" "\xff\xff\xff\xa3" "345", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.ZC1JEJ8Z4gPfpe1JOr/oyPXTWl9EFd."],
103
- ["\xff\xa3" "345", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.nRht2l/HRhr6zmCp9vYUvvsqynflf9e"],
104
- ["\xff\xa3" "345", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.nRht2l/HRhr6zmCp9vYUvvsqynflf9e"],
105
- ["\xa3" "ab", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS"],
106
- ["\xa3" "ab", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.", "$2x$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS"],
107
- ["\xa3" "ab", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.", "$2y$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS"],
108
- ["\xd1\x91", "$2x$05$6bNw2HLQYeqHYyBfLMsv/O", "$2x$05$6bNw2HLQYeqHYyBfLMsv/OiwqTymGIGzFsA4hOTWebfehXHNprcAS"],
109
- ["\xd0\xc1\xd2\xcf\xcc\xd8", "$2x$05$6bNw2HLQYeqHYyBfLMsv/O", "$2x$05$6bNw2HLQYeqHYyBfLMsv/O9LIGgn8OMzuDoHfof8AQimSGfcSWxnS"],
110
- ["\xaa"*72+"chars after 72 are ignored as usual", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.swQOIzjOiJ9GHEPuhEkvqrUyvWhEMx6"],
111
- ["\xaa\x55"*36, "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.R9xrDjiycxMbQE2bp.vgqlYpW5wx2yy"],
112
- ["\x55\xaa\xff"*24, "$2a$05$/OK.fbVrR/bpIqNJ5ianF.", "$2a$05$/OK.fbVrR/bpIqNJ5ianF.9tQZzcJfm3uj2NvJ/n5xkhpqLrMpWCe"],
113
- ["", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy"],
114
-
115
- # test vectors from the Java implementation, found in https://github.com/spring-projects/spring-security/blob/master/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptTests.java
116
- ["", "$2a$06$DCq7YPn5Rq63x1Lad4cll.", "$2a$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s."],
117
- ["", "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.", "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.Tl.ZHfXLhvt/SgVyWhQqgqcZ7ZuUtye"],
118
- ["", "$2a$10$k1wbIrmNyFAPwPVPSVa/ze", "$2a$10$k1wbIrmNyFAPwPVPSVa/zecw2BCEnBwVS2GbrmgzxFUOqW9dk4TCW"],
119
- ["", "$2a$12$k42ZFHFWqBp3vWli.nIn8u", "$2a$12$k42ZFHFWqBp3vWli.nIn8uYyIkbvYRvodzbfbK18SSsY.CsIQPlxO"],
120
- ["", "$2b$06$8eVN9RiU8Yki430X.wBvN.", "$2b$06$8eVN9RiU8Yki430X.wBvN.LWaqh2962emLVSVXVZIXJvDYLsV0oFu"],
121
- ["", "$2b$06$NlgfNgpIc6GlHciCkMEW8u", "$2b$06$NlgfNgpIc6GlHciCkMEW8uKOBsyvAp7QwlHpysOlKdtyEw50WQua2"],
122
- ["", "$2y$06$mFDtkz6UN7B3GZ2qi2hhaO", "$2y$06$mFDtkz6UN7B3GZ2qi2hhaO3OFWzNEdcY84ELw6iHCPruuQfSAXBLK"],
123
- ["", "$2y$06$88kSqVttBx.e9iXTPCLa5u", "$2y$06$88kSqVttBx.e9iXTPCLa5uFPrVFjfLH4D.KcO6pBiAmvUkvdg0EYy"],
124
- ["a", "$2a$06$m0CrhHm10qJ3lXRY.5zDGO", "$2a$06$m0CrhHm10qJ3lXRY.5zDGO3rS2KdeeWLuGmsfGlMfOxih58VYVfxe"],
125
- ["a", "$2a$08$cfcvVd2aQ8CMvoMpP2EBfe", "$2a$08$cfcvVd2aQ8CMvoMpP2EBfeodLEkkFJ9umNEfPD18.hUF62qqlC/V."],
126
- ["a", "$2a$10$k87L/MF28Q673VKh8/cPi.", "$2a$10$k87L/MF28Q673VKh8/cPi.SUl7MU/rWuSiIDDFayrKk/1tBsSQu4u"],
127
- ["a", "$2a$12$8NJH3LsPrANStV6XtBakCe", "$2a$12$8NJH3LsPrANStV6XtBakCez0cKHXVxmvxIlcz785vxAIZrihHZpeS"],
128
- ["a", "$2b$06$ehKGYiS4wt2HAr7KQXS5z.", "$2b$06$ehKGYiS4wt2HAr7KQXS5z.OaRjB4jHO7rBHJKlGXbqEH3QVJfO7iO"],
129
- ["a", "$2b$06$PWxFFHA3HiCD46TNOZh30e", "$2b$06$PWxFFHA3HiCD46TNOZh30eNto1hg5uM9tHBlI4q/b03SW/gGKUYk6"],
130
- ["a", "$2y$06$LUdD6/aD0e/UbnxVAVbvGu", "$2y$06$LUdD6/aD0e/UbnxVAVbvGuUmIoJ3l/OK94ThhadpMWwKC34LrGEey"],
131
- ["a", "$2y$06$eqgY.T2yloESMZxgp76deO", "$2y$06$eqgY.T2yloESMZxgp76deOROa7nzXDxbO0k.PJvuClTa.Vu1AuemG"],
132
- ["abc", "$2a$06$If6bvum7DFjUnE9p2uDeDu", "$2a$06$If6bvum7DFjUnE9p2uDeDu0YHzrHM6tf.iqN8.yx.jNN1ILEf7h0i"],
133
- ["abc", "$2a$08$Ro0CUfOqk6cXEKf3dyaM7O", "$2a$08$Ro0CUfOqk6cXEKf3dyaM7OhSCvnwM9s4wIX9JeLapehKK5YdLxKcm"],
134
- ["abc", "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.", "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.hLA2W6N9AEBhEgrAOljy2Ae5MtaSIUi"],
135
- ["abc", "$2a$12$EXRkfkdmXn2gzds2SSitu.", "$2a$12$EXRkfkdmXn2gzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9q"],
136
- ["abc", "$2b$06$5FyQoicpbox1xSHFfhhdXu", "$2b$06$5FyQoicpbox1xSHFfhhdXuR2oxLpO1rYsQh5RTkI/9.RIjtoF0/ta"],
137
- ["abc", "$2b$06$1kJyuho8MCVP3HHsjnRMkO", "$2b$06$1kJyuho8MCVP3HHsjnRMkO1nvCOaKTqLnjG2TX1lyMFbXH/aOkgc."],
138
- ["abc", "$2y$06$ACfku9dT6.H8VjdKb8nhlu", "$2y$06$ACfku9dT6.H8VjdKb8nhluaoBmhJyK7GfoNScEfOfrJffUxoUeCjK"],
139
- ["abc", "$2y$06$9JujYcoWPmifvFA3RUP90e", "$2y$06$9JujYcoWPmifvFA3RUP90e5rSEHAb5Ye6iv3.G9ikiHNv5cxjNEse"],
140
- ["abcdefghijklmnopqrstuvwxyz", "$2a$06$.rCVZVOThsIa97pEDOxvGu", "$2a$06$.rCVZVOThsIa97pEDOxvGuRRgzG64bvtJ0938xuqzv18d3ZpQhstC"],
141
- ["abcdefghijklmnopqrstuvwxyz", "$2a$08$aTsUwsyowQuzRrDqFflhge", "$2a$08$aTsUwsyowQuzRrDqFflhgekJ8d9/7Z3GV3UcgvzQW3J5zMyrTvlz."],
142
- ["abcdefghijklmnopqrstuvwxyz", "$2a$10$fVH8e28OQRj9tqiDXs1e1u", "$2a$10$fVH8e28OQRj9tqiDXs1e1uxpsjN0c7II7YPKXua2NAKYvM6iQk7dq"],
143
- ["abcdefghijklmnopqrstuvwxyz", "$2a$12$D4G5f18o7aMMfwasBL7Gpu", "$2a$12$D4G5f18o7aMMfwasBL7GpuQWuP3pkrZrOAnqP.bmezbMng.QwJ/pG"],
144
- ["abcdefghijklmnopqrstuvwxyz", "$2b$06$O8E89AQPj1zJQA05YvIAU.", "$2b$06$O8E89AQPj1zJQA05YvIAU.hMpj25BXri1bupl/Q7CJMlpLwZDNBoO"],
145
- ["abcdefghijklmnopqrstuvwxyz", "$2b$06$PDqIWr./o/P3EE/P.Q0A/u", "$2b$06$PDqIWr./o/P3EE/P.Q0A/uFg86WL/PXTbaW267TDALEwDylqk00Z."],
146
- ["abcdefghijklmnopqrstuvwxyz", "$2y$06$34MG90ZLah8/ZNr3ltlHCu", "$2y$06$34MG90ZLah8/ZNr3ltlHCuz6bachF8/3S5jTuzF1h2qg2cUk11sFW"],
147
- ["abcdefghijklmnopqrstuvwxyz", "$2y$06$AK.hSLfMyw706iEW24i68u", "$2y$06$AK.hSLfMyw706iEW24i68uKAc2yorPTrB0cimvjJHEBUrPkOq7VvG"],
148
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$06$fPIsBO8qRqkjj273rfaOI.", "$2a$06$fPIsBO8qRqkjj273rfaOI.HtSV9jLDpTbZn782DC6/t7qT67P6FfO"],
149
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$08$Eq2r4G/76Wv39MzSX262hu", "$2a$08$Eq2r4G/76Wv39MzSX262huzPz612MZiYHVUJe/OcOql2jo4.9UxTW"],
150
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$10$LgfYWkbzEvQ4JakH7rOvHe", "$2a$10$LgfYWkbzEvQ4JakH7rOvHe0y8pHKF9OaFgwUZ2q7W2FFZmZzJYlfS"],
151
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$12$WApznUOJfkEGSmYRfnkrPO", "$2a$12$WApznUOJfkEGSmYRfnkrPOr466oFDCaj4b6HY3EXGvfxm43seyhgC"],
152
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2b$06$FGWA8OlY6RtQhXBXuCJ8Wu", "$2b$06$FGWA8OlY6RtQhXBXuCJ8WusVipRI15cWOgJK8MYpBHEkktMfbHRIG"],
153
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2b$06$G6aYU7UhUEUDJBdTgq3CRe", "$2b$06$G6aYU7UhUEUDJBdTgq3CRekiopCN4O4sNitFXrf5NUscsVZj3a2r6"],
154
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2y$06$sYDFHqOcXTjBgOsqC0WCKe", "$2y$06$sYDFHqOcXTjBgOsqC0WCKeMd3T1UhHuWQSxncLGtXDLMrcE6vFDti"],
155
- ["~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2y$06$6Xm0gCw4g7ZNDCEp4yTise", "$2y$06$6Xm0gCw4g7ZNDCEp4yTisez0kSdpXEl66MvdxGidnmChIe8dFmMnq"]
156
- ]
157
- for secret, salt, test_vector in test_vectors
158
- expect(BCrypt::Engine.hash_secret(secret, salt)).to eql(test_vector)
159
- end
160
- end
161
-
162
- specify "should truncate long 1-byte character secrets to 72 bytes" do
163
- # 'b' as a base triggers the failure at 256 characters, but 'a' does not.
164
- too_long_secret = 'b'*(BCrypt::Engine::MAX_SECRET_BYTESIZE + 1)
165
- just_right_secret = 'b'*BCrypt::Engine::MAX_SECRET_BYTESIZE
166
- expect(BCrypt::Engine.hash_secret(too_long_secret, @salt)).to eq(BCrypt::Engine.hash_secret(just_right_secret, @salt))
167
- end
168
-
169
- specify "should truncate long multi-byte character secrets to 72 bytes" do
170
- # 256 times causes bcrypt to return nil for libxcrypt > 4.4.18-4.
171
- too_long_secret = '𐐷'*256
172
- # 𐐷 takes 4 bytes in UTF-8. 18 times is 72 bytes
173
- just_right_secret = '𐐷'*18
174
- expect(BCrypt::Engine.hash_secret(too_long_secret, @salt)).to eq(BCrypt::Engine.hash_secret(just_right_secret, @salt))
175
- end
176
- end
@@ -1,37 +0,0 @@
1
- require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
2
-
3
- describe "Errors" do
4
-
5
- shared_examples "descends from StandardError" do
6
- it "can be rescued as a StandardError" do
7
- expect(described_class).to be < StandardError
8
- end
9
- end
10
-
11
- shared_examples "descends from BCrypt::Error" do
12
- it "can be rescued as a BCrypt::Error" do
13
- expect(described_class).to be < BCrypt::Error
14
- end
15
- end
16
-
17
- describe BCrypt::Error do
18
- include_examples "descends from StandardError"
19
- end
20
-
21
- describe BCrypt::Errors::InvalidCost do
22
- include_examples "descends from BCrypt::Error"
23
- end
24
-
25
- describe BCrypt::Errors::InvalidHash do
26
- include_examples "descends from BCrypt::Error"
27
- end
28
-
29
- describe BCrypt::Errors::InvalidSalt do
30
- include_examples "descends from BCrypt::Error"
31
- end
32
-
33
- describe BCrypt::Errors::InvalidSecret do
34
- include_examples "descends from BCrypt::Error"
35
- end
36
-
37
- end
@@ -1,131 +0,0 @@
1
- require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
2
- require 'securerandom'
3
-
4
- describe "Creating a hashed password" do
5
-
6
- before :each do
7
- @secret = "wheedle"
8
- @password = BCrypt::Password.create(@secret, :cost => 4)
9
- end
10
-
11
- specify "should return a BCrypt::Password" do
12
- expect(@password).to be_an_instance_of(BCrypt::Password)
13
- end
14
-
15
- specify "should return a valid bcrypt password" do
16
- expect { BCrypt::Password.new(@password) }.not_to raise_error
17
- end
18
-
19
- specify "should behave normally if the secret is not a string" do
20
- expect { BCrypt::Password.create(nil) }.not_to raise_error
21
- expect { BCrypt::Password.create({:woo => "yeah"}) }.not_to raise_error
22
- expect { BCrypt::Password.create(false) }.not_to raise_error
23
- end
24
-
25
- specify "should tolerate empty string secrets" do
26
- expect { BCrypt::Password.create( "\n".chop ) }.not_to raise_error
27
- expect { BCrypt::Password.create( "" ) }.not_to raise_error
28
- expect { BCrypt::Password.create( String.new ) }.not_to raise_error
29
- end
30
-
31
- specify "should tolerate very long string secrets" do
32
- expect { BCrypt::Password.create("abcd"*1024) }.not_to raise_error
33
- end
34
- end
35
-
36
- describe "Reading a hashed password" do
37
- before :each do
38
- @secret = "U*U"
39
- @hash = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
40
- end
41
-
42
- specify "the cost is too damn high" do
43
- expect {
44
- BCrypt::Password.create("hello", :cost => 32)
45
- }.to raise_error(ArgumentError)
46
- end
47
-
48
- specify "the cost should be set to the default if nil" do
49
- expect(BCrypt::Password.create("hello", :cost => nil).cost).to equal(BCrypt::Engine::DEFAULT_COST)
50
- end
51
-
52
- specify "the cost should be set to the default if empty hash" do
53
- expect(BCrypt::Password.create("hello", {}).cost).to equal(BCrypt::Engine::DEFAULT_COST)
54
- end
55
-
56
- specify "the cost should be set to the passed value if provided" do
57
- expect(BCrypt::Password.create("hello", :cost => 5).cost).to equal(5)
58
- end
59
-
60
- specify "the cost should be set to the global value if set" do
61
- BCrypt::Engine.cost = 5
62
- expect(BCrypt::Password.create("hello").cost).to equal(5)
63
- # unset the global value to not affect other tests
64
- BCrypt::Engine.cost = nil
65
- end
66
-
67
- specify "the cost should be set to an overridden constant for backwards compatibility" do
68
- # suppress "already initialized constant" warning
69
- old_verbose, $VERBOSE = $VERBOSE, nil
70
- old_default_cost = BCrypt::Engine::DEFAULT_COST
71
-
72
- BCrypt::Engine::DEFAULT_COST = 5
73
- expect(BCrypt::Password.create("hello").cost).to equal(5)
74
-
75
- # reset default to not affect other tests
76
- BCrypt::Engine::DEFAULT_COST = old_default_cost
77
- $VERBOSE = old_verbose
78
- end
79
-
80
- specify "should read the version, cost, salt, and hash" do
81
- password = BCrypt::Password.new(@hash)
82
- expect(password.version).to eql("2a")
83
- expect(password.version.class).to eq String
84
- expect(password.cost).to equal(5)
85
- expect(password.salt).to eql("$2a$05$CCCCCCCCCCCCCCCCCCCCC.")
86
- expect(password.salt.class).to eq String
87
- expect(password.checksum).to eq("E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW")
88
- expect(password.checksum.class).to eq String
89
- expect(password.to_s).to eql(@hash)
90
- end
91
-
92
- specify "should raise an InvalidHashError when given an invalid hash" do
93
- expect { BCrypt::Password.new('weedle') }.to raise_error(BCrypt::Errors::InvalidHash)
94
- end
95
- end
96
-
97
- describe "Comparing a hashed password with a secret" do
98
- before :each do
99
- @secret = "U*U"
100
- @hash = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
101
- @password = BCrypt::Password.create(@secret)
102
- end
103
-
104
- specify "should compare successfully to the original secret" do
105
- expect((@password == @secret)).to be(true)
106
- end
107
-
108
- specify "should compare unsuccessfully to anything besides original secret" do
109
- expect((@password == "@secret")).to be(false)
110
- end
111
- end
112
-
113
- describe "Validating a generated salt" do
114
- specify "should not accept an invalid salt" do
115
- expect(BCrypt::Engine.valid_salt?("invalid")).to eq(false)
116
- expect(BCrypt::Engine.valid_salt?("invalid\n#{BCrypt::Engine.generate_salt}\ninvalid")).to eq(false)
117
- end
118
- specify "should accept a valid salt" do
119
- expect(BCrypt::Engine.valid_salt?(BCrypt::Engine.generate_salt)).to eq(true)
120
- end
121
- end
122
-
123
- describe "Validating a password hash" do
124
- specify "should not accept an invalid password" do
125
- expect(BCrypt::Password.valid_hash?("i_am_so_not_valid")).to be(false)
126
- expect(BCrypt::Password.valid_hash?("invalid\n#{BCrypt::Password.create "i_am_so_valid"}\ninvalid")).to be(false)
127
- end
128
- specify "should accept a valid password" do
129
- expect(BCrypt::Password.valid_hash?(BCrypt::Password.create "i_am_so_valid")).to be(true)
130
- end
131
- end
data/spec/spec_helper.rb DELETED
@@ -1,2 +0,0 @@
1
- $:.unshift File.expand_path('../../lib', __FILE__)
2
- require 'bcrypt'