public void testSaltAtLeast10Bytes() { PasswordDigest pwd = new PasswordDigest("blogosphere".toCharArray()); byte[] salt = pwd.getSalt(); assertTrue(salt.length >= 10); }
public void testSaltAtLeast10Bytes() { PasswordDigest pwd = new PasswordDigest("blogosphere".toCharArray()); byte[] salt = pwd.getSalt(); assertTrue(salt.length >= 10); }
public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
public void testPasswordValidatesItself() { PasswordDigest pwd = new PasswordDigest("internet".toCharArray()); assertTrue(pwd.verify("internet".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testPasswordValidatesItself() { PasswordDigest pwd = new PasswordDigest("internet".toCharArray()); assertTrue(pwd.verify("internet".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testReallyLongPasswordWorksRight() { char[] reallyLongPassword = new char[1024]; for (int i = 0; i < reallyLongPassword.length; i++) { // We'll make a password filled with junk. reallyLongPassword[i] = (char) i; } PasswordDigest pwd = new PasswordDigest(reallyLongPassword); assertTrue(pwd.verify(reallyLongPassword)); // Make a new password that misses the last character. It shouldn't work. char[] shorterPassword = Arrays.copyOf(reallyLongPassword, 1023); assertFalse(pwd.verify(shorterPassword)); }
public void testReallyLongPasswordWorksRight() { char[] reallyLongPassword = new char[1024]; for (int i = 0; i < reallyLongPassword.length; i++) { // We'll make a password filled with junk. reallyLongPassword[i] = (char) i; } PasswordDigest pwd = new PasswordDigest(reallyLongPassword); assertTrue(pwd.verify(reallyLongPassword)); // Make a new password that misses the last character. It shouldn't work. char[] shorterPassword = Arrays.copyOf(reallyLongPassword, 1023); assertFalse(pwd.verify(shorterPassword)); }
public void testSerializeDeserialize() { PasswordDigest pwd = new PasswordDigest("tubes".toCharArray()); byte[] digest = pwd.getDigest(); byte[] salt = pwd.getSalt(); PasswordDigest roundtripped = PasswordDigest.from(salt, digest); assertTrue(pwd.verify("tubes".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testSerializeDeserialize() { PasswordDigest pwd = new PasswordDigest("tubes".toCharArray()); byte[] digest = pwd.getDigest(); byte[] salt = pwd.getSalt(); PasswordDigest roundtripped = PasswordDigest.from(salt, digest); assertTrue(pwd.verify("tubes".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }