-/*
-balloon -- Balloon password hashing function
-Copyright (C) 2016-2020 Sergey Matveev <stargrave@stargrave.org>
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Lesser General Public License as
-the Free Software Foundation, version 3 of the License.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU Lesser General Public License for more details.
-
-You should have received a copy of the GNU Lesser General Public
-License along with this program. If not, see
-<http://www.gnu.org/licenses/>.
-*/
+// balloon -- Balloon password hashing function
+// Copyright (C) 2016-2024 Sergey Matveev <stargrave@stargrave.org>
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as
+// the Free Software Foundation, version 3 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public
+// License along with this program. If not, see
+// <http://www.gnu.org/licenses/>.
package balloon
import (
+ "bytes"
"crypto/rand"
+ "crypto/sha256"
"crypto/sha512"
+ "encoding/hex"
"testing"
"testing/quick"
)
H(sha512.New, passwd, salt, sCost, 4, 4)
}
}
+
+func mustHexDecode(s string) []byte {
+ b, err := hex.DecodeString(s)
+ if err != nil {
+ panic(err)
+ }
+ return b
+}
+
+func TestVectors(t *testing.T) {
+ // taken from Nettle 3.9
+ if !bytes.Equal(
+ B(sha256.New(), []byte("password"), []byte("salt"), 1, 1),
+ mustHexDecode("eefda4a8a75b461fa389c1dcfaf3e9dfacbc26f81f22e6f280d15cc18c417545"),
+ ) {
+ t.FailNow()
+ }
+
+ if !bytes.Equal(
+ B(sha256.New(), []byte{0}, []byte{0}, 3, 3),
+ mustHexDecode("4fc7e302ffa29ae0eac31166cee7a552d1d71135f4e0da66486fb68a749b73a4"),
+ ) {
+ t.FailNow()
+ }
+
+ if !bytes.Equal(
+ B(sha256.New(), nil, []byte("salt"), 3, 3),
+ mustHexDecode("5f02f8206f9cd212485c6bdf85527b698956701ad0852106f94b94ee94577378"),
+ ) {
+ t.FailNow()
+ }
+
+ if !bytes.Equal(
+ B(sha256.New(), []byte("password"), nil, 3, 3),
+ mustHexDecode("20aa99d7fe3f4df4bd98c655c5480ec98b143107a331fd491deda885c4d6a6cc"),
+ ) {
+ t.FailNow()
+ }
+
+ if !bytes.Equal(
+ B(sha256.New(), []byte("hunter42"), []byte("examplesalt"), 1024, 3),
+ mustHexDecode("716043dff777b44aa7b88dcbab12c078abecfac9d289c5b5195967aa63440dfb"),
+ ) {
+ t.FailNow()
+ }
+}