From e1f155ba8998b7cd4a307c1e0a703dc6bf7e6693 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Wed, 3 Jul 2019 15:48:11 -0500 Subject: [PATCH] Polish SCrypt Upgrade Support * Break up tests * Rename test methods to follow conventions * Fix checkstyle Issue gh-7057 --- .../crypto/scrypt/SCryptPasswordEncoder.java | 1 - .../scrypt/SCryptPasswordEncoderTests.java | 25 +++++++++++++++---- 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/crypto/src/main/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoder.java index a07f7fa254..e15762bf60 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoder.java +++ b/crypto/src/main/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoder.java @@ -156,7 +156,6 @@ public class SCryptPasswordEncoder implements PasswordEncoder { return cpuCost < this.cpuCost || memoryCost < this.memoryCost || parallelization < this.parallelization; - } private boolean decodeAndCheckMatches(CharSequence rawPassword, String encodedPassword) { diff --git a/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java index 207677f63c..5ac30814bc 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java @@ -117,33 +117,48 @@ public class SCryptPasswordEncoderTests { } @Test - public void upgradeEncoding_nullOrEmptyInput() { + public void upgradeEncodingWhenNullThenFalse() { SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); assertThat(encoder.upgradeEncoding(null)).isFalse(); + } + + @Test + public void upgradeEncodingWhenEmptyThenFalse() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); assertThat(encoder.upgradeEncoding("")).isFalse(); } @Test - public void upgradeEncoding_sameEncoder() { + public void upgradeEncodingWhenSameEncoderThenFalse() { SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); String encoded = encoder.encode("password"); assertThat(encoder.upgradeEncoding(encoded)).isFalse(); } @Test - public void upgradeEncoding_weakerToStronger() { + public void upgradeEncodingWhenWeakerToStrongerThenFalse() { SCryptPasswordEncoder weakEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 10), 4, 1, 32, 64); SCryptPasswordEncoder strongEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 16), 8, 1, 32, 64); String weakPassword = weakEncoder.encode("password"); String strongPassword = strongEncoder.encode("password"); - assertThat(strongEncoder.upgradeEncoding(weakPassword)).isTrue(); assertThat(weakEncoder.upgradeEncoding(strongPassword)).isFalse(); } + @Test + public void upgradeEncodingWhenStrongerToWeakerThenTrue() { + SCryptPasswordEncoder weakEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 10), 4, 1, 32, 64); + SCryptPasswordEncoder strongEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 16), 8, 1, 32, 64); + + String weakPassword = weakEncoder.encode("password"); + String strongPassword = strongEncoder.encode("password"); + + assertThat(strongEncoder.upgradeEncoding(weakPassword)).isTrue(); + } + @Test(expected = IllegalArgumentException.class) - public void upgradeEncoding_invalidInput() { + public void upgradeEncodingWhenInvalidInputThenException() { new SCryptPasswordEncoder().upgradeEncoding("not-a-scrypt-password"); } }