public void SaltIs64BytesLong()
{
var passwordHelper = new PasswordHelper();
byte[] salt;
passwordHelper.GenerateHashedPassword("", out salt);
Assert.AreEqual(64, salt.Length);
}
public void SamePasswordHashedTwiceGivesDifferentResults()
{
const string password = "******";
var passwordHelper = new PasswordHelper();
byte[] salt;
var saltedPassword1 = passwordHelper.GenerateHashedPassword(password, out salt);
var saltedPassword2 = passwordHelper.GenerateHashedPassword(password, out salt);
Assert.AreNotEqual(saltedPassword1, saltedPassword2);
}
public void ValidPasswordValidates()
{
const string validPassword = "******";
var passwordHelper = new PasswordHelper();
byte[] salt;
var hashedPassword = passwordHelper.GenerateHashedPassword(validPassword, out salt);
Assert.IsTrue(passwordHelper.ValidatePassword(validPassword, salt, hashedPassword));
}
public void ValidPasswordWithIncorrectSaltDoesNotValidate()
{
const string validPassword = "******";
var passwordHelper = new PasswordHelper();
byte[] salt;
var hashedPassword = passwordHelper.GenerateHashedPassword(validPassword, out salt);
salt = passwordHelper.GenerateSalt();
Assert.IsFalse(passwordHelper.ValidatePassword(validPassword, salt, hashedPassword));
}
public void SaltIsRandomlyGenerated()
{
const int saltCount = 10;
var salts = new byte[saltCount][];
var passwordHelper = new PasswordHelper();
for (var i = 0; i < saltCount; i++)
{
passwordHelper.GenerateHashedPassword("", out salts[i]);
}
for (var i = 0; i < saltCount; i++)
{
for (var j = i + 1; j < saltCount; j++)
{
Assert.IsFalse(salts[i].SequenceEqual(salts[j]));
}
}
}
