devise-argon2 1.0.2 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.gitignore +1 -0
- data/devise-argon2.gemspec +1 -1
- data/lib/devise/encryptable/encryptors/argon2/version.rb +1 -1
- data/spec/devise-argon2_spec.rb +33 -14
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 6710d39a7495e895f798cb907b4d4e4d67fa0f39fd3141d2a4d76d6da0c0b7a4
|
|
4
|
+
data.tar.gz: 48086d611acd10f4d91b2ccfa229bac0abe6f587abdae1a3b3df154c6d2d6408
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9e1be2f0b26ca41bb61ea3f42d1bfae79e59b1a670fe23574d1453138173caa8e4267266a169d9bfcc15bead58be9fb8009d70d183bf18a22967682ba58c095a
|
|
7
|
+
data.tar.gz: 22671a23d33b2de4c6c5ee5e50d1e5eb6a46009c338612256138b8ad72ff05cef442854c9f6ceab4f7a42934fbbafad0d213ce898c9c6ce6916c58625bed0335
|
data/.gitignore
CHANGED
data/devise-argon2.gemspec
CHANGED
data/spec/devise-argon2_spec.rb
CHANGED
|
@@ -3,29 +3,48 @@ require 'spec_helper'
|
|
|
3
3
|
|
|
4
4
|
describe Devise::Encryptable::Encryptors::Argon2 do
|
|
5
5
|
let(:argon2) { Devise::Encryptable::Encryptors::Argon2 }
|
|
6
|
-
let(:salt) { "You say you love me like salt! The simplest spice in my kingdom!" }
|
|
7
|
-
let(:pepper) { "I don't really want to stop the show But I thought that you might like to know That the singer's going to sing a song And he wants you all to sing along" }
|
|
8
6
|
let(:password) { 'Tr0ub4dor&3' }
|
|
9
7
|
let(:stretches) { 10 }
|
|
10
8
|
|
|
11
|
-
describe "
|
|
12
|
-
let(:
|
|
9
|
+
describe "used with salt + pepper" do
|
|
10
|
+
let(:salt) { "You say you love me like salt! The simplest spice in my kingdom!" }
|
|
11
|
+
let(:pepper) { "I don't really want to stop the show But I thought that you might like to know That the singer's going to sing a song And he wants you all to sing along" }
|
|
13
12
|
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
end
|
|
13
|
+
describe ".compare" do
|
|
14
|
+
let(:encrypted) { Argon2::Password.create("#{password}#{salt}#{pepper}").to_s }
|
|
17
15
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
16
|
+
it "is true when the encrypted password contains the argon2id format" do
|
|
17
|
+
expect(encrypted).to match /argon2id/
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
it "is true when comparing an encrypted password against given plaintext" do
|
|
21
|
+
expect(argon2.compare(encrypted, password, stretches, salt, pepper)).to be true
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
it "is false when comparing with wrong password" do
|
|
25
|
+
expect(argon2.compare(encrypted, 'hunter2', stretches, salt, pepper)).to be false
|
|
26
|
+
end
|
|
21
27
|
|
|
22
|
-
|
|
23
|
-
|
|
28
|
+
it "is false when comparing with correct password but wrong salt" do
|
|
29
|
+
expect(argon2.compare(encrypted, password, stretches, 'nacl', pepper)).to be false
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
it "is false when comparing with correct password but wrong pepper" do
|
|
33
|
+
expect(argon2.compare(encrypted, password, stretches, salt, 'beatles')).to be false
|
|
34
|
+
end
|
|
24
35
|
end
|
|
25
36
|
|
|
26
|
-
|
|
27
|
-
|
|
37
|
+
describe "without any salt or pepper" do
|
|
38
|
+
let(:encrypted) { Argon2::Password.create(password).to_s }
|
|
39
|
+
let(:salt) { nil }
|
|
40
|
+
let(:pepper) { nil }
|
|
41
|
+
let(:encrypted) { Argon2::Password.create(password).to_s }
|
|
42
|
+
|
|
43
|
+
it "is still works" do
|
|
44
|
+
expect(argon2.compare(encrypted, password, stretches, salt, pepper)).to be true
|
|
45
|
+
end
|
|
28
46
|
end
|
|
47
|
+
|
|
29
48
|
end
|
|
30
49
|
|
|
31
50
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise-argon2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tamas Erdos
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-11-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devise
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '
|
|
47
|
+
version: '2.0'
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '
|
|
54
|
+
version: '2.0'
|
|
55
55
|
description: A devise-encryptable password encryptor that uses Argon2
|
|
56
56
|
email:
|
|
57
57
|
- tamas at tamaserdos com
|
|
@@ -91,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
91
91
|
version: '0'
|
|
92
92
|
requirements: []
|
|
93
93
|
rubyforge_project:
|
|
94
|
-
rubygems_version: 2.
|
|
94
|
+
rubygems_version: 2.7.8
|
|
95
95
|
signing_key:
|
|
96
96
|
specification_version: 4
|
|
97
97
|
summary: A devise-encryptable password encryptor that uses Argon2
|