Home Explore Help
Sign In
txlyre
/
3x-ui
mirror of https://github.com/MHSanaei/3x-ui
1
0
Fork 0
Files Issues 0 Wiki
Tree: bb5ea3af05
Branches Tags
3x-ui
/
util
/
crypto
/
crypto_test.go

crypto_test.go 1.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. package crypto
    2. 

  2. 

  3. import (
    4. 

  4. 	"strings"
    5. 

  5. 	"testing"
    6. 

  6. )
    7. 

  7. 

  8. func TestHashPasswordAsBcrypt_RoundTrip(t *testing.T) {
    9. 

  9. 	password := "correct horse battery staple"
    10. 

  10. 

  11. 	hash, err := HashPasswordAsBcrypt(password)
    12. 

  12. 	if err != nil {
    13. 

  13. 		t.Fatalf("HashPasswordAsBcrypt returned error: %v", err)
    14. 

  14. 	}
    15. 

  15. 	if hash == "" {
    16. 

  16. 		t.Fatal("expected non-empty hash")
    17. 

  17. 	}
    18. 

  18. 	if hash == password {
    19. 

  19. 		t.Fatal("hash must not equal the plaintext password")
    20. 

  20. 	}
    21. 

  21. 	if !strings.HasPrefix(hash, "$2") {
    22. 

  22. 		t.Fatalf("expected bcrypt prefix $2..., got %q", hash[:min(4, len(hash))])
    23. 

  23. 	}
    24. 

  24. 

  25. 	if !CheckPasswordHash(hash, password) {
    26. 

  26. 		t.Fatal("CheckPasswordHash returned false for the matching password")
    27. 

  27. 	}
    28. 

  28. }
    29. 

  29. 

  30. func TestCheckPasswordHash_WrongPassword(t *testing.T) {
    31. 

  31. 	hash, err := HashPasswordAsBcrypt("right-password")
    32. 

  32. 	if err != nil {
    33. 

  33. 		t.Fatalf("HashPasswordAsBcrypt returned error: %v", err)
    34. 

  34. 	}
    35. 

  35. 

  36. 	if CheckPasswordHash(hash, "wrong-password") {
    37. 

  37. 		t.Fatal("CheckPasswordHash returned true for a wrong password")
    38. 

  38. 	}
    39. 

  39. 	if CheckPasswordHash(hash, "") {
    40. 

  40. 		t.Fatal("CheckPasswordHash returned true for an empty password")
    41. 

  41. 	}
    42. 

  42. }
    43. 

  43. 

  44. func TestCheckPasswordHash_InvalidHash(t *testing.T) {
    45. 

  45. 	if CheckPasswordHash("", "anything") {
    46. 

  46. 		t.Fatal("empty hash must not validate")
    47. 

  47. 	}
    48. 

  48. 	if CheckPasswordHash("not-a-bcrypt-hash", "anything") {
    49. 

  49. 		t.Fatal("malformed hash must not validate")
    50. 

  50. 	}
    51. 

  51. }
    52. 

  52. 

  53. func TestHashPasswordAsBcrypt_DifferentHashesForSamePassword(t *testing.T) {
    54. 

  54. 	password := "same-password"
    55. 

  55. 	h1, err := HashPasswordAsBcrypt(password)
    56. 

  56. 	if err != nil {
    57. 

  57. 		t.Fatalf("first hash failed: %v", err)
    58. 

  58. 	}
    59. 

  59. 	h2, err := HashPasswordAsBcrypt(password)
    60. 

  60. 	if err != nil {
    61. 

  61. 		t.Fatalf("second hash failed: %v", err)
    62. 

  62. 	}
    63. 

  63. 	if h1 == h2 {
    64. 

  64. 		t.Fatal("expected bcrypt to produce different hashes (random salt) for the same password")
    65. 

  65. 	}
    66. 

  66. 	if !CheckPasswordHash(h1, password) || !CheckPasswordHash(h2, password) {
    67. 

  67. 		t.Fatal("both hashes should still validate the original password")
    68. 

  68. 	}
    69. 

  69. }
    70.