The method SCryptUtil#check produces a different result when the parameter passwd is an empty string depending on whether the native library or pure Java implementation of scrypt is used.
The native library (lib.x86_64/linux/libscrypt.so) works as expected.
The pure Java implementation throws java.lang.IllegalArgumentException: Empty key.
Steps to reproduce:
System.setProperty("com.lambdaworks.jni.loader", "nil");
boolean result = SCryptUtil.check("", "$s0$a0801$uk1+u+tylCxLj/l3I8smTA==$6SaqEZxC6fO89qGEjR25sYym+jXd6491g+1Ufa36sQw=");
assertTrue(result);
I suggest creating the following test case:
byte[] passwd = {};
byte[] salt = {1, 2, 3, 4};
byte[] n = SCrypt.scryptN(passwd, salt, 1024, 8, 1, 64);
byte[] j = SCrypt.scryptJ(passwd, salt, 1024, 8, 1, 64);
assertArrayEquals(j, n);
The method SCryptUtil#check produces a different result when the parameter
passwdis an empty string depending on whether the native library or pure Java implementation of scrypt is used.The native library (lib.x86_64/linux/libscrypt.so) works as expected.
The pure Java implementation throws
java.lang.IllegalArgumentException: Empty key.Steps to reproduce:
I suggest creating the following test case: