public void Compare_WorksForLongPasswords()
{
var password = Enumerable
.Range(0, 100)
.Select(_ => "abcdefghijklmnopqrstuvwxyz0123456789")
.Aggregate((s1, s2) => s1 + s2 + "ABCDEFGHIJKLMNOPQRSTUVWXYZ");
var algo = new PasswordAlgorithm();
var computed = algo.Compute(password);
Assert.IsTrue(algo.Compare(password, computed));
var incorrectPassword = password.Remove(0, 1);
Assert.IsFalse(algo.Compare(incorrectPassword, computed));
}
public void Compare_ReturnsFalseForDifferentCase()
{
var algo = new PasswordAlgorithm();
var computed = algo.Compute("different case");
Assert.IsFalse(algo.Compare("different caSe", computed));
}
public void Compare_ReturnsFalseForUnequalStringLengths()
{
var algo = new PasswordAlgorithm();
var computed = algo.Compute("different length");
Assert.IsFalse(algo.Compare("different length ", computed));
}
public void Compare_ComparesComputedEmptyString()
{
var algo = new PasswordAlgorithm();
var comp = algo.Compute("");
Assert.IsTrue(algo.Compare("", comp));
}
public void Compare_DoesNotUseConstantTimeComparer()
{
var retv = default(bool);
var xstr = default(string);
var ystr = default(string);
var func = new Func <string, string, bool>((x, y) => {
xstr = x;
ystr = y;
return(retv);
});
var mock = new MockConstantTimeComparer {
EqualsProxy = func
};
var algo = new PasswordAlgorithm {
ConstantTimeComparer = mock,
CompareInConstantTime = false
};
var password = "******";
var computed = algo.Compute(password);
retv = false;
Assert.IsTrue(algo.Compare(password, computed));
Assert.IsNull(xstr);
Assert.IsNull(ystr);
}
public void Compare_NullPasswordReturnsFalse()
{
var pa = new PasswordAlgorithm();
var cr = pa.Compute("computed result");
Assert.IsFalse(pa.Compare(null, cr));
}
public void Compare_UsesConstantTimeComparer()
{
var retv = default(bool);
var xstr = default(string);
var ystr = default(string);
var func = new Func <string, string, bool>((x, y) => {
xstr = x;
ystr = y;
return(retv);
});
var mock = new MockConstantTimeComparer {
EqualsProxy = func
};
var algo = new PasswordAlgorithm {
ConstantTimeComparer = mock,
CompareInConstantTime = true
};
foreach (var v in new[] { true, false })
{
retv = v;
var password = "******" + retv;
var computed = algo.Compute(password);
Assert.AreEqual(retv, algo.Compare(password, computed));
Assert.AreEqual(computed, xstr);
Assert.AreEqual(computed, ystr);
}
}
public void Compare_WorksWithAllHashFunctions()
{
var algo = new PasswordAlgorithm();
var computedResults = Enum.GetValues(typeof(HashFunction))
.Cast <HashFunction>()
.Select(hashFunction => {
algo.HashFunction = hashFunction;
return(algo.Compute("Here's the password: "******"Here's the password: "******"here's the password: "******"Here's the password:", computedResult));
}
}
public void Compare_WorksAfterHashIterationsIsChanged()
{
var password = "******";
var algo = new PasswordAlgorithm();
var computed = algo.Compute(password);
algo.HashIterations = 999999;
Assert.IsTrue(algo.Compare(password, computed));
}
public void Compare_ReturnsTrueForEqualPasswords()
{
var password = "******";
var algo = new PasswordAlgorithm();
var computed = algo.Compute(password);
Assert.AreNotEqual(password, computed);
Assert.IsTrue(algo.Compare(password, computed));
}
public void SaltLength_0Works()
{
var algo = new PasswordAlgorithm();
var password = "******";
algo.SaltLength = 0;
var computedResult = algo.Compute(password);
Assert.IsTrue(algo.Compare(password, computedResult));
}
public void Compare_WorksAfterSaltLengthIsChanged()
{
var password = "******";
var algo = new PasswordAlgorithm {
SaltLength = 8
};
var computed = algo.Compute(password);
algo.SaltLength = 88;
Assert.IsTrue(algo.Compare(password, computed));
}
public void Compute_SHA512Creates120CharacterComputation()
{
var algo = new PasswordAlgorithm();
algo.HashFunction = HashFunction.SHA512;
foreach (var password in new[] { "", "1234", "password", "asdf1234JKL:", "qwertyuiopasdfghjklzxcvbnm!@#$%^&*()\r\n\t " })
{
var comp = algo.Compute(password);
Assert.AreEqual(120, comp.Length);
Assert.IsTrue(algo.Compare(password, comp));
}
}
public void Compare_ComputedResultThatWasNotComputedThrowsException()
{
var pa = new PasswordAlgorithm();
var ex = default(Exception);
try {
pa.Compare("plain text", "not computed");
}
catch (Exception e) {
ex = e;
}
Assert.IsNotNull(ex);
}
public void VariableTimeComparer_UsedWhenCompareInConstantTimeIsFalse()
{
var algo = new PasswordAlgorithm();
var comparer = new VariableTimeComparer_UsedWhenCompareInConstantTimeIsFalse_Helper.VariableTimeComparer();
algo.VariableTimeComparer = comparer;
algo.CompareInConstantTime = false;
var equal = false;
var entered = 0;
comparer.EqualsProxy = (x, y) => {
entered++;
return(equal);
};
var password = "******";
var computed = algo.Compute(password);
equal = false;
Assert.IsFalse(algo.Compare(password, computed));
equal = true;
Assert.IsTrue(algo.Compare(password, computed));
Assert.AreEqual(2, entered);
}
public void Compare_EmptyPasswordDoesNotThrowException()
{
var pa = new PasswordAlgorithm();
var cr = pa.Compute("password");
var ex1 = default(Exception);
try {
pa.Compare(string.Empty, cr);
}
catch (Exception ex) {
ex1 = ex;
}
Assert.IsNull(ex1);
}
public void Example_DoesNotThrowException()
{
try {
var pa = new PasswordAlgorithm();
var computedResult_1 = pa.Compute("my password");
pa.Compare("my password", computedResult_1); // Returns true.
pa.SaltLength = 64;
pa.HashFunction = HashFunction.SHA512;
pa.HashIterations = 10000;
var computedResult_2 = pa.Compute("another password"); // Creates an encoded password hash using a
// longer salt, a stronger hash function, and
// more key-stretching iterations than before.
pa.Compare("my password", computedResult_1); // Still returns true, because the previous
// salt length, hash function, and key-stretching
// iterations are stored in computedResult_1.
}
catch {
Assert.Fail();
}
}
public void Compare_NullParametersReturnsFalse()
{
var pa = new PasswordAlgorithm();
Assert.IsFalse(pa.Compare(null, null));
}
public void Compare_NullComputedResultReturnsFalse()
{
var pa = new PasswordAlgorithm();
Assert.IsFalse(pa.Compare("password", null));
}
