345 lines
9.5 KiB
ObjectPascal
345 lines
9.5 KiB
ObjectPascal
Program BCryptHashTest;
|
|
{$mode objfpc}{$H+}
|
|
{$ASSERTIONS ON}
|
|
{$UNITPATH ../}
|
|
|
|
uses Hash.BCrypt, Classes, SysUtils, Crt;
|
|
const
|
|
HashToMatch1 = '$2y$14$6m54yWmpJRWWVkUz9p7feOlfQvafHGwsWt9pYupeLr8DU5wKMv.wW';
|
|
HashToMatch2 = '$2y$16$d6eiNIIJPsVWtF.RCr.GUuCRs2hHFDB.0wPR.uK4kTi7KJvIO7k8e';
|
|
BSDHashToMatch = '$2a$14$6m54yWmpJRWWVkUz9p7feOlfQvafHGwsWt9pYupeLr8DU5wKMv.wW';
|
|
ShortHash = '$2y$14$6m54yWmpJRWWVkUz9p7feOlfQvafHGwsWt9pYupeLr8DU5wK';
|
|
LongHash = '$2y$14$6m54yWmpJRWWVkUz9p7feOlfQvafHGwsWt9pYupeLr8DU5wKMv.wWwKMvwKMv';
|
|
StaticPassword = 'password';
|
|
|
|
var
|
|
TBCrypt : RTBCrypt;
|
|
PasswordInfo : RTPasswordInformation;
|
|
i, j,
|
|
Assertions,
|
|
FailedAssertions,
|
|
PassedAssertions : Word;
|
|
Passed : Boolean;
|
|
|
|
PasswordHashes : array [1..14] of AnsiString = (
|
|
'$2y$10$LCb3aOt8lAXSzNrEpQKDQO1zc2wCCQltrDwSEbb9JaUo4OKbphC3i',
|
|
'$2y$11$H7TRTJZqQTzN5RCiwMOne.yjVxyKCd4GyLrBQzV91gK0T4XQeKTNa',
|
|
'$2y$12$EL5tAZCoKb/kz4Q6WWCiw.DY1Ow/PcyE0w0Uo/SNjtnq7mePss/Yq',
|
|
'$2y$13$ou4ZkaFPLILNkSLNINSw9uEARJOQQr8u02KbVuosBs3ULxpbEpjwS',
|
|
'$2y$14$jvv79wTecdgfOjhefJL8B.ziJNvfqf.hR9IkUdEzgOVyqzgUDMnW.',
|
|
'$2y$15$EdDG3DH94Yw5HWD8pHFpwuF6Bs/24cnf0c.H2UrhPeld4sl5.LPT.',
|
|
'$2y$16$NjsYCIxFgM0KUfJ2N0tW1umTh4hUV696cEwVo8TM/grYdfbc4dwwu',
|
|
// BSD
|
|
'$2a$10$gd4l18fYW85l4he4zRD.seTuSA81Ku.Myqhdqp0LapOoGyHIe3okG',
|
|
'$2a$11$sbCP6X5yYvjYe8EJt2H4wOGxiTT/JIXz.fCaVdLAXp58mEiXeQlrO',
|
|
'$2a$12$hnT.LCI2PlLFDDI8lAi6G.Lmb5Q45pUIKk7Rabos9LNl8gqW4Z9gi',
|
|
'$2a$13$UB99eDai2k5YrwAAbqxPreIStZiSszuRT0AZCP4hvavPSxUoC7DxW',
|
|
'$2a$14$SDveEpfBff4N4FkpvQyxyu07EFhADHjk3lJkW3mV0/1x98xK28LKK',
|
|
'$2a$15$7z9ZVYe16/s6NAXjWO2eyeCPR0tyUhI4PCj0LlJZ3XUR2NMrmO18y',
|
|
'$2a$16$ZhJeznvMiClYg20vpSjPDOC79J5KKlaLmQAXuObWHl90G2D21NvKO');
|
|
|
|
PHPPasswordHashes : array [1..7] of AnsiString = (
|
|
'$2y$10$jRrQ51AeaJsJwNUw.QCDsOixDj.E0Vf2AG4tZdDmWqCSypmpFTr/q',
|
|
'$2y$11$VEWaKBoOqoer/kjv3p/6SOa0SVTLRqH5huBsH7/6UlOvHI8f4zvvO',
|
|
'$2y$12$hB6POF2QYZrkIx5a/CzB.OxvmJV9gy.93SPmOvwVySwukE1fJFgZm',
|
|
'$2y$13$UWJNfSSzwYKeYyddhVYbNuyjYJx6ZZMGSLJnYcxiaFmYmPcTnJgxK',
|
|
'$2y$14$FY/x2WRjTSB54IcSiRkz3u0mtyyNzeX/JQmxFxIyWrrc24JK3EuVK',
|
|
'$2y$15$LE0.AEojI.2T6RadZVhc7eVsAkGsv0A2t0cKgWQBuAes86m.G036q',
|
|
'$2y$16$yYy5GcoIgdd02DmUM3tfded5R5mv4K5QNG8QZDylGadokBdSL2WU6');
|
|
|
|
PasswordHashFailures : array [1..7] of AnsiString = (
|
|
'$2y$10$LCb3aOt8lAXSzNrEpQKDQO1zc2wCCQltrDwSEbb9JaUo4OKbph',
|
|
'$2y$11$H7TRTJZqQTzN5RCiwMOne.yjVxyKCd4GyLrBQzV91gK0T4XQeKTNadr',
|
|
'$2y$12$EL5tAZCoKb/kz4Q6WWCiw.DY1Ow/PcyE0w0Uo/SNjtnq7mePss/YQ',
|
|
'$2y$13$ou4ZkaFPLILNkSLNINSw9uEARJOQQr8u02KbVuosBs3ULxpbEpjwt',
|
|
'$2y$14$jvv79wTecdgfOjhefJL8B.ziJNvfqf.hR9IkUdEzgOVyqzgUDMn.W',
|
|
'$2y$15$EdDG3DH94Yw5HWD8pHFpwuF6Bs/24cnf0c.H2UrhPeld4sl5.LP.',
|
|
'$2y$16$NjsYCIxFgM0KUfJ2N0tW1umTh4hV696cEwVo8TM/gYdfbc4duwwd/');
|
|
|
|
begin
|
|
|
|
TBCrypt := RTBCrypt.Create;
|
|
|
|
Assertions := 0;
|
|
FailedAssertions := 0;
|
|
PassedAssertions := 0;
|
|
|
|
WriteLn(#10#13'Testing Pascal Hashes ...'#10#13);
|
|
for i := 1 to 14 do
|
|
begin
|
|
Write('Testing : ', PasswordHashes[i]);
|
|
try
|
|
Assert(TBCrypt.VerifyHash(StaticPassword, PasswordHashes[i]) = True, 'Should Be True');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
WriteLn(' - Fail');
|
|
Inc(FailedAssertions);
|
|
Continue;
|
|
end;
|
|
end;
|
|
WriteLn(' - Pass');
|
|
Inc(PassedAssertions);
|
|
if i = 7 then
|
|
begin
|
|
Writeln(#10#13'Testing BSD Hashes ...'#10#13);
|
|
end;
|
|
end;
|
|
WriteLn(#10#13'Testing PHP Hashes ...'#10#13);
|
|
for i := 1 to 7 do
|
|
begin
|
|
Write('Testing : ', PHPPasswordHashes[i]);
|
|
try
|
|
Assert(TBCrypt.VerifyHash(StaticPassword, PHPPasswordHashes[i]) = True, 'Should Be True');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
WriteLn(' - Fail');
|
|
Inc(FailedAssertions);
|
|
Continue;
|
|
end;
|
|
end;
|
|
WriteLn(' - Pass');
|
|
Inc(PassedAssertions);
|
|
end;
|
|
WriteLn(#10#13'Testing Failures ...'#10#13);
|
|
for i := 1 to 7 do
|
|
begin
|
|
Write('Testing : ', PasswordHashFailures[i]);
|
|
try
|
|
Assert(TBCrypt.VerifyHash(StaticPassword, PasswordHashFailures[i]) = False, 'Should Be False');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
WriteLn(' - Fail');
|
|
Inc(FailedAssertions);
|
|
Continue;
|
|
end;
|
|
end;
|
|
WriteLn(' - Pass');
|
|
Inc(PassedAssertions);
|
|
|
|
end;
|
|
|
|
WriteLn(#10#13'Testing Rehash True ...'#10#13);
|
|
for i := 1 to 7 do
|
|
begin
|
|
Write('Testing : ', PasswordHashes[i]);
|
|
try
|
|
Assert(TBCrypt.NeedsRehash(PasswordHashes[i], 17) = True, 'Should Be True');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
WriteLn(' - Fail');
|
|
Inc(FailedAssertions);
|
|
Continue;
|
|
end;
|
|
end;
|
|
WriteLn(' - Pass');
|
|
Inc(PassedAssertions);
|
|
end;
|
|
|
|
WriteLn(#10#13'Testing Rehash False ...'#10#13);
|
|
j := 10;
|
|
for i := 1 to 7 do
|
|
begin
|
|
Write('Testing : ', PasswordHashes[i]);
|
|
try
|
|
Assert(TBCrypt.NeedsRehash(PasswordHashes[i], j) = False, 'Should Be False');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
WriteLn(' - Fail');
|
|
Inc(FailedAssertions);
|
|
Inc(j);
|
|
Continue;
|
|
end;
|
|
end;
|
|
WriteLn(' - Pass');
|
|
Inc(PassedAssertions);
|
|
Inc(j);
|
|
end;
|
|
|
|
WriteLn(#10#13'Testing HashGetInfo on hash '#10#13, HashToMatch2, ' ...'#10#13);
|
|
PasswordInfo := TBCrypt.HashGetInfo(HashToMatch2);
|
|
Passed := True;
|
|
With PasswordInfo do
|
|
begin
|
|
Writeln('Algo : ', Algo);
|
|
try
|
|
Assert(Algo = bcPHP);
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
Inc(FailedAssertions);
|
|
end;
|
|
end;
|
|
WriteLn('AlgoName : ', AlgoName);
|
|
WriteLn('Cost : ', Cost);
|
|
Write('Salt : ', BCryptSalt);
|
|
try
|
|
Assert(Length(BCryptSalt) = 22, 'Should Be True');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
Passed := False;
|
|
end;
|
|
end;
|
|
if Passed = False then
|
|
begin
|
|
Writeln(' Length - Fail');
|
|
Inc(FailedAssertions);
|
|
end else
|
|
begin
|
|
Writeln(' Length - Pass');
|
|
Inc(PassedAssertions);
|
|
end;
|
|
Passed := True;
|
|
Write('Hash : ', BCryptHash);
|
|
try
|
|
Assert(Length(BCryptHash) = 31, 'Should Be True');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
Passed := False;
|
|
end;
|
|
end;
|
|
if Passed = False then
|
|
begin
|
|
Writeln(' Length - Fail');
|
|
Inc(FailedAssertions);
|
|
end else
|
|
begin
|
|
Writeln(' Length - Pass');
|
|
Inc(PassedAssertions);
|
|
end;
|
|
|
|
end;
|
|
|
|
WriteLn(#10#13'Testing HashGetInfo on bsd hash '#10#13, BSDHashToMatch, ' ...'#10#13);
|
|
PasswordInfo := TBCrypt.HashGetInfo(BSDHashToMatch);
|
|
Passed := True;
|
|
With PasswordInfo do
|
|
begin
|
|
Writeln('Algo : ', Algo);
|
|
try
|
|
Assert(Algo = bcBSD);
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
Inc(FailedAssertions);
|
|
end;
|
|
end;
|
|
WriteLn('AlgoName : ', AlgoName);
|
|
WriteLn('Cost : ', Cost);
|
|
Write('Salt : ', BCryptSalt);
|
|
try
|
|
Assert(Length(BCryptSalt) = 22, 'Should Be True');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
Passed := False;
|
|
end;
|
|
end;
|
|
if Passed = False then
|
|
begin
|
|
Writeln(' Length - Fail');
|
|
Inc(FailedAssertions);
|
|
end else
|
|
begin
|
|
Writeln(' Length - Pass');
|
|
Inc(PassedAssertions);
|
|
end;
|
|
Passed := True;
|
|
Write('Hash : ', BCryptHash);
|
|
try
|
|
Assert(Length(BCryptHash) = 31, 'Should Be True');
|
|
Inc(Assertions);
|
|
except
|
|
on e: EAssertionFailed do
|
|
begin
|
|
Passed := False;
|
|
end;
|
|
end;
|
|
if Passed = False then
|
|
begin
|
|
Writeln(' Length - Fail');
|
|
Inc(FailedAssertions);
|
|
end else
|
|
begin
|
|
Writeln(' Length - Pass');
|
|
Inc(PassedAssertions);
|
|
end;
|
|
|
|
end;
|
|
|
|
Writeln(#10#13'Testing PasswordInfo with bad Hashes.'#10#13);
|
|
Passed := False;
|
|
try
|
|
Write('Short Hash : ', ShortHash);
|
|
PasswordInfo := TBCrypt.HashGetInfo(ShortHash);
|
|
Inc(Assertions);
|
|
except
|
|
on e: EHash do
|
|
begin
|
|
Passed := True;
|
|
end;
|
|
end;
|
|
if Passed = True then
|
|
begin
|
|
Writeln(' - Pass');
|
|
Inc(PassedAssertions);
|
|
end else
|
|
begin
|
|
Writeln(' - Fail');
|
|
Inc(FailedAssertions);
|
|
end;
|
|
Passed := False;
|
|
try
|
|
Write('Long Hash : ', LongHash);
|
|
PasswordInfo := TBCrypt.HashGetInfo(LongHash);
|
|
Inc(Assertions);
|
|
except
|
|
on e: EHash do
|
|
begin
|
|
Passed := True;
|
|
end;
|
|
end;
|
|
if Passed = True then
|
|
begin
|
|
Writeln(' - Pass');
|
|
Inc(PassedAssertions);
|
|
end else
|
|
begin
|
|
Writeln(' - Fail');
|
|
Inc(FailedAssertions);
|
|
end;
|
|
|
|
|
|
Writeln(#10#13'Testing hashing ...'#10#13);
|
|
Writeln(TBCrypt.CreateHash(StaticPassword));
|
|
Writeln(TBCrypt.CreateHash(StaticPassword, bcBSD));
|
|
Writeln(TBCrypt.CreateHash(StaticPassword, bcDefault));
|
|
Writeln(TBCrypt.CreateHash(StaticPassword, bcPHP));
|
|
Writeln(TBCrypt.CreateHash(StaticPassword, bcBSD, 14));
|
|
Writeln(TBCrypt.CreateHash(StaticPassword, bcDefault, 14));
|
|
Writeln(TBCrypt.CreateHash(StaticPassword, bcPHP, 14));
|
|
Writeln(#10#13);
|
|
|
|
TBCrypt.Free;
|
|
Writeln('Assertions : ', Assertions);
|
|
Writeln('Passed Assertions : ', PassedAssertions);
|
|
Writeln('Failed Assertions : ', FailedAssertions);
|
|
Writeln;
|
|
end.
|