git ssb

1
require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper"))
2
3
describe "Creating a hashed password" do
4
5
  before :each do
6
    @secret = "wheedle"
7
    @password = BCrypt::Password.create(@secret, :cost => 4)
8
  end
9
10
  specify "should return a BCrypt::Password" do
11
    @password.should be_an_instance_of(BCrypt::Password)
12
  end
13
14
  specify "should return a valid bcrypt password" do
15
    lambda { BCrypt::Password.new(@password) }.should_not raise_error
16
  end
17
18
  specify "should behave normally if the secret is not a string" do
19
    lambda { BCrypt::Password.create(nil) }.should_not raise_error(BCrypt::Errors::InvalidSecret)
20
    lambda { BCrypt::Password.create({:woo => "yeah"}) }.should_not raise_error(BCrypt::Errors::InvalidSecret)
21
    lambda { BCrypt::Password.create(false) }.should_not raise_error(BCrypt::Errors::InvalidSecret)
22
  end
23
24
  specify "should tolerate empty string secrets" do
25
    lambda { BCrypt::Password.create( "\n".chop  ) }.should_not raise_error
26
    lambda { BCrypt::Password.create( ""         ) }.should_not raise_error
27
    lambda { BCrypt::Password.create( String.new ) }.should_not raise_error
28
  end
29
end
30
31
describe "Reading a hashed password" do
32
  before :each do
33
    @secret = "U*U"
34
    @hash = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
35
  end
36
37
  specify "the cost is too damn high" do
38
    lambda {
39
      BCrypt::Password.create("hello", :cost => 32)
40
    }.should raise_error(ArgumentError)
41
  end
42
43
  specify "should read the version, cost, salt, and hash" do
44
    password = BCrypt::Password.new(@hash)
45
    password.version.should eql("2a")
46
    password.cost.should equal(5)
47
    password.salt.should eql("$2a$05$CCCCCCCCCCCCCCCCCCCCC.")
48
    password.salt.class.should eq String
49
    password.checksum.should eq("E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW")
50
    password.checksum.class.should eq String
51
    password.to_s.should eql(@hash)
52
  end
53
54
  specify "should raise an InvalidHashError when given an invalid hash" do
55
    lambda { BCrypt::Password.new('weedle') }.should raise_error(BCrypt::Errors::InvalidHash)
56
  end
57
end
58
59
describe "Comparing a hashed password with a secret" do
60
  before :each do
61
    @secret = "U*U"
62
    @hash = "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"
63
    @password = BCrypt::Password.create(@secret)
64
  end
65
66
  specify "should compare successfully to the original secret" do
67
    (@password == @secret).should be(true)
68
  end
69
70
  specify "should compare unsuccessfully to anything besides original secret" do
71
    (@password == "@secret").should be(false)
72
  end
73
end
74
75
describe "Validating a generated salt" do
76
  specify "should not accept an invalid salt" do
77
    BCrypt::Engine.valid_salt?("invalid").should eq(false)
78
  end
79
  specify "should accept a valid salt" do
80
    BCrypt::Engine.valid_salt?(BCrypt::Engine.generate_salt).should eq(true)
81
  end
82
end
83