projects / Packages / TYPO3.CMS.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[TASK] Use name-resolution instead of strings where possible: 9
[Packages/TYPO3.CMS.git] / typo3 / sysext / saltedpasswords / Tests / Unit / Salt / PhpassSaltTest.php
1 <?php
2 namespace TYPO3\CMS\Saltedpasswords\Tests\Unit\Salt;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 /**
18 * Testcase for PhpassSalt
19 *
20 * @author Marcus Krause <marcus#exp2009@t3sec.info>
21 */
22 class PhpassSaltTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
23
24 /**
25 * Keeps instance of object to test.
26 *
27 * @var \TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt
28 */
29 protected $objectInstance = NULL;
30
31 /**
32 * Sets up the fixtures for this testcase.
33 *
34 * @return void
35 */
36 public function setUp() {
37 $this->objectInstance = $this->getMock(\TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::class, array('dummy'));
38 }
39
40 /**
41 * @test
42 */
43 public function hasCorrectBaseClass() {
44 $hasCorrectBaseClass = get_class($this->objectInstance) === \TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::class;
45 // XCLASS ?
46 if (!$hasCorrectBaseClass && FALSE != get_parent_class($this->objectInstance)) {
47 $hasCorrectBaseClass = is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::class);
48 }
49 $this->assertTrue($hasCorrectBaseClass);
50 }
51
52 /**
53 * @test
54 */
55 public function nonZeroSaltLength() {
56 $this->assertTrue($this->objectInstance->getSaltLength() > 0);
57 }
58
59 /**
60 * @test
61 */
62 public function emptyPasswordResultsInNullSaltedPassword() {
63 $password = '';
64 $this->assertNull($this->objectInstance->getHashedPassword($password));
65 }
66
67 /**
68 * @test
69 */
70 public function nonEmptyPasswordResultsInNonNullSaltedPassword() {
71 $password = 'a';
72 $this->assertNotNull($this->objectInstance->getHashedPassword($password));
73 }
74
75 /**
76 * @test
77 */
78 public function createdSaltedHashOfProperStructure() {
79 $password = 'password';
80 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
81 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
82 }
83
84 /**
85 * @test
86 */
87 public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting() {
88 $password = 'password';
89 // custom salt without setting
90 $randomBytes = \TYPO3\CMS\Core\Utility\GeneralUtility::generateRandomBytes($this->objectInstance->getSaltLength());
91 $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
92 $this->assertTrue($this->objectInstance->isValidSalt($salt));
93 $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
94 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
95 }
96
97 /**
98 * @test
99 */
100 public function createdSaltedHashOfProperStructureForMinimumHashCount() {
101 $password = 'password';
102 $minHashCount = $this->objectInstance->getMinHashCount();
103 $this->objectInstance->setHashCount($minHashCount);
104 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
105 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
106 // reset hashcount
107 $this->objectInstance->setHashCount(NULL);
108 }
109
110 /**
111 * Tests authentication procedure with alphabet characters.
112 *
113 * Checks if a "plain-text password" is every time mapped to the
114 * same "salted password hash" when using the same salt.
115 *
116 * @test
117 */
118 public function authenticationWithValidAlphaCharClassPassword() {
119 $password = 'aEjOtY';
120 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
121 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
122 }
123
124 /**
125 * Tests authentication procedure with numeric characters.
126 *
127 * Checks if a "plain-text password" is every time mapped to the
128 * same "salted password hash" when using the same salt.
129 *
130 * @test
131 */
132 public function authenticationWithValidNumericCharClassPassword() {
133 $password = '01369';
134 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
135 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
136 }
137
138 /**
139 * Tests authentication procedure with US-ASCII special characters.
140 *
141 * Checks if a "plain-text password" is every time mapped to the
142 * same "salted password hash" when using the same salt.
143 *
144 * @test
145 */
146 public function authenticationWithValidAsciiSpecialCharClassPassword() {
147 $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
148 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
149 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
150 }
151
152 /**
153 * Tests authentication procedure with latin1 special characters.
154 *
155 * Checks if a "plain-text password" is every time mapped to the
156 * same "salted password hash" when using the same salt.
157 *
158 * @test
159 */
160 public function authenticationWithValidLatin1SpecialCharClassPassword() {
161 $password = '';
162 for ($i = 160; $i <= 191; $i++) {
163 $password .= chr($i);
164 }
165 $password .= chr(215) . chr(247);
166 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
167 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
168 }
169
170 /**
171 * Tests authentication procedure with latin1 umlauts.
172 *
173 * Checks if a "plain-text password" is every time mapped to the
174 * same "salted password hash" when using the same salt.
175 *
176 * @test
177 */
178 public function authenticationWithValidLatin1UmlautCharClassPassword() {
179 $password = '';
180 for ($i = 192; $i <= 214; $i++) {
181 $password .= chr($i);
182 }
183 for ($i = 216; $i <= 246; $i++) {
184 $password .= chr($i);
185 }
186 for ($i = 248; $i <= 255; $i++) {
187 $password .= chr($i);
188 }
189 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
190 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
191 }
192
193 /**
194 * @test
195 */
196 public function authenticationWithNonValidPassword() {
197 $password = 'password';
198 $password1 = $password . 'INVALID';
199 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
200 $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
201 }
202
203 /**
204 * @test
205 */
206 public function passwordVariationsResultInDifferentHashes() {
207 $pad = 'a';
208 $criticalPwLength = 0;
209 // We're using a constant salt.
210 $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
211 for ($i = 0; $i <= 128; $i += 8) {
212 $password = str_repeat($pad, max($i, 1));
213 $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
214 $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
215 if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
216 $criticalPwLength = $i;
217 break;
218 }
219 }
220 $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
221 }
222
223 /**
224 * @test
225 */
226 public function modifiedMinHashCount() {
227 $minHashCount = $this->objectInstance->getMinHashCount();
228 $this->objectInstance->setMinHashCount($minHashCount - 1);
229 $this->assertTrue($this->objectInstance->getMinHashCount() < $minHashCount);
230 $this->objectInstance->setMinHashCount($minHashCount + 1);
231 $this->assertTrue($this->objectInstance->getMinHashCount() > $minHashCount);
232 }
233
234 /**
235 * @test
236 */
237 public function modifiedMaxHashCount() {
238 $maxHashCount = $this->objectInstance->getMaxHashCount();
239 $this->objectInstance->setMaxHashCount($maxHashCount + 1);
240 $this->assertTrue($this->objectInstance->getMaxHashCount() > $maxHashCount);
241 $this->objectInstance->setMaxHashCount($maxHashCount - 1);
242 $this->assertTrue($this->objectInstance->getMaxHashCount() < $maxHashCount);
243 }
244
245 /**
246 * @test
247 */
248 public function modifiedHashCount() {
249 $hashCount = $this->objectInstance->getHashCount();
250 $this->objectInstance->setMaxHashCount($hashCount + 1);
251 $this->objectInstance->setHashCount($hashCount + 1);
252 $this->assertTrue($this->objectInstance->getHashCount() > $hashCount);
253 $this->objectInstance->setMinHashCount($hashCount - 1);
254 $this->objectInstance->setHashCount($hashCount - 1);
255 $this->assertTrue($this->objectInstance->getHashCount() < $hashCount);
256 // reset hashcount
257 $this->objectInstance->setHashCount(NULL);
258 }
259
260 /**
261 * @test
262 */
263 public function updateNecessityForValidSaltedPassword() {
264 $password = 'password';
265 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
266 $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
267 }
268
269 /**
270 * @test
271 */
272 public function updateNecessityForIncreasedHashcount() {
273 $password = 'password';
274 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
275 $increasedHashCount = $this->objectInstance->getHashCount() + 1;
276 $this->objectInstance->setMaxHashCount($increasedHashCount);
277 $this->objectInstance->setHashCount($increasedHashCount);
278 $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
279 // reset hashcount
280 $this->objectInstance->setHashCount(NULL);
281 }
282
283 /**
284 * @test
285 */
286 public function updateNecessityForDecreasedHashcount() {
287 $password = 'password';
288 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
289 $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
290 $this->objectInstance->setMinHashCount($decreasedHashCount);
291 $this->objectInstance->setHashCount($decreasedHashCount);
292 $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
293 // reset hashcount
294 $this->objectInstance->setHashCount(NULL);
295 }
296
297 }
TYPO3 CMS Core Development