Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish SCrypt Upgrade Support 

* Break up tests
* Rename test methods to follow conventions
* Fix checkstyle

Issue gh-7057
This commit is contained in:
Rob Winch 2019-07-03 15:48:11 -05:00
parent e95effc839
commit e1f155ba89
2 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/src/main/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoder.java
View File

@ -156,7 +156,6 @@ public class SCryptPasswordEncoder implements PasswordEncoder {
return cpuCost < this.cpuCost
|| memoryCost < this.memoryCost
|| parallelization < this.parallelization;
}
private boolean decodeAndCheckMatches(CharSequence rawPassword, String encodedPassword) {

25
crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java
View File

@ -117,21 +117,37 @@ public class SCryptPasswordEncoderTests {
}
@Test
public void upgradeEncoding_nullOrEmptyInput() {
public void upgradeEncodingWhenNullThenFalse() {
SCryptPasswordEncoder encoder = new SCryptPasswordEncoder();
assertThat(encoder.upgradeEncoding(null)).isFalse();
}
@Test
public void upgradeEncodingWhenEmptyThenFalse() {
SCryptPasswordEncoder encoder = new SCryptPasswordEncoder();
assertThat(encoder.upgradeEncoding("")).isFalse();
}
@Test
public void upgradeEncoding_sameEncoder() {
public void upgradeEncodingWhenSameEncoderThenFalse() {
SCryptPasswordEncoder encoder = new SCryptPasswordEncoder();
String encoded = encoder.encode("password");
assertThat(encoder.upgradeEncoding(encoded)).isFalse();
}
@Test
public void upgradeEncoding_weakerToStronger() {
public void upgradeEncodingWhenWeakerToStrongerThenFalse() {
SCryptPasswordEncoder weakEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 10), 4, 1, 32, 64);
SCryptPasswordEncoder strongEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 16), 8, 1, 32, 64);
String weakPassword = weakEncoder.encode("password");
String strongPassword = strongEncoder.encode("password");
assertThat(weakEncoder.upgradeEncoding(strongPassword)).isFalse();
}
@Test
public void upgradeEncodingWhenStrongerToWeakerThenTrue() {
SCryptPasswordEncoder weakEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 10), 4, 1, 32, 64);
SCryptPasswordEncoder strongEncoder = new SCryptPasswordEncoder((int) Math.pow(2, 16), 8, 1, 32, 64);
@ -139,11 +155,10 @@ public class SCryptPasswordEncoderTests {
String strongPassword = strongEncoder.encode("password");
assertThat(strongEncoder.upgradeEncoding(weakPassword)).isTrue();
assertThat(weakEncoder.upgradeEncoding(strongPassword)).isFalse();
}
@Test(expected = IllegalArgumentException.class)
public void upgradeEncoding_invalidInput() {
public void upgradeEncodingWhenInvalidInputThenException() {
new SCryptPasswordEncoder().upgradeEncoding("not-a-scrypt-password");
}
}