Files: e718c7b205b34b22bbd25c4bed4e731463e6a356 / spec / bcrypt / engine_spec.rb
3297 bytesRaw
| 1 | require File.expand_path(File.join(File.dirname(__FILE__), "..", "spec_helper")) |
| 2 | |
| 3 | describe "The BCrypt engine" do |
| 4 | specify "should calculate the optimal cost factor to fit in a specific time" do |
| 5 | first = BCrypt::Engine.calibrate(100) |
| 6 | second = BCrypt::Engine.calibrate(400) |
| 7 | second.should > first |
| 8 | end |
| 9 | end |
| 10 | |
| 11 | describe "Generating BCrypt salts" do |
| 12 | |
| 13 | specify "should produce strings" do |
| 14 | BCrypt::Engine.generate_salt.should be_an_instance_of(String) |
| 15 | end |
| 16 | |
| 17 | specify "should produce random data" do |
| 18 | BCrypt::Engine.generate_salt.should_not equal(BCrypt::Engine.generate_salt) |
| 19 | end |
| 20 | |
| 21 | specify "should raise a InvalidCostError if the cost parameter isn't numeric" do |
| 22 | lambda { BCrypt::Engine.generate_salt('woo') }.should raise_error(BCrypt::Errors::InvalidCost) |
| 23 | end |
| 24 | |
| 25 | specify "should raise a InvalidCostError if the cost parameter isn't greater than 0" do |
| 26 | lambda { BCrypt::Engine.generate_salt(-1) }.should raise_error(BCrypt::Errors::InvalidCost) |
| 27 | end |
| 28 | end |
| 29 | |
| 30 | describe "Autodetecting of salt cost" do |
| 31 | |
| 32 | specify "should work" do |
| 33 | BCrypt::Engine.autodetect_cost("$2a$08$hRx2IVeHNsTSYYtUWn61Ou").should eq 8 |
| 34 | BCrypt::Engine.autodetect_cost("$2a$05$XKd1bMnLgUnc87qvbAaCUu").should eq 5 |
| 35 | BCrypt::Engine.autodetect_cost("$2a$13$Lni.CZ6z5A7344POTFBBV.").should eq 13 |
| 36 | end |
| 37 | |
| 38 | end |
| 39 | |
| 40 | describe "Generating BCrypt hashes" do |
| 41 | |
| 42 | class MyInvalidSecret |
| 43 | undef to_s |
| 44 | end |
| 45 | |
| 46 | before :each do |
| 47 | @salt = BCrypt::Engine.generate_salt(4) |
| 48 | @password = "woo" |
| 49 | end |
| 50 | |
| 51 | specify "should produce a string" do |
| 52 | BCrypt::Engine.hash_secret(@password, @salt).should be_an_instance_of(String) |
| 53 | end |
| 54 | |
| 55 | specify "should raise an InvalidSalt error if the salt is invalid" do |
| 56 | lambda { BCrypt::Engine.hash_secret(@password, 'nino') }.should raise_error(BCrypt::Errors::InvalidSalt) |
| 57 | end |
| 58 | |
| 59 | specify "should raise an InvalidSecret error if the secret is invalid" do |
| 60 | lambda { BCrypt::Engine.hash_secret(MyInvalidSecret.new, @salt) }.should raise_error(BCrypt::Errors::InvalidSecret) |
| 61 | expect { BCrypt::Engine.hash_secret(nil, @salt) }.not_to raise_error |
| 62 | expect { BCrypt::Engine.hash_secret(false, @salt) }.not_to raise_error |
| 63 | end |
| 64 | |
| 65 | specify "should call #to_s on the secret and use the return value as the actual secret data" do |
| 66 | BCrypt::Engine.hash_secret(false, @salt).should == BCrypt::Engine.hash_secret("false", @salt) |
| 67 | end |
| 68 | |
| 69 | specify "should be interoperable with other implementations" do |
| 70 | # test vectors from the OpenWall implementation <http://www.openwall.com/crypt/> |
| 71 | test_vectors = [ |
| 72 | ["U*U", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW"], |
| 73 | ["U*U*", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK"], |
| 74 | ["U*U*U", "$2a$05$XXXXXXXXXXXXXXXXXXXXXO", "$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a"], |
| 75 | ["", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.", "$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy"], |
| 76 | ["0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", "$2a$05$abcdefghijklmnopqrstuu", "$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui"] |
| 77 | ] |
| 78 | for secret, salt, test_vector in test_vectors |
| 79 | BCrypt::Engine.hash_secret(secret, salt).should eql(test_vector) |
| 80 | end |
| 81 | end |
| 82 | end |
| 83 |
Built with git-ssb-web