1 #! /usr/bin/env ruby -S rspec
4 describe "the str2saltedsha512 function" do
5 let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
8 expect(Puppet::Parser::Functions.function("str2saltedsha512")).to eq("function_str2saltedsha512")
11 it "should raise a ParseError if there is less than 1 argument" do
12 expect { scope.function_str2saltedsha512([]) }.to( raise_error(Puppet::ParseError) )
15 it "should raise a ParseError if there is more than 1 argument" do
16 expect { scope.function_str2saltedsha512(['foo', 'bar', 'baz']) }.to( raise_error(Puppet::ParseError) )
19 it "should return a salted-sha512 password hash 136 characters in length" do
20 result = scope.function_str2saltedsha512(["password"])
21 expect(result.length).to(eq(136))
24 it "should raise an error if you pass a non-string password" do
25 expect { scope.function_str2saltedsha512([1234]) }.to( raise_error(Puppet::ParseError) )
28 it "should generate a valid password" do
29 # Allow the function to generate a password based on the string 'password'
30 password_hash = scope.function_str2saltedsha512(["password"])
32 # Separate the Salt and Password from the Password Hash
33 salt = password_hash[0..7]
34 password = password_hash[8..-1]
36 # Convert the Salt and Password from Hex to Binary Data
37 str_salt = Array(salt.lines).pack('H*')
38 str_password = Array(password.lines).pack('H*')
40 # Combine the Binary Salt with 'password' and compare the end result
41 saltedpass = Digest::SHA512.digest(str_salt + 'password')
42 result = (str_salt + saltedpass).unpack('H*')[0]
43 expect(result).to eq(password_hash)