[SECURITY] Explicitly deny object deserialization
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / Tests / Unit / Backend / CommandLineBackendTest.php
1 <?php
2 declare(strict_types = 1);
3
4 namespace TYPO3\CMS\Rsaauth\Tests\Unit\Backend;
5
6 /*
7 * This file is part of the TYPO3 CMS project.
8 *
9 * It is free software; you can redistribute it and/or modify it under
10 * the terms of the GNU General Public License, either version 2
11 * of the License, or any later version.
12 *
13 * For the full copyright and license information, please read the
14 * LICENSE.txt file that was distributed with this source code.
15 *
16 * The TYPO3 project - inspiring people to share!
17 */
18
19 use TYPO3\CMS\Core\Core\Environment;
20 use TYPO3\CMS\Rsaauth\Backend\CommandLineBackend;
21 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
22
23 /**
24 * Test case
25 */
26 class CommandLineBackendTest extends UnitTestCase
27 {
28 /**
29 * @var bool Reset singletons created by subject
30 */
31 protected $resetSingletonInstances = true;
32
33 /**
34 * Set up
35 */
36 protected function setUp()
37 {
38 $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['rsaauth']['temporaryDirectory'] = '';
39 }
40
41 /**
42 * @test
43 */
44 public function createNewKeyPairCreatesReadyKeyPair()
45 {
46 $this->skipIfWindows();
47 $subject = new CommandLineBackend();
48 $keyPair = $subject->createNewKeyPair();
49 if ($keyPair === null) {
50 $this->markTestSkipped('KeyPair could not be generated. Maybe openssl was not found.');
51 }
52
53 $this->assertTrue($keyPair->isReady());
54 }
55
56 /**
57 * @test
58 */
59 public function createNewKeyPairCreatesKeyPairWithDefaultExponent()
60 {
61 $this->skipIfWindows();
62 $subject = new CommandLineBackend();
63 $keyPair = $subject->createNewKeyPair();
64 if ($keyPair === null) {
65 $this->markTestSkipped('KeyPair could not be generated. Maybe openssl was not found.');
66 }
67
68 $this->assertSame(
69 CommandLineBackend::DEFAULT_EXPONENT,
70 $keyPair->getExponent()
71 );
72 }
73
74 /**
75 * @test
76 */
77 public function createNewKeyPairCalledTwoTimesReturnsSameKeyPairInstance()
78 {
79 $this->skipIfWindows();
80 $subject = new CommandLineBackend();
81 $this->assertSame(
82 $subject->createNewKeyPair(),
83 $subject->createNewKeyPair()
84 );
85 }
86
87 /**
88 * @test
89 */
90 public function doesNotAllowUnserialization(): void
91 {
92 $this->expectException(\RuntimeException::class);
93 $this->expectExceptionCode(1531336156);
94
95 $subject = new CommandLineBackend();
96 $serialized = serialize($subject);
97 unserialize($serialized);
98 }
99
100 /**
101 * @test
102 */
103 public function unsetsPathsOnUnserialization(): void
104 {
105 try {
106 $subject = $this->getAccessibleMock(CommandLineBackend::class);
107 $subject->_set('opensslPath', 'foo');
108 $subject->_set('temporaryDirectory', 'foo');
109 $serialized = serialize($subject);
110 unserialize($serialized);
111 } catch (\RuntimeException $e) {
112 $this->assertNull($subject->_get('opensslPath'));
113 $this->assertNull($subject->_get('temporaryDirectory'));
114 }
115 }
116
117 protected function skipIfWindows(): void
118 {
119 if (Environment::isWindows()) {
120 $this->markTestSkipped(
121 'This test is not available on Windows as auto-detection of openssl path will fail.'
122 );
123 }
124 }
125 }