test/lib/password_hash_test.rb

   1 require "test_helper"
   2
   3 class PasswordHashTest < ActiveSupport::TestCase
   4   def test_md5_without_salt
   5     assert_equal true, PasswordHash.check("5f4dcc3b5aa765d61d8327deb882cf99", nil, "password")
   6     assert_equal false, PasswordHash.check("5f4dcc3b5aa765d61d8327deb882cf99", nil, "wrong")
   7     assert_equal true, PasswordHash.upgrade?("5f4dcc3b5aa765d61d8327deb882cf99", nil)
   8   end
   9
  10   def test_md5_with_salt
  11     assert_equal true, PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "salt", "password")
  12     assert_equal false, PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "salt", "wrong")
  13     assert_equal false, PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "wrong", "password")
  14     assert_equal true, PasswordHash.upgrade?("67a1e09bb1f83f5007dc119c14d663aa", "salt")
  15   end
  16
  17   def test_pbkdf2_1000_32_sha512
  18     assert_equal true, PasswordHash.check("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gpbRybtoNzm/CNKe4cf7bPKwdUNrk=", "password")
  19     assert_equal false, PasswordHash.check("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gpbRybtoNzm/CNKe4cf7bPKwdUNrk=", "wrong")
  20     assert_equal false, PasswordHash.check("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gwrongtoNzm/CNKe4cf7bPKwdUNrk=", "password")
  21     assert_equal true, PasswordHash.upgrade?("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gpbRybtoNzm/CNKe4cf7bPKwdUNrk=")
  22   end
  23
  24   def test_pbkdf2_10000_32_sha512
  25     assert_equal true, PasswordHash.check("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtM7eD8huvanFT5/WtWaCwdOdrir8QOtFwxhO0A=", "password")
  26     assert_equal false, PasswordHash.check("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtM7eD8huvanFT5/WtWaCwdOdrir8QOtFwxhO0A=", "wrong")
  27     assert_equal false, PasswordHash.check("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtMwronguvanFT5/WtWaCwdOdrir8QOtFwxhO0A=", "password")
  28     assert_equal false, PasswordHash.upgrade?("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtM7eD8huvanFT5/WtWaCwdOdrir8QOtFwxhO0A=")
  29   end
  30
  31   def test_default
  32     hash1, salt1 = PasswordHash.create("password")
  33     hash2, salt2 = PasswordHash.create("password")
  34     assert_not_equal hash1, hash2
  35     assert_not_equal salt1, salt2
  36     assert_equal true, PasswordHash.check(hash1, salt1, "password")
  37     assert_equal false, PasswordHash.check(hash1, salt1, "wrong")
  38     assert_equal true, PasswordHash.check(hash2, salt2, "password")
  39     assert_equal false, PasswordHash.check(hash2, salt2, "wrong")
  40     assert_equal false, PasswordHash.upgrade?(hash1, salt1)
  41     assert_equal false, PasswordHash.upgrade?(hash2, salt2)
  42   end
  43 end