GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Polish SCrypt Upgrade Support 

* Break up tests
* Rename test methods to follow conventions
* Fix checkstyle

Issue gh-7057
pull/7073/head
Rob Winch 7 years ago
parent
e95effc839
commit
e1f155ba89
2 changed files with 20 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      crypto/src/main/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoder.java
  2. 25
      crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java

1
crypto/src/main/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoder.java
Unescape View File

@ -156,7 +156,6 @@ public class SCryptPasswordEncoder implements PasswordEncoder { @@ -156,7 +156,6 @@ public class SCryptPasswordEncoder implements PasswordEncoder {
return cpuCost < this.cpuCost
|| memoryCost < this.memoryCost
|| parallelization < this.parallelization;
}
private boolean decodeAndCheckMatches(CharSequence rawPassword, String encodedPassword) {

25
crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java
Unescape View File

@ -117,33 +117,48 @@ public class SCryptPasswordEncoderTests { @@ -117,33 +117,48 @@ public class SCryptPasswordEncoderTests {
}
@Test
public void upgradeEncoding_nullOrEmptyInput() {
public void upgradeEncodingWhenNullThenFalse() {
SCryptPasswordEncoder encoder = new SCryptPasswordEncoder();
assertThat(encoder.upgradeEncoding(null)).isFalse();
}
@Test
public void upgradeEncodingWhenEmptyThenFalse() {
SCryptPasswordEncoder encoder = new SCryptPasswordEncoder();
assertThat(encoder.upgradeEncoding("")).isFalse();
}
@Test
public void upgradeEncoding_sameEncoder() {
public void upgradeEncodingWhenSameEncoderThenFalse() {
SCryptPasswordEncoder encoder = new SCryptPasswordEncoder();
String encoded = encoder.encode("password");
assertThat(encoder.upgradeEncoding(encoded)).isFalse();
}
@Test
public void upgradeEncoding_weakerToStronger() {
public void upgradeEncodingWhenWeakerToStrongerThenFalse() {
SCryptPasswordEncoder weakEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 10), 4, 1, 32, 64);
SCryptPasswordEncoder strongEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 16), 8, 1, 32, 64);
String weakPassword = weakEncoder.encode("password");
String strongPassword = strongEncoder.encode("password");
assertThat(strongEncoder.upgradeEncoding(weakPassword)).isTrue();
assertThat(weakEncoder.upgradeEncoding(strongPassword)).isFalse();
}
@Test
public void upgradeEncodingWhenStrongerToWeakerThenTrue() {
SCryptPasswordEncoder weakEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 10), 4, 1, 32, 64);
SCryptPasswordEncoder strongEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 16), 8, 1, 32, 64);
String weakPassword = weakEncoder.encode("password");
String strongPassword = strongEncoder.encode("password");
assertThat(strongEncoder.upgradeEncoding(weakPassword)).isTrue();
}
@Test(expected = IllegalArgumentException.class)
public void upgradeEncoding_invalidInput() {
public void upgradeEncodingWhenInvalidInputThenException() {
new SCryptPasswordEncoder().upgradeEncoding("not-a-scrypt-password");
}
}

Write Preview
Loading…
Cancel
Save