@Override public AccountData getAccount(ParticipantId id) { AccountData account = accounts.get(id); if (account == null && !id.getAddress().startsWith("xxx")) { account = new HumanAccountDataImpl(id, new PasswordDigest("".toCharArray())); accounts.put(id, account); } return account; }
/** * Create a password from the specified salt and digest. */ public static PasswordDigest from(byte[] salt, byte[] digest) { return new PasswordDigest(salt.clone(), digest.clone()); }
public void testSaltAtLeast10Bytes() { PasswordDigest pwd = new PasswordDigest("blogosphere".toCharArray()); byte[] salt = pwd.getSalt(); assertTrue(salt.length >= 10); }
public void testSaltAtLeast10Bytes() { PasswordDigest pwd = new PasswordDigest("blogosphere".toCharArray()); byte[] salt = pwd.getSalt(); assertTrue(salt.length >= 10); }
public void testPasswordValidatesItself() { PasswordDigest pwd = new PasswordDigest("internet".toCharArray()); assertTrue(pwd.verify("internet".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testPasswordValidatesItself() { PasswordDigest pwd = new PasswordDigest("internet".toCharArray()); assertTrue(pwd.verify("internet".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testPasswordDigestVerifies() { HumanAccountData account = new HumanAccountDataImpl(ParticipantId.ofUnsafe("captainhammer@example.com"), new PasswordDigest("wonderflownium".toCharArray())); assertNotNull(account.getPasswordDigest()); assertTrue(account.getPasswordDigest().verify("wonderflownium".toCharArray())); }
public void testPasswordDigestVerifies() { HumanAccountData account = new HumanAccountDataImpl(ParticipantId.ofUnsafe("captainhammer@example.com"), new PasswordDigest("wonderflownium".toCharArray())); assertNotNull(account.getPasswordDigest()); assertTrue(account.getPasswordDigest().verify("wonderflownium".toCharArray())); }
public void testReallyLongPasswordWorksRight() { char[] reallyLongPassword = new char[1024]; for (int i = 0; i < reallyLongPassword.length; i++) { // We'll make a password filled with junk. reallyLongPassword[i] = (char) i; } PasswordDigest pwd = new PasswordDigest(reallyLongPassword); assertTrue(pwd.verify(reallyLongPassword)); // Make a new password that misses the last character. It shouldn't work. char[] shorterPassword = Arrays.copyOf(reallyLongPassword, 1023); assertFalse(pwd.verify(shorterPassword)); }
public final void testRoundtripHumanAccountWithPassword() throws Exception { AccountStore accountStore = newAccountStore(); accountStore.putAccount( new HumanAccountDataImpl(HUMAN_ID, new PasswordDigest("internet".toCharArray()))); AccountData retrievedAccount = accountStore.getAccount(HUMAN_ID); assertTrue(retrievedAccount.asHuman().getPasswordDigest().verify("internet".toCharArray())); }
public final void testRoundtripHumanAccountWithPassword() throws Exception { AccountStore accountStore = newAccountStore(); accountStore.putAccount( new HumanAccountDataImpl(HUMAN_ID, new PasswordDigest("internet".toCharArray()))); AccountData retrievedAccount = accountStore.getAccount(HUMAN_ID); assertTrue(retrievedAccount.asHuman().getPasswordDigest().verify("internet".toCharArray())); }
public void testReallyLongPasswordWorksRight() { char[] reallyLongPassword = new char[1024]; for (int i = 0; i < reallyLongPassword.length; i++) { // We'll make a password filled with junk. reallyLongPassword[i] = (char) i; } PasswordDigest pwd = new PasswordDigest(reallyLongPassword); assertTrue(pwd.verify(reallyLongPassword)); // Make a new password that misses the last character. It shouldn't work. char[] shorterPassword = Arrays.copyOf(reallyLongPassword, 1023); assertFalse(pwd.verify(shorterPassword)); }
public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
public void testSerializeDeserialize() { PasswordDigest pwd = new PasswordDigest("tubes".toCharArray()); byte[] digest = pwd.getDigest(); byte[] salt = pwd.getSalt(); PasswordDigest roundtripped = PasswordDigest.from(salt, digest); assertTrue(pwd.verify("tubes".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
@Override protected void setUp() throws Exception { AccountStore store = new MemoryStore(); store.putAccount(new HumanAccountDataImpl( ParticipantId.ofUnsafe("haspwd@example.com"), new PasswordDigest("pwd".toCharArray()))); store.putAccount(new HumanAccountDataImpl(ParticipantId.ofUnsafe("nopwd@example.com"))); AccountStoreHolder.init(store, "example.com"); }
public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
public void testSerializeDeserialize() { PasswordDigest pwd = new PasswordDigest("tubes".toCharArray()); byte[] digest = pwd.getDigest(); byte[] salt = pwd.getSalt(); PasswordDigest roundtripped = PasswordDigest.from(salt, digest); assertTrue(pwd.verify("tubes".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
@Override protected void setUp() throws Exception { AccountStore store = new MemoryStore(); store.putAccount(new HumanAccountDataImpl( ParticipantId.ofUnsafe("haspwd@example.com"), new PasswordDigest("pwd".toCharArray()))); store.putAccount(new HumanAccountDataImpl(ParticipantId.ofUnsafe("nopwd@example.com"))); AccountStoreHolder.init(store, "example.com"); }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }