RubyGems - devise-argon2 - Versions diffs - 1.0.2 → 1.1.0 - Mend

devise-argon2 1.0.2 → 1.1.0

Files changed (6) hide show

checksums.yaml +5 -5
data/.gitignore +1 -0
data/devise-argon2.gemspec +1 -1
data/lib/devise/encryptable/encryptors/argon2/version.rb +1 -1
data/spec/devise-argon2_spec.rb +33 -14
metadata +5 -5

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: a18da5b17816e607aca4eb72c783afe11abf88bd
-  data.tar.gz: 51ae25f373d02302e4f47e690a245de046c17d16
+SHA256:
+  metadata.gz: 6710d39a7495e895f798cb907b4d4e4d67fa0f39fd3141d2a4d76d6da0c0b7a4
+  data.tar.gz: 48086d611acd10f4d91b2ccfa229bac0abe6f587abdae1a3b3df154c6d2d6408
 SHA512:
-  metadata.gz: 56000989e0cb20a98e7622ee2a252e9e6466330cba7a0470d860e3c44d2dd07d6d05a0a353cb79e26c381ac9b0c26e8184d24ff202f76fe0bf164e1b1d5e52be
-  data.tar.gz: 9f688f915dc3f97845019189e5b35a84599b6042e88691c9a8de517dfb914ec82082023188557cb5d3f747a0ca3b2861a653f66ad4c29b84bd3420030f1f343b
+  metadata.gz: 9e1be2f0b26ca41bb61ea3f42d1bfae79e59b1a670fe23574d1453138173caa8e4267266a169d9bfcc15bead58be9fb8009d70d183bf18a22967682ba58c095a
+  data.tar.gz: 22671a23d33b2de4c6c5ee5e50d1e5eb6a46009c338612256138b8ad72ff05cef442854c9f6ceab4f7a42934fbbafad0d213ce898c9c6ce6916c58625bed0335

data/.gitignore CHANGED

@@ -15,3 +15,4 @@ spec/reports
 test/tmp
 test/version_tmp
 tmp
+.ruby-gemset

data/devise-argon2.gemspec CHANGED

@@ -19,5 +19,5 @@ Gem::Specification.new do |gem|
   gem.add_dependency 'devise', '>= 2.1.0'
   gem.add_dependency 'devise-encryptable', '>= 0.2.0'
-  gem.add_dependency 'argon2', '~> 1.0'
+  gem.add_dependency 'argon2', '~> 2.0'
 end

data/lib/devise/encryptable/encryptors/argon2/version.rb CHANGED

@@ -1,7 +1,7 @@
 module Devise
   module Encryptable
     module Encryptors
-      ARGON2_VERSION = '1.0.2'
+      ARGON2_VERSION = '1.1.0'
     end
   end
 end

data/spec/devise-argon2_spec.rb CHANGED

@@ -3,29 +3,48 @@ require 'spec_helper'
 describe Devise::Encryptable::Encryptors::Argon2 do
   let(:argon2)    { Devise::Encryptable::Encryptors::Argon2 }
-  let(:salt)      { "You say you love me like salt! The simplest spice in my kingdom!" }
-  let(:pepper)    { "I don't really want to stop the show But I thought that you might like to know That the singer's going to sing a song And he wants you all to sing along" }
   let(:password)  { 'Tr0ub4dor&3' }
   let(:stretches) { 10 }
-  describe ".compare" do
-    let(:encrypted) { Argon2::Password.create("#{password}#{salt}#{pepper}").to_s }
+  describe "used with salt + pepper" do
+    let(:salt)      { "You say you love me like salt! The simplest spice in my kingdom!" }
+    let(:pepper)    { "I don't really want to stop the show But I thought that you might like to know That the singer's going to sing a song And he wants you all to sing along" }
-    it "is true when comparing an encrypted password against given plaintext" do
-      expect(argon2.compare(encrypted, password, stretches, salt, pepper)).to be true
-    end
+    describe ".compare" do
+      let(:encrypted) { Argon2::Password.create("#{password}#{salt}#{pepper}").to_s }
-    it "is false when comparing with wrong password" do
-      expect(argon2.compare(encrypted, 'hunter2', stretches, salt, pepper)).to be false
-    end
+      it "is true when the encrypted password contains the argon2id format" do
+        expect(encrypted).to match /argon2id/
+      end
+      it "is true when comparing an encrypted password against given plaintext" do
+        expect(argon2.compare(encrypted, password, stretches, salt, pepper)).to be true
+      end
+      it "is false when comparing with wrong password" do
+        expect(argon2.compare(encrypted, 'hunter2', stretches, salt, pepper)).to be false
+      end
-    it "is false when comparing with correct password but wrong salt" do
-      expect(argon2.compare(encrypted, password, stretches, 'nacl', pepper)).to be false
+      it "is false when comparing with correct password but wrong salt" do
+        expect(argon2.compare(encrypted, password, stretches, 'nacl', pepper)).to be false
+      end
+      it "is false when comparing with correct password but wrong pepper" do
+        expect(argon2.compare(encrypted, password, stretches, salt, 'beatles')).to be false
+      end
     end
-    it "is false when comparing with correct password but wrong pepper" do
-      expect(argon2.compare(encrypted, password, stretches, salt, 'beatles')).to be false
+    describe "without any salt or pepper" do
+      let(:encrypted) { Argon2::Password.create(password).to_s }
+      let(:salt) { nil }
+      let(:pepper) { nil }
+      let(:encrypted) { Argon2::Password.create(password).to_s }
+      it "is still works" do
+        expect(argon2.compare(encrypted, password, stretches, salt, pepper)).to be true
+      end
     end
   end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-argon2
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.1.0
 platform: ruby
 authors:
 - Tamas Erdos
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-04-03 00:00:00.000000000 Z
+date: 2019-11-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
 description: A devise-encryptable password encryptor that uses Argon2
 email:
 - tamas at tamaserdos com
@@ -91,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.5.1
+rubygems_version: 2.7.8
 signing_key:
 specification_version: 4
 summary: A devise-encryptable password encryptor that uses Argon2