File: scram_formatter_test.go

package info (click to toggle)
golang-github-ibm-sarama 1.45.1-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,964 kB
  • sloc: makefile: 35; sh: 19
file content (82 lines) | stat: -rw-r--r-- 2,514 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
//go:build !functional

package sarama

import (
	"bytes"
	"testing"
)

/*
Following code can be used to validate saltedPassword implementation:

<pre>
import org.apache.kafka.common.security.scram.internals.ScramFormatter;
import org.apache.kafka.common.security.scram.internals.ScramMechanism;
import java.nio.charset.StandardCharsets;

public class App {

    public static String bytesToHex(byte[] in) {
        final StringBuilder builder = new StringBuilder();
        for(byte b : in) {
            builder.append(String.format("0x%02x, ", b));
        }
        return builder.toString();
    }

	public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeyException {
	   int digestIterations = 4096;
	   String password = "hello";
	   byte[] salt = "world".getBytes(StandardCharsets.UTF_8);
	   byte[] saltedPassword = new ScramFormatter(ScramMechanism.SCRAM_SHA_256)
			   .saltedPassword(password, salt, digestIterations);
	   System.out.println(bytesToHex(saltedPassword));
	}
}
</pre>
*/

func TestScramSaltedPasswordSha512(t *testing.T) {
	password := []byte("hello")
	salt := []byte("world")

	formatter := scramFormatter{mechanism: SCRAM_MECHANISM_SHA_512}
	result, _ := formatter.saltedPassword(password, salt, 4096)

	// calculated using ScramFormatter (see comment above)
	expected := []byte{
		0x35, 0x0c, 0x77, 0x84, 0x8a, 0x63, 0x06, 0x92, 0x00,
		0x6e, 0xc6, 0x6a, 0x0c, 0x39, 0xeb, 0xb0, 0x00, 0xd3,
		0xf8, 0x8a, 0x94, 0xae, 0x7f, 0x8c, 0xcd, 0x1d, 0x92,
		0x52, 0x6c, 0x5b, 0x16, 0x15, 0x86, 0x3b, 0xde, 0xa1,
		0x6c, 0x12, 0x9a, 0x7b, 0x09, 0xed, 0x0e, 0x38, 0xf2,
		0x07, 0x4d, 0x2f, 0xe2, 0x9f, 0x0f, 0x41, 0xe1, 0xfb,
		0x00, 0xc1, 0xd3, 0xbd, 0xd3, 0xfd, 0x51, 0x0b, 0xa9,
		0x8f,
	}

	if !bytes.Equal(result, expected) {
		t.Errorf("saltedPassword SHA-512 failed, expected: %v, result: %v", expected, result)
	}
}

func TestScramSaltedPasswordSha256(t *testing.T) {
	password := []byte("hello")
	salt := []byte("world")

	formatter := scramFormatter{mechanism: SCRAM_MECHANISM_SHA_256}
	result, _ := formatter.saltedPassword(password, salt, 4096)

	// calculated using ScramFormatter (see comment above)
	expected := []byte{
		0xc1, 0x55, 0x53, 0x03, 0xda, 0x30, 0x9f, 0x6b, 0x7d,
		0x1e, 0x8f, 0xe4, 0x56, 0x36, 0xbf, 0xdd, 0xdc, 0x4b,
		0xf5, 0x64, 0x05, 0xe7, 0xe9, 0x4e, 0x9d, 0x15, 0xf0,
		0xe7, 0xb9, 0xcb, 0xd3, 0x80,
	}

	if !bytes.Equal(result, expected) {
		t.Errorf("saltedPassword SHA-256 failed, expected: %v, result: %v", expected, result)
	}
}