public void GenerateHashAndSalt_ThenCheckingOtherPassword_ReturnsFalse()
{
// Arrange
var iterationCount = 10_000;
var saltLength = 16;
var keyLength = 64;
var parameters = new KeyDerivationParameters(KeyDerivationPrf.HMACSHA512,
IterationCount.From(iterationCount), SaltLength.From(saltLength), KeyLength.From(keyLength));
var rng = Substitute.For <ICryptoRng>();
rng.GetRandomBytes(Arg.Any <int>()).Returns(args => new byte[args.Arg <int>()]);
var service = new PasswordService(parameters, rng);
var password = PlaintextPassword.From("somePass");
var otherPass = PlaintextPassword.From("otherPass");
// Act
var hash = service.GeneratePasswordHashAndSalt(password);
var checkResult = service.CheckIfPasswordMatchesHash(otherPass, hash);
// Assert
Assert.IsFalse(checkResult);
}
public void GenerateHashAndSalt_ReturnsHash_WithNumberOfBytesEqualToKeyLengthParameter()
{
// Arrange
var iterationCount = 10_000;
var saltLength = 16;
var keyLength = 64;
var parameters = new KeyDerivationParameters(KeyDerivationPrf.HMACSHA512,
IterationCount.From(iterationCount), SaltLength.From(saltLength), KeyLength.From(keyLength));
var rng = Substitute.For <ICryptoRng>();
rng.GetRandomBytes(Arg.Any <int>()).Returns(args => new byte[args.Arg <int>()]);
var service = new PasswordService(parameters, rng);
// Act
var hash = service.GeneratePasswordHashAndSalt(PlaintextPassword.From("somePassword"));
// Assert
Assert.AreEqual(keyLength, Convert.FromBase64String(hash.Base64PasswordHash.Value).Length);
}
