-
Notifications
You must be signed in to change notification settings - Fork 1.8k
/
Copy pathscram_formatter_test.go
80 lines (66 loc) · 2.43 KB
/
scram_formatter_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package sarama
import (
"bytes"
"testing"
)
/*
Following code can be used to validate saltedPassword implementation:
<pre>
import org.apache.kafka.common.security.scram.internals.ScramFormatter;
import org.apache.kafka.common.security.scram.internals.ScramMechanism;
import java.nio.charset.StandardCharsets;
public class App {
public static String bytesToHex(byte[] in) {
final StringBuilder builder = new StringBuilder();
for(byte b : in) {
builder.append(String.format("0x%02x, ", b));
}
return builder.toString();
}
public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeyException {
int digestIterations = 4096;
String password = "hello";
byte[] salt = "world".getBytes(StandardCharsets.UTF_8);
byte[] saltedPassword = new ScramFormatter(ScramMechanism.SCRAM_SHA_256)
.saltedPassword(password, salt, digestIterations);
System.out.println(bytesToHex(saltedPassword));
}
}
</pre>
*/
func TestScramSaltedPasswordSha512(t *testing.T) {
password := []byte("hello")
salt := []byte("world")
formatter := scramFormatter{mechanism: SCRAM_MECHANISM_SHA_512}
result, _ := formatter.saltedPassword(password, salt, 4096)
// calculated using ScramFormatter (see comment above)
expected := []byte{
0x35, 0x0c, 0x77, 0x84, 0x8a, 0x63, 0x06, 0x92, 0x00,
0x6e, 0xc6, 0x6a, 0x0c, 0x39, 0xeb, 0xb0, 0x00, 0xd3,
0xf8, 0x8a, 0x94, 0xae, 0x7f, 0x8c, 0xcd, 0x1d, 0x92,
0x52, 0x6c, 0x5b, 0x16, 0x15, 0x86, 0x3b, 0xde, 0xa1,
0x6c, 0x12, 0x9a, 0x7b, 0x09, 0xed, 0x0e, 0x38, 0xf2,
0x07, 0x4d, 0x2f, 0xe2, 0x9f, 0x0f, 0x41, 0xe1, 0xfb,
0x00, 0xc1, 0xd3, 0xbd, 0xd3, 0xfd, 0x51, 0x0b, 0xa9,
0x8f,
}
if !bytes.Equal(result, expected) {
t.Errorf("saltedPassword SHA-512 failed, expected: %v, result: %v", expected, result)
}
}
func TestScramSaltedPasswordSha256(t *testing.T) {
password := []byte("hello")
salt := []byte("world")
formatter := scramFormatter{mechanism: SCRAM_MECHANISM_SHA_256}
result, _ := formatter.saltedPassword(password, salt, 4096)
// calculated using ScramFormatter (see comment above)
expected := []byte{
0xc1, 0x55, 0x53, 0x03, 0xda, 0x30, 0x9f, 0x6b, 0x7d,
0x1e, 0x8f, 0xe4, 0x56, 0x36, 0xbf, 0xdd, 0xdc, 0x4b,
0xf5, 0x64, 0x05, 0xe7, 0xe9, 0x4e, 0x9d, 0x15, 0xf0,
0xe7, 0xb9, 0xcb, 0xd3, 0x80,
}
if !bytes.Equal(result, expected) {
t.Errorf("saltedPassword SHA-256 failed, expected: %v, result: %v", expected, result)
}
}