firebase · rsgowman · Nov 5, 2019 · Nov 1, 2019 · Nov 1, 2019 · rsgowman
diff --git a/src/main/java/com/google/firebase/auth/hash/Md5.java b/src/main/java/com/google/firebase/auth/hash/Md5.java
@@ -23,7 +23,7 @@
 public class Md5 extends RepeatableHash {
 
   private Md5(Builder builder) {
-    super("MD5", 0, 120000, builder);
+    super("MD5", 0, 8192, builder);
   }
 
   public static Builder builder() {

diff --git a/src/main/java/com/google/firebase/auth/hash/Sha1.java b/src/main/java/com/google/firebase/auth/hash/Sha1.java
@@ -23,7 +23,7 @@
 public class Sha1 extends RepeatableHash {
 
   private Sha1(Builder builder) {
-    super("SHA1", 0, 120000, builder);
+    super("SHA1", 1, 8192, builder);
   }
 
   public static Builder builder() {

diff --git a/src/main/java/com/google/firebase/auth/hash/Sha256.java b/src/main/java/com/google/firebase/auth/hash/Sha256.java
@@ -23,7 +23,7 @@
 public class Sha256 extends RepeatableHash {
 
   private Sha256(Builder builder) {
-    super("SHA256", 0, 120000, builder);
+    super("SHA256", 1, 8192, builder);
   }
 
   public static Builder builder() {

diff --git a/src/main/java/com/google/firebase/auth/hash/Sha512.java b/src/main/java/com/google/firebase/auth/hash/Sha512.java
@@ -23,7 +23,7 @@
 public class Sha512 extends RepeatableHash {
 
   private Sha512(Builder builder) {
-    super("SHA512", 0, 120000, builder);
+    super("SHA512", 1, 8192, builder);
   }
 
   public static Builder builder() {

diff --git a/src/test/java/com/google/firebase/auth/UserImportHashTest.java b/src/test/java/com/google/firebase/auth/UserImportHashTest.java
@@ -17,6 +17,7 @@
 package com.google.firebase.auth;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.fail;
 
 import com.google.common.collect.ImmutableMap;
 import com.google.common.io.BaseEncoding;
@@ -145,6 +146,91 @@ public void testBasicHash() {
     }
   }
 
+  private void assertBuilderThrowsIllegalArgumentException(Md5.Builder builder) {
+    try {
+      builder.build();
+      fail("Expected IllegalArgumentException to be thrown but no expecption occurred.");
+    } catch (IllegalArgumentException expected) {
+    }
+  }
+
+  private void assertBuilderThrowsIllegalArgumentException(Sha1.Builder builder) {
+    try {
+      builder.build();
+      fail("Expected IllegalArgumentException to be thrown but no expecption occurred.");
+    } catch (IllegalArgumentException expected) {
+    }
+  }
+
+  private void assertBuilderThrowsIllegalArgumentException(Sha256.Builder builder) {
+    try {
+      builder.build();
+      fail("Expected IllegalArgumentException to be thrown but no expecption occurred.");
+    } catch (IllegalArgumentException expected) {
+    }
+  }
+
+  private void assertBuilderThrowsIllegalArgumentException(Sha512.Builder builder) {
+    try {
+      builder.build();
+      fail("Expected IllegalArgumentException to be thrown but no expecption occurred.");
+    } catch (IllegalArgumentException expected) {
+    }
+  }
+
+  private void assertBuilderThrowsIllegalArgumentException(PbkdfSha1.Builder builder) {
+    try {
+      builder.build();
+      fail("Expected IllegalArgumentException to be thrown but no expecption occurred.");
+    } catch (IllegalArgumentException expected) {
+    }
+  }
+
+  private void assertBuilderThrowsIllegalArgumentException(Pbkdf2Sha256.Builder builder) {
+    try {
+      builder.build();
+      fail("Expected IllegalArgumentException to be thrown but no expecption occurred.");
+    } catch (IllegalArgumentException expected) {
+    }
+  }
+
+  @Test
+  public void testInvalidHashRounds() {
+    // TODO(rsgowman): Once we can update to Java8, we could just do something like this instead of
+    // having all of the helpers:
+    //     assertThrows(IllegalArgumentException.class, ()-> Md5.builder().setRounds(-1).build());
+    //
+
+    assertBuilderThrowsIllegalArgumentException(Md5.builder().setRounds(-1));
+    assertBuilderThrowsIllegalArgumentException(Md5.builder().setRounds(8193));
+    assertBuilderThrowsIllegalArgumentException(Sha1.builder().setRounds(0));
+    assertBuilderThrowsIllegalArgumentException(Sha1.builder().setRounds(8193));
+    assertBuilderThrowsIllegalArgumentException(Sha256.builder().setRounds(0));
+    assertBuilderThrowsIllegalArgumentException(Sha256.builder().setRounds(8193));
+    assertBuilderThrowsIllegalArgumentException(Sha512.builder().setRounds(0));
+    assertBuilderThrowsIllegalArgumentException(Sha512.builder().setRounds(8193));
+    assertBuilderThrowsIllegalArgumentException(PbkdfSha1.builder().setRounds(-1));
+    assertBuilderThrowsIllegalArgumentException(PbkdfSha1.builder().setRounds(120001));
+    assertBuilderThrowsIllegalArgumentException(Pbkdf2Sha256.builder().setRounds(-1));
+    assertBuilderThrowsIllegalArgumentException(Pbkdf2Sha256.builder().setRounds(120001));
+  }
+
+  @Test
+  public void testValidHashRounds() {
+    Md5.builder().setRounds(0).build();
+    Md5.builder().setRounds(8192).build();
+    Sha1.builder().setRounds(1).build();
+    Sha1.builder().setRounds(8192).build();
+    Sha256.builder().setRounds(1).build();
+    Sha256.builder().setRounds(8192).build();
+    Sha512.builder().setRounds(1).build();
+    Sha512.builder().setRounds(8192).build();
+    PbkdfSha1.builder().setRounds(0).build();
+    PbkdfSha1.builder().setRounds(120000).build();
+    Pbkdf2Sha256.builder().setRounds(0).build();
+    Pbkdf2Sha256.builder().setRounds(120000).build();
+  }
+
   @Test
   public void testBcryptHash() {
     UserImportHash bcrypt = Bcrypt.getInstance();