iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Password Hashing, PBKDF2 and SHA-512

Browse Source 
Issue: BAEL-2164
This commit is contained in:
Sam Millington
2018-09-19 17:29:04 +01:00
committed by Josh Cummings
parent a5acc10bac
commit 4d2780379d
5 changed files with 313 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core-java/src/test/java/com/baeldung/passwordhashing/PBKDF2HasherUnitTest.java
+41
View File
@@ -0,0 +1,41 @@
package com.baeldung.passwordhashing;
import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.*;
public class PBKDF2HasherUnitTest {
private PBKDF2Hasher mPBKDF2Hasher;
@Before
public void setUp() throws Exception {
mPBKDF2Hasher = new PBKDF2Hasher();
}
@Test
public void givenCorrectMessageAndHash_whenAuthenticated_checkAuthenticationSucceeds() throws Exception {
String message1 = "password123";
String hash1 = mPBKDF2Hasher.hash(message1.toCharArray());
assertTrue(mPBKDF2Hasher.checkPassword(message1.toCharArray(), hash1));
}
@Test
public void givenWrongMessage_whenAuthenticated_checkAuthenticationFails() throws Exception {
String message1 = "password123";
String hash1 = mPBKDF2Hasher.hash(message1.toCharArray());
String wrongPasswordAttempt = "IamWrong";
assertFalse(mPBKDF2Hasher.checkPassword(wrongPasswordAttempt.toCharArray(), hash1));
}
}
core-java/src/test/java/com/baeldung/passwordhashing/SHA512HasherUnitTest.java
+70
View File
@@ -0,0 +1,70 @@
package com.baeldung.passwordhashing;
import org.junit.Before;
import org.junit.Test;
import java.security.SecureRandom;
import static org.junit.Assert.*;
/**
* Created by PhysicsSam on 06-Sep-18.
*/
public class SHA512HasherUnitTest {
private SHA512Hasher hasher;
private SecureRandom secureRandom;
@Before
public void setUp() throws Exception {
hasher = new SHA512Hasher();
secureRandom = new SecureRandom();
}
@Test
public void givenSamePasswordAndSalt_whenHashed_checkResultingHashesAreEqual() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String hash1 = hasher.hash("password", salt);
String hash2 = hasher.hash("password", salt);
assertEquals(hash1, hash2);
}
@Test
public void givenSamePasswordAndDifferentSalt_whenHashed_checkResultingHashesNotEqual() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String hash1 = hasher.hash("password", salt);
//generate a second salt
byte[] secondSalt = new byte[16];
String hash2 = hasher.hash("password", secondSalt);
assertNotEquals(hash1, hash2);
}
@Test
public void givenPredefinedHash_whenCorrectAttemptGiven_checkAuthenticationSucceeds() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String originalHash = hasher.hash("password123", salt);
assertTrue(hasher.checkPassword(originalHash, "password123", salt));
}
@Test
public void givenPredefinedHash_whenIncorrectAttemptGiven_checkAuthenticationFails() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String originalHash = hasher.hash("password123", salt);
assertFalse(hasher.checkPassword(originalHash, "password124", salt));
}
}