From c7cd9bd5911f8393fa758e329f8786913a5c321f Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Wed, 13 Jan 2021 15:09:01 +0100
Subject: Password: Add password module

Replaces Pbkdf2.
---
 test/pleroma/password_test.exs | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 test/pleroma/password_test.exs

(limited to 'test')

diff --git a/test/pleroma/password_test.exs b/test/pleroma/password_test.exs
new file mode 100644
index 000000000..6ed0ca826
--- /dev/null
+++ b/test/pleroma/password_test.exs
@@ -0,0 +1,35 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.PasswordTest do
+  use Pleroma.DataCase, async: true
+
+  alias Pleroma.Password
+
+  test "it generates the same hash as pbkd2_elixir" do
+    # hash = Pleroma.Password.hash_pwd_salt("password")
+    hash =
+      "$pbkdf2-sha512$1$QJpEYw8iBKcnY.4Rm0eCVw$UBPeWQ91RxSv3snxsb/ZzMeG/2aa03c541bbo8vQudREGNta5t8jBQrd00fyJp8RjaqfvgdZxy2rhSwljyu21g"
+
+    # Use the same randomly generated salt
+    salt = Password.decode64("QJpEYw8iBKcnY.4Rm0eCVw")
+
+    assert hash == Password.hash_pwd_salt("password", salt: salt)
+  end
+
+  @tag skip: "Works when Pbkd2 is present. Source: trust me bro"
+  test "Pleroma.Password can verify passwords generated with it" do
+    hash = Password.hash_pwd_salt("password")
+
+    assert Pleroma.Password.verify_pass("password", hash)
+  end
+
+  test "it verifies pbkdf2_elixir hashes" do
+    # hash = Pleroma.Password.hash_pwd_salt("password")
+    hash =
+      "$pbkdf2-sha512$1$QJpEYw8iBKcnY.4Rm0eCVw$UBPeWQ91RxSv3snxsb/ZzMeG/2aa03c541bbo8vQudREGNta5t8jBQrd00fyJp8RjaqfvgdZxy2rhSwljyu21g"
+
+    assert Password.verify_pass("password", hash)
+  end
+end
-- 
cgit v1.2.3