public void passwords_compared_correctly()
{
IPasswordService pwd =
new PasswordService(
new SHA512HashingService(),
((int)conf
.GetSection("Account")
.GetSection("Security")
.GetValue(
typeof(int),
"PasswordMinLength")),
((int)conf
.GetSection("Account")
.GetSection("Security")
.GetValue(
typeof(int),
"PasswordMaxLength")));
string passString = "hellothereguy123A!";
byte[] salt1 = new byte[32];
byte[] correctpass1 = pwd.CreatePassword(passString, out salt1);
Assert.NotNull(correctpass1);
Assert.NotNull(salt1);
Assert.True(correctpass1.Length == 64);
Assert.True(pwd.ComparePasswords(passString, correctpass1, salt1));
Assert.False(pwd.ComparePasswords("notthesamepassword?A1", correctpass1, salt1));
}
public void ComparePasswords_qwe_qwe(string password)
{
var hash = _service.GetHashedPasswordBytes(password);
var condition = _service.ComparePasswords(hash, password);
Assert.True(condition);
}
public void password_service_compares_passwords_correctly()
{
IPasswordService ps = new PasswordService(new SHA512HashingService(), 8, 32);
string rawPassword = "******";
byte[]
s1,
s2,
s3;
byte[]
h1 = ps.CreatePassword(rawPassword, out s1),
h2 = ps.CreatePassword(rawPassword, out s2),
h3 = ps.CreatePassword(rawPassword, out s3);
//passwords should match with their correct salt
Assert.True(ps.ComparePasswords(rawPassword, h1, s1));
Assert.True(ps.ComparePasswords(rawPassword, h2, s2));
Assert.True(ps.ComparePasswords(rawPassword, h3, s3));
//passwords shouldn't match with incorrect salt
Assert.False(ps.ComparePasswords(rawPassword, h1, s2));
Assert.False(ps.ComparePasswords(rawPassword, h1, s3));
Assert.False(ps.ComparePasswords(rawPassword, h2, s1));
Assert.False(ps.ComparePasswords(rawPassword, h2, s3));
Assert.False(ps.ComparePasswords(rawPassword, h3, s1));
Assert.False(ps.ComparePasswords(rawPassword, h3, s2));
}
