X-Git-Url: http://www.git.cypherpunks.ru/?p=balloon.git;a=blobdiff_plain;f=balloon_test.go;h=d8f9910abdb3e05e4add1ec28daf2e4753fed8a5;hp=68c108f4ac4b26c53df8d8a0a0fd2afe35c39c6b;hb=refs%2Fheads%2Fmaster;hpb=92c161713a13cc78403468c09f1557eb7c4a3a4a diff --git a/balloon_test.go b/balloon_test.go index 68c108f..d8f9910 100644 --- a/balloon_test.go +++ b/balloon_test.go @@ -1,27 +1,27 @@ -/* -balloon -- Balloon password hashing function -Copyright (C) 2016-2018 Sergey Matveev - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Lesser General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU Lesser General Public License for more details. - -You should have received a copy of the GNU Lesser General Public -License along with this program. If not, see -. -*/ +// balloon -- Balloon password hashing function +// Copyright (C) 2016-2024 Sergey Matveev +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public +// License along with this program. If not, see +// . package balloon import ( + "bytes" "crypto/rand" "crypto/sha256" + "crypto/sha512" + "encoding/hex" "testing" "testing/quick" ) @@ -31,7 +31,7 @@ func TestB(t *testing.T) { if len(passwd) == 0 || len(salt) == 0 { return true } - B(sha256.New(), passwd, salt, int(s)%16+1, int(t)%16+1) + B(sha512.New(), passwd, salt, uint64(s)%16+1, uint64(t)%16+1) return true } if err := quick.Check(f, nil); err != nil { @@ -44,7 +44,7 @@ func TestH(t *testing.T) { if len(passwd) == 0 || len(salt) == 0 { return true } - H(sha256.New, passwd, salt, int(s)%16+1, int(t)%16+1, int(p)%8+1) + H(sha512.New, passwd, salt, int(s)%16+1, int(t)%16+1, int(p)%8+1) return true } if err := quick.Check(f, nil); err != nil { @@ -57,9 +57,11 @@ func BenchmarkB(b *testing.B) { rand.Read(passwd) salt := make([]byte, 8) rand.Read(salt) + h := sha512.New() + sCost := uint64(1 << 10 / h.Size()) b.ResetTimer() for i := 0; i < b.N; i++ { - B(sha256.New(), passwd, salt, 1<<10/sha256.New().Size(), 4) + B(h, passwd, salt, sCost, 4) } } @@ -68,8 +70,55 @@ func BenchmarkH(b *testing.B) { rand.Read(passwd) salt := make([]byte, 8) rand.Read(salt) + sCost := 1 << 10 / sha512.New().Size() b.ResetTimer() for i := 0; i < b.N; i++ { - H(sha256.New, passwd, salt, 1<<10/sha256.New().Size(), 4, 4) + H(sha512.New, passwd, salt, sCost, 4, 4) + } +} + +func mustHexDecode(s string) []byte { + b, err := hex.DecodeString(s) + if err != nil { + panic(err) + } + return b +} + +func TestVectors(t *testing.T) { + // taken from Nettle 3.9 + if !bytes.Equal( + B(sha256.New(), []byte("password"), []byte("salt"), 1, 1), + mustHexDecode("eefda4a8a75b461fa389c1dcfaf3e9dfacbc26f81f22e6f280d15cc18c417545"), + ) { + t.FailNow() + } + + if !bytes.Equal( + B(sha256.New(), []byte{0}, []byte{0}, 3, 3), + mustHexDecode("4fc7e302ffa29ae0eac31166cee7a552d1d71135f4e0da66486fb68a749b73a4"), + ) { + t.FailNow() + } + + if !bytes.Equal( + B(sha256.New(), nil, []byte("salt"), 3, 3), + mustHexDecode("5f02f8206f9cd212485c6bdf85527b698956701ad0852106f94b94ee94577378"), + ) { + t.FailNow() + } + + if !bytes.Equal( + B(sha256.New(), []byte("password"), nil, 3, 3), + mustHexDecode("20aa99d7fe3f4df4bd98c655c5480ec98b143107a331fd491deda885c4d6a6cc"), + ) { + t.FailNow() + } + + if !bytes.Equal( + B(sha256.New(), []byte("hunter42"), []byte("examplesalt"), 1024, 3), + mustHexDecode("716043dff777b44aa7b88dcbab12c078abecfac9d289c5b5195967aa63440dfb"), + ) { + t.FailNow() } }