public void Verify_WhenPasswordOldVersion_ReturnsSuccessRehashNeeded(PasswordHashVersion passwordHashVersion)
{
var hash = HashPasswordWithVersion(PASSWORD, passwordHashVersion);
var verificationResult = _passwordCryptographyService.Verify(PASSWORD, hash, (int)passwordHashVersion);
Assert.Equal(PasswordVerificationResult.SuccessRehashNeeded, verificationResult);
}
public void Verify_WhenPasswordIncorrect_ReturnsFailed(PasswordHashVersion passwordHashVersion)
{
var hash = HashPasswordWithVersion(PASSWORD, passwordHashVersion);
var verificationResult = _passwordCryptographyService.Verify("access main program", hash, (int)passwordHashVersion);
Assert.Equal(PasswordVerificationResult.Failed, verificationResult);
}
/// <summary>
/// Hashes a password with a specific version of the password hasher so we can check
/// backwards compatability.
/// </summary>
private string HashPasswordWithVersion(string password, PasswordHashVersion passwordHashVersion)
{
switch (passwordHashVersion)
{
case PasswordHashVersion.V1:
return(new PasswordCryptographyV1().CreateHash(password));
case PasswordHashVersion.V2:
return(Defuse.PasswordCryptographyV2.CreateHash(password));
case PasswordHashVersion.V3:
return(new PasswordHasher <PasswordHasherUser>().HashPassword(new PasswordHasherUser(), password));
default:
throw new NotSupportedException("PasswordEncryptionVersion not recognised: " + passwordHashVersion.ToString());
}
}
public ApplicationUser()
{
this.HashVersion = PasswordHashVersion.Core;
}