3 class PasswordHashTest < ActiveSupport::TestCase
4 def test_md5_without_salt
5 assert PasswordHash.check("5f4dcc3b5aa765d61d8327deb882cf99", nil, "password")
6 assert_not PasswordHash.check("5f4dcc3b5aa765d61d8327deb882cf99", nil, "wrong")
7 assert PasswordHash.upgrade?("5f4dcc3b5aa765d61d8327deb882cf99", nil)
10 def test_md5_with_salt
11 assert PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "salt", "password")
12 assert_not PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "salt", "wrong")
13 assert_not PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "wrong", "password")
14 assert PasswordHash.upgrade?("67a1e09bb1f83f5007dc119c14d663aa", "salt")
17 def test_pbkdf2_1000_32_sha512
18 assert PasswordHash.check("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gpbRybtoNzm/CNKe4cf7bPKwdUNrk=", "password")
19 assert_not PasswordHash.check("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gpbRybtoNzm/CNKe4cf7bPKwdUNrk=", "wrong")
20 assert_not PasswordHash.check("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gwrongtoNzm/CNKe4cf7bPKwdUNrk=", "password")
21 assert PasswordHash.upgrade?("ApT/28+FsTBLa/J8paWfgU84SoRiTfeY8HjKWhgHy08=", "sha512!1000!HR4z+hAvKV2ra1gpbRybtoNzm/CNKe4cf7bPKwdUNrk=")
24 def test_pbkdf2_10000_32_sha512
25 assert PasswordHash.check("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtM7eD8huvanFT5/WtWaCwdOdrir8QOtFwxhO0A=", "password")
26 assert_not PasswordHash.check("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtM7eD8huvanFT5/WtWaCwdOdrir8QOtFwxhO0A=", "wrong")
27 assert_not PasswordHash.check("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtMwronguvanFT5/WtWaCwdOdrir8QOtFwxhO0A=", "password")
28 assert_not PasswordHash.upgrade?("3wYbPiOxk/tU0eeIDjUhdvi8aDP3AbFtwYKKxF1IhGg=", "sha512!10000!OUQLgtM7eD8huvanFT5/WtWaCwdOdrir8QOtFwxhO0A=")
32 hash1, salt1 = PasswordHash.create("password")
33 hash2, salt2 = PasswordHash.create("password")
34 assert_not_equal hash1, hash2
35 assert_not_equal salt1, salt2
36 assert PasswordHash.check(hash1, salt1, "password")
37 assert_not PasswordHash.check(hash1, salt1, "wrong")
38 assert PasswordHash.check(hash2, salt2, "password")
39 assert_not PasswordHash.check(hash2, salt2, "wrong")
40 assert_not PasswordHash.upgrade?(hash1, salt1)
41 assert_not PasswordHash.upgrade?(hash2, salt2)