[TASK] Use new instead of makeInstance in unit tests
[Packages/TYPO3.CMS.git] / typo3 / sysext / saltedpasswords / Tests / Unit / Salt / BlowfishSaltTest.php
1 <?php
2 namespace TYPO3\CMS\Saltedpasswords\Tests\Unit\Salt;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Crypto\Random;
18
19 /**
20 * Testcase for BlowfishSalt
21 */
22 class BlowfishSaltTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
23 {
24 /**
25 * Keeps instance of object to test.
26 *
27 * @var \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt
28 */
29 protected $objectInstance = null;
30
31 /**
32 * Sets up the fixtures for this testcase.
33 *
34 * @return void
35 */
36 protected function setUp()
37 {
38 $this->objectInstance = $this->getMockBuilder(\TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class)
39 ->setMethods(array('dummy'))
40 ->getMock();
41 }
42
43 /**
44 * Marks tests as skipped if the blowfish method is not available.
45 *
46 * @return void
47 */
48 protected function skipTestIfBlowfishIsNotAvailable()
49 {
50 if (!CRYPT_BLOWFISH) {
51 $this->markTestSkipped('Blowfish is not supported on your platform.');
52 }
53 }
54
55 /**
56 * @test
57 */
58 public function hasCorrectBaseClass()
59 {
60 $hasCorrectBaseClass = get_class($this->objectInstance) === \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class;
61 // XCLASS ?
62 if (!$hasCorrectBaseClass && false != get_parent_class($this->objectInstance)) {
63 $hasCorrectBaseClass = is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class);
64 }
65 $this->assertTrue($hasCorrectBaseClass);
66 }
67
68 /**
69 * @test
70 */
71 public function nonZeroSaltLength()
72 {
73 $this->assertTrue($this->objectInstance->getSaltLength() > 0);
74 }
75
76 /**
77 * @test
78 */
79 public function emptyPasswordResultsInNullSaltedPassword()
80 {
81 $password = '';
82 $this->assertNull($this->objectInstance->getHashedPassword($password));
83 }
84
85 /**
86 * @test
87 */
88 public function nonEmptyPasswordResultsInNonNullSaltedPassword()
89 {
90 $this->skipTestIfBlowfishIsNotAvailable();
91 $password = 'a';
92 $this->assertNotNull($this->objectInstance->getHashedPassword($password));
93 }
94
95 /**
96 * @test
97 */
98 public function createdSaltedHashOfProperStructure()
99 {
100 $this->skipTestIfBlowfishIsNotAvailable();
101 $password = 'password';
102 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
103 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
104 }
105
106 /**
107 * @test
108 */
109 public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting()
110 {
111 $this->skipTestIfBlowfishIsNotAvailable();
112 $password = 'password';
113 // custom salt without setting
114 $randomBytes = (new Random())->generateRandomBytes($this->objectInstance->getSaltLength());
115 $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
116 $this->assertTrue($this->objectInstance->isValidSalt($salt));
117 $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
118 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
119 }
120
121 /**
122 * @test
123 */
124 public function createdSaltedHashOfProperStructureForMinimumHashCount()
125 {
126 $this->skipTestIfBlowfishIsNotAvailable();
127 $password = 'password';
128 $minHashCount = $this->objectInstance->getMinHashCount();
129 $this->objectInstance->setHashCount($minHashCount);
130 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
131 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
132 // reset hashcount
133 $this->objectInstance->setHashCount(null);
134 }
135
136 /**
137 * Tests authentication procedure with alphabet characters.
138 *
139 * Checks if a "plain-text password" is every time mapped to the
140 * same "salted password hash" when using the same salt.
141 *
142 * @test
143 */
144 public function authenticationWithValidAlphaCharClassPassword()
145 {
146 $this->skipTestIfBlowfishIsNotAvailable();
147 $password = 'aEjOtY';
148 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
149 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
150 }
151
152 /**
153 * Tests authentication procedure with numeric characters.
154 *
155 * Checks if a "plain-text password" is every time mapped to the
156 * same "salted password hash" when using the same salt.
157 *
158 * @test
159 */
160 public function authenticationWithValidNumericCharClassPassword()
161 {
162 $this->skipTestIfBlowfishIsNotAvailable();
163 $password = '01369';
164 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
165 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
166 }
167
168 /**
169 * Tests authentication procedure with US-ASCII special characters.
170 *
171 * Checks if a "plain-text password" is every time mapped to the
172 * same "salted password hash" when using the same salt.
173 *
174 * @test
175 */
176 public function authenticationWithValidAsciiSpecialCharClassPassword()
177 {
178 $this->skipTestIfBlowfishIsNotAvailable();
179 $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
180 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
181 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
182 }
183
184 /**
185 * Tests authentication procedure with latin1 special characters.
186 *
187 * Checks if a "plain-text password" is every time mapped to the
188 * same "salted password hash" when using the same salt.
189 *
190 * @test
191 */
192 public function authenticationWithValidLatin1SpecialCharClassPassword()
193 {
194 $this->skipTestIfBlowfishIsNotAvailable();
195 $password = '';
196 for ($i = 160; $i <= 191; $i++) {
197 $password .= chr($i);
198 }
199 $password .= chr(215) . chr(247);
200 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
201 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
202 }
203
204 /**
205 * Tests authentication procedure with latin1 umlauts.
206 *
207 * Checks if a "plain-text password" is every time mapped to the
208 * same "salted password hash" when using the same salt.
209 *
210 * @test
211 */
212 public function authenticationWithValidLatin1UmlautCharClassPassword()
213 {
214 $this->skipTestIfBlowfishIsNotAvailable();
215 $password = '';
216 for ($i = 192; $i <= 214; $i++) {
217 $password .= chr($i);
218 }
219 for ($i = 216; $i <= 246; $i++) {
220 $password .= chr($i);
221 }
222 for ($i = 248; $i <= 255; $i++) {
223 $password .= chr($i);
224 }
225 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
226 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
227 }
228
229 /**
230 * @test
231 */
232 public function authenticationWithNonValidPassword()
233 {
234 $this->skipTestIfBlowfishIsNotAvailable();
235 $password = 'password';
236 $password1 = $password . 'INVALID';
237 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
238 $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
239 }
240
241 /**
242 * @test
243 */
244 public function passwordVariationsResultInDifferentHashes()
245 {
246 $this->skipTestIfBlowfishIsNotAvailable();
247 $pad = 'a';
248 $password = '';
249 $criticalPwLength = 0;
250 // We're using a constant salt.
251 $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
252 for ($i = 0; $i <= 128; $i += 8) {
253 $password = str_repeat($pad, max($i, 1));
254 $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
255 $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
256 if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
257 $criticalPwLength = $i;
258 break;
259 }
260 }
261 $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
262 }
263
264 /**
265 * @test
266 */
267 public function modifiedMinHashCount()
268 {
269 $minHashCount = $this->objectInstance->getMinHashCount();
270 $this->objectInstance->setMinHashCount($minHashCount - 1);
271 $this->assertTrue($this->objectInstance->getMinHashCount() < $minHashCount);
272 $this->objectInstance->setMinHashCount($minHashCount + 1);
273 $this->assertTrue($this->objectInstance->getMinHashCount() > $minHashCount);
274 }
275
276 /**
277 * @test
278 */
279 public function modifiedMaxHashCount()
280 {
281 $maxHashCount = $this->objectInstance->getMaxHashCount();
282 $this->objectInstance->setMaxHashCount($maxHashCount + 1);
283 $this->assertTrue($this->objectInstance->getMaxHashCount() > $maxHashCount);
284 $this->objectInstance->setMaxHashCount($maxHashCount - 1);
285 $this->assertTrue($this->objectInstance->getMaxHashCount() < $maxHashCount);
286 }
287
288 /**
289 * @test
290 */
291 public function modifiedHashCount()
292 {
293 $hashCount = $this->objectInstance->getHashCount();
294 $this->objectInstance->setMaxHashCount($hashCount + 1);
295 $this->objectInstance->setHashCount($hashCount + 1);
296 $this->assertTrue($this->objectInstance->getHashCount() > $hashCount);
297 $this->objectInstance->setMinHashCount($hashCount - 1);
298 $this->objectInstance->setHashCount($hashCount - 1);
299 $this->assertTrue($this->objectInstance->getHashCount() < $hashCount);
300 // reset hashcount
301 $this->objectInstance->setHashCount(null);
302 }
303
304 /**
305 * @test
306 */
307 public function updateNecessityForValidSaltedPassword()
308 {
309 $this->skipTestIfBlowfishIsNotAvailable();
310 $password = 'password';
311 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
312 $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
313 }
314
315 /**
316 * @test
317 */
318 public function updateNecessityForIncreasedHashcount()
319 {
320 $password = 'password';
321 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
322 $increasedHashCount = $this->objectInstance->getHashCount() + 1;
323 $this->objectInstance->setMaxHashCount($increasedHashCount);
324 $this->objectInstance->setHashCount($increasedHashCount);
325 $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
326 // reset hashcount
327 $this->objectInstance->setHashCount(null);
328 }
329
330 /**
331 * @test
332 */
333 public function updateNecessityForDecreasedHashcount()
334 {
335 $this->skipTestIfBlowfishIsNotAvailable();
336 $password = 'password';
337 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
338 $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
339 $this->objectInstance->setMinHashCount($decreasedHashCount);
340 $this->objectInstance->setHashCount($decreasedHashCount);
341 $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
342 // reset hashcount
343 $this->objectInstance->setHashCount(null);
344 }
345 }