Use hmac instead of a second pbkdf

2014-11-04 11:47:38 -03:00 · 2014-11-04 11:47:38 -03:00 · 49fbf2c849
commit 49fbf2c849
parent df52a0ef95
4 changed files with 51 additions and 28 deletions
--- a/test/plugin.insight.js
+++ b/test/plugin.insight.js
@ -14,8 +14,7 @@ describe('insight storage plugin', function() {

  var oldSecret = 'rFA+F/N+ZvKXp717zBdfCKYQ5v9Fjry0W6tautj5etIH'
                + 'KLQliZBEYXA7AXjTJ9K3DglzGWJKost3QJUCMbhM/A=='
-  var newSecret = '2YTcmtkmC/WSVrfmjAEyOmDnmntVQ8A9wS/q1DbD6rkc'
-                + 'si8LrIvS2Ru85Feb5Bvk2ziQbEN6PzlL1mIyQ3a+Vw=='
+  var newSecret = '+72pwnQ/ukrXVXZ/L4vFeiykwn522uVz0J6p81TGXvI=';

  var setupStorageCredentials = function() {
    storage.setCredentials(email, password);
@ -122,8 +121,10 @@ describe('insight storage plugin', function() {
        var url = requestMock.post.firstCall.args[0].url;
        var args = querystring.decode(receivedArgs);
        assert(url.indexOf('change_passphrase') !== -1);
-        assert(args.secret === oldSecret);
-        assert(args.newSecret === newSecret);
+        assert(requestMock.post.firstCall.args[0].headers.Authorization
+               ===
+               new Buffer(email + ':' + oldSecret).toString('base64'));
+        assert(args.newPassphrase === newSecret);
        done();
      });
    }
--- a/test/util.crypto.js
+++ b/test/util.crypto.js
@ -50,6 +50,9 @@ describe('crypto utils', function() {
    });
    it('should generate a passphrase from weird chars', function() {
      var phrase = cryptoUtils.kdf('Pwd123!@#$%^&*(){}[]\|/?.>,<=+-_`~åéþïœ’ä²¤þçæ¶');
+      var expected = 'CZwb5KdikvZHVsEoZUdJckAy+yyzGnd++XhyqxJXbc30'
+                   + 'pEoO+WqHgqBbdf0gn2wiyWZv3zymB+7L75Xnz3uSlg==';
+      phrase.should.equal(expected);
    });
  });