|
16 | 16 | (:require [clojure.test :refer :all] |
17 | 17 | [buddy.core.codecs :refer :all] |
18 | 18 | [buddy.core.nonce :as nonce] |
| 19 | + [buddy.core.bytes :as bytes] |
| 20 | + [buddy.core.codecs :as codecs] |
19 | 21 | [buddy.hashers :as hashers])) |
20 | 22 |
|
21 | 23 | (deftest buddy-hashers |
|
25 | 27 | (hashers/check pwd result)) |
26 | 28 | :pbkdf2+sha1 |
27 | 29 | :pbkdf2+sha256 |
| 30 | + :pbkdf2+sha512 |
28 | 31 | :pbkdf2+sha3_256 |
29 | 32 | :pbkdf2+blake2b-512 |
30 | 33 | :bcrypt+sha512 |
|
41 | 44 | (hashers/check pwd result)) |
42 | 45 | :pbkdf2+sha1 |
43 | 46 | :pbkdf2+sha256 |
| 47 | + :pbkdf2+sha512 |
44 | 48 | :pbkdf2+sha3_256 |
45 | 49 | :pbkdf2+blake2b-512 |
46 | 50 | :bcrypt+sha512 |
|
58 | 62 | (not (hashers/check pwd-bad result))) |
59 | 63 | :pbkdf2+sha1 |
60 | 64 | :pbkdf2+sha256 |
| 65 | + :pbkdf2+sha512 |
61 | 66 | :pbkdf2+sha3_256 |
62 | 67 | :pbkdf2+sha3-256 |
63 | 68 | :pbkdf2+blake2b-512 |
|
82 | 87 | (.startsWith (name alg))) |
83 | 88 | :pbkdf2+sha1 |
84 | 89 | :pbkdf2+sha256 |
| 90 | + :pbkdf2+sha512 |
85 | 91 | :pbkdf2+sha3_256 |
86 | 92 | :pbkdf2+sha3-256 |
87 | 93 | :pbkdf2+blake2b-512 |
|
104 | 110 | (.startsWith (str (name alg) "$" ( bytes->hex salt)))) |
105 | 111 | :pbkdf2+sha1 |
106 | 112 | :pbkdf2+sha256 |
| 113 | + :pbkdf2+sha512 |
107 | 114 | :pbkdf2+sha3_256 |
108 | 115 | :pbkdf2+sha3-256 |
109 | 116 | :pbkdf2+blake2b-512 |
|
127 | 134 | (is (hashers/check "hello" pwd {:setter #(deliver p %)})) |
128 | 135 | (is (= (deref p 10 nil) "hello")))) |
129 | 136 |
|
| 137 | +(deftest update-policy-for-pbkdf2+sha256 |
| 138 | + (let [pwd-legacy "pbkdf2+sha256$7d0994313982465d82372493$100000$98c4b3043b30622917516e97d1c6bd9936337e8c" |
| 139 | + pwd-new1 "pbkdf2+sha256$b676896c5e9ab9e21b7feafb0d1b8a1b$100000$7af67cae17babcf5cfc20f4f95878b9477023b2797a0e6942aeef567cd4bf1b2" |
| 140 | + pwd-new2 (hashers/encrypt "test" {:alg :pbkdf2+sha256}) |
| 141 | + p1 (promise) |
| 142 | + p2 (promise) |
| 143 | + p3 (promise)] |
| 144 | + (is (hashers/check "test" pwd-legacy {:setter #(deliver p1 %)})) |
| 145 | + (is (hashers/check "test" pwd-new1 {:setter #(deliver p2 %)})) |
| 146 | + (is (hashers/check "test" pwd-new2 {:setter #(deliver p3 %)})) |
| 147 | + (is (= (deref p1 10 nil) "test")) |
| 148 | + (is (= (deref p2 10 nil) nil)) |
| 149 | + (is (= (deref p3 10 nil) nil)))) |
| 150 | + |
| 151 | +(deftest update-policy-for-bcrypt+sha512 |
| 152 | + (let [pwd-legacy "bcrypt+sha512$680bf9ad0bf9f8249bfebb85$12$243261243132244b4e2e4e456650704558323964686e6c64644f4b73656a6879584f635a4f6b7778596132475036772e6c2e784f49596631556f7679" |
| 153 | + pwd-new "bcrypt+sha512$b932bf208c7f3ecb563eebe89c39115b$12$bc3633d1f07c47edd91f0e7cf5649b040ea868cec63cda31" |
| 154 | + p1 (promise) |
| 155 | + p2 (promise)] |
| 156 | + (is (hashers/check "test" pwd-legacy {:setter #(deliver p1 %)})) |
| 157 | + (is (hashers/check "test" pwd-new {:setter #(deliver p2 %)})) |
| 158 | + (is (= (deref p1 10 nil) "test")) |
| 159 | + (is (= (deref p2 10 nil) nil)))) |
| 160 | + |
130 | 161 | (deftest possible-regressions-checker |
131 | 162 | (let [pbkdf2+sha1 "pbkdf2+sha1$fcf7c2e5848193f91d8a5a40$100000$b499843df692e02be67e534f8592a0785927843a" |
132 | | - pbkdf2+sha256b "pbkdf2+sha256b$7d0994313982465d82372493$100000$98c4b3043b30622917516e97d1c6bd9936337e8c" |
133 | | - pbkdf2+sha256 "pbkdf2+sha256$d4043ce1e9e1f9eb9a198b54$100000$71526da5155651ed0eea37d13f728e802c54cf2a3e205b0dbbbfd1f2f169d5a3" |
| 163 | + pbkdf2+sha256-legacy "pbkdf2+sha256$7d0994313982465d82372493$100000$98c4b3043b30622917516e97d1c6bd9936337e8c" |
| 164 | + pbkdf2+sha256 "pbkdf2+sha256$092c7d26206ae9641d225ca432a9efcf$100000$76417ba855c352750319ae649141082bfa83e18ba3a4937580ae7d0226168c6a" |
| 165 | + pbkdf2+sha512 "pbkdf2+sha512$50577ebbbe53552a270598fd$100000$ee0b82c8887fc4bac8e8a28a785e2c7d679fc87a4c42478302ae40acad84aae77fdd2bce57b75595250c1a0226dbbdc4b94954ec61c7d2188d82ea15bce67af5" |
134 | 166 | pbkdf2+sha3_256 "pbkdf2+sha3_256$1278c96b4e68b98c633041dc$5000$d89f67636fec62cdd8379f8ff9305bece38f09b20659916d41cf91eacd91a85b" |
135 | 167 | pbkdf2+sha3-256 "pbkdf2+sha3-256$1278c96b4e68b98c633041dc$5000$d89f67636fec62cdd8379f8ff9305bece38f09b20659916d41cf91eacd91a85b" |
136 | 168 | pbkdf2+blake2b-512 "pbkdf2+blake2b-512$1a26daa54a09150de9f5a053$5000$2fe5dde2355a179f88969218466cd587681af2ce7d6de07080d94efab7cec9e091b7b1c3a34311ff72a3a883f261619b67583c1742f661bb3ab65bc4402fd4c1" |
137 | 169 | scrypt "scrypt$f54d4b5a1e8d8e63c82e1553$65536$8$1$24733024313030383031246850416d5378645243726664336350546b5a4c7330413d3d243448376945454c47395155492f2b477a42735a582f76554f3345495248656c6939734a73516c356e6571413d" |
138 | 170 | sha256 "sha256$bbac53106f8ce4f8c2d78f86$2182339b43ed1546b21488922c2516b64917025084577b33fc49357d9dd2c673" |
139 | 171 | bcrypt+blake2b-512 "bcrypt+blake2b-512$95d0488b2b69c79d4f48ab39338c322e$12$40a4ef31b6dd390b27bd6fc3c2fdeabfb1db85c9bef25c22" |
140 | | - bcrypt+sha512 "bcrypt+sha512$680bf9ad0bf9f8249bfebb85$12$243261243132244b4e2e4e456650704558323964686e6c64644f4b73656a6879584f635a4f6b7778596132475036772e6c2e784f49596631556f7679" |
| 172 | + bcrypt+sha512-legacy "bcrypt+sha512$680bf9ad0bf9f8249bfebb85$12$243261243132244b4e2e4e456650704558323964686e6c64644f4b73656a6879584f635a4f6b7778596132475036772e6c2e784f49596631556f7679" |
| 173 | + bcrypt+sha512 "bcrypt+sha512$b932bf208c7f3ecb563eebe89c39115b$12$bc3633d1f07c47edd91f0e7cf5649b040ea868cec63cda31" |
141 | 174 | bcrypt+sha384 "bcrypt+sha384$5c3b8cc880e0dd91520a900a8c8c6223$12$fa6e0a810b81b04634b19311e77eb00ba1d0f12c570adafa"] |
142 | 175 | (is (hashers/check "test" pbkdf2+sha1)) |
143 | | - (is (hashers/check "test" pbkdf2+sha256b)) |
144 | 176 | (is (hashers/check "test" pbkdf2+sha256)) |
| 177 | + (is (hashers/check "test" pbkdf2+sha256-legacy)) |
| 178 | + (is (hashers/check "test" pbkdf2+sha512)) |
145 | 179 | (is (hashers/check "test" pbkdf2+sha3_256)) |
146 | 180 | (is (hashers/check "test" pbkdf2+sha3-256)) |
147 | 181 | (is (hashers/check "test" scrypt)) |
148 | 182 | (is (hashers/check "test" sha256)) |
149 | 183 | (is (hashers/check "test" pbkdf2+blake2b-512)) |
| 184 | + (is (hashers/check "test" bcrypt+sha512-legacy)) |
150 | 185 | (is (hashers/check "test" bcrypt+sha512)) |
151 | 186 | (is (hashers/check "test" bcrypt+sha384)) |
152 | 187 | (is (hashers/check "test" bcrypt+blake2b-512)) |
|
161 | 196 | true) |
162 | 197 | :pbkdf2+sha1 |
163 | 198 | :pbkdf2+sha256 |
| 199 | + :pbkdf2+sha512 |
164 | 200 | :pbkdf2+sha3_256 |
165 | 201 | :pbkdf2+sha3-256 |
166 | 202 | :pbkdf2+blake2b-512 |
|
0 commit comments