test(subsonic): decodePassword + md5(password+salt) derivation
This commit is contained in:
@@ -0,0 +1,44 @@
|
||||
package subsonic
|
||||
|
||||
import (
|
||||
"crypto/md5"
|
||||
"encoding/hex"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestDecodePasswordEnc(t *testing.T) {
|
||||
out, err := decodePassword("enc:68656c6c6f")
|
||||
if err != nil {
|
||||
t.Fatalf("decode: %v", err)
|
||||
}
|
||||
if out != "hello" {
|
||||
t.Errorf("decode = %q, want hello", out)
|
||||
}
|
||||
}
|
||||
|
||||
func TestDecodePasswordPlain(t *testing.T) {
|
||||
out, err := decodePassword("hunter2")
|
||||
if err != nil || out != "hunter2" {
|
||||
t.Errorf("plain passthrough = %q, %v", out, err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestDecodePasswordBadHex(t *testing.T) {
|
||||
if _, err := decodePassword("enc:zzzz"); err == nil {
|
||||
t.Error("expected error for malformed enc: prefix")
|
||||
}
|
||||
}
|
||||
|
||||
// TestTokenMD5Derivation documents the t = md5(password + salt) construction
|
||||
// so regressions in the auth path surface as a failing checksum rather than a
|
||||
// 40/wrong-credentials response that could be mistaken for bad inputs.
|
||||
func TestTokenMD5Derivation(t *testing.T) {
|
||||
password := "hunter2"
|
||||
salt := "NaClz"
|
||||
sum := md5.Sum([]byte(password + salt))
|
||||
want := hex.EncodeToString(sum[:])
|
||||
const expected = "91b894c3c9af9c16bec1b3f771e31462"
|
||||
if want != expected {
|
||||
t.Errorf("md5(password+salt) = %s, want %s", want, expected)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user