Fixed bug #13908: saltedpasswords: Enhance Unit Tests by testing passwords of various...
authorChristian Kuhn <lolli@schwarzbu.ch>
Mon, 19 Apr 2010 23:11:28 +0000 (23:11 +0000)
committerChristian Kuhn <lolli@schwarzbu.ch>
Mon, 19 Apr 2010 23:11:28 +0000 (23:11 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@7394 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_blowfish_testcase.php
typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_md5_testcase.php
typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_phpass_testcase.php

index 03b1c8a..6c8216c 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2010-04-20  Christian Kuhn  <lolli@schwarzbu.ch>
+
+       * Fixed bug #13908: saltedpasswords: Enhance Unit Tests by testing passwords of various character classes
+
 2010-04-19  Stanislas Rolland  <typo3@sjbr.ca>
 
        * Fixed bug #14153: htmlAreaRTE: Some Page TSConfig may break default hotkey assignments
index 7823b7e..6fe6ea9 100644 (file)
@@ -125,8 +125,8 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
                $this->skipTestIfBlowfishIsNotAvailable();
 
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
        }
 
        /**
@@ -142,8 +142,8 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
                $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
                $this->assertTrue($this->objectInstance->isValidSalt($salt));
 
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
        }
 
        /**
@@ -155,8 +155,8 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
                $password = 'password';
                $maxHashCount = $this->objectInstance->getMaxHashCount();
                $this->objectInstance->setHashCount($maxHashCount);
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }
@@ -170,21 +170,108 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
                $password = 'password';
                $minHashCount = $this->objectInstance->getMinHashCount();
                $this->objectInstance->setHashCount($minHashCount);
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }
 
        /**
+        * Tests authentication procedure with alphabet characters.
+        * 
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt. 
+        * 
         * @test
         */
-       public function authenticationWithValidPassword() {
+       public function authenticationWithValidAlphaCharClassPassword() {
                $this->skipTestIfBlowfishIsNotAvailable();
 
-               $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW));
+               $password = 'aEjOtY';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with numeric characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidNumericCharClassPassword() {
+               $this->skipTestIfBlowfishIsNotAvailable();
+
+               $password = '01369';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with US-ASCII special characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidAsciiSpecialCharClassPassword() {
+               $this->skipTestIfBlowfishIsNotAvailable();
+
+               $password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with latin1 special characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidLatin1SpecialCharClassPassword() {
+               $this->skipTestIfBlowfishIsNotAvailable();
+               
+               $password = '';
+               for ($i = 160; $i <= 191; $i++) {
+                       $password .= chr($i);
+               }
+               $password .= chr(215) . chr(247);
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with latin1 umlauts.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidLatin1UmlautCharClassPassword() {
+               $this->skipTestIfBlowfishIsNotAvailable();
+
+               $password = '';
+               for ($i = 192; $i <= 214; $i++) {
+                       $password .= chr($i);
+               }
+               for ($i = 216; $i <= 246; $i++) {
+                       $password .= chr($i);
+               }
+               for ($i = 248; $i <= 255; $i++) {
+                       $password .= chr($i);
+               }
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
        }
 
        /**
@@ -195,8 +282,8 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
 
                $password = 'password';
                $password1 = $password . 'INVALID';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
        }
 
        /**
@@ -209,13 +296,13 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
                $password = '';
                $criticalPwLength = 0;
                        // We're using a constant salt.
-               $saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
+               $saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
 
                for ($i = 0; $i <= 128; $i += 8) {
                        $password = str_repeat($pad, max($i, 1));
-                       $saltedHashPWPrevious = $saltedHashPWCurrent;
-                       $saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
-                       if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
+                       $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
+                       $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
+                       if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
                                $criticalPwLength = $i;
                                break;
                        }
@@ -267,8 +354,8 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
                $this->skipTestIfBlowfishIsNotAvailable();
 
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
        }
 
        /**
@@ -276,11 +363,11 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
         */
        public function updateNecessityForIncreasedHashcount() {
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
                $increasedHashCount = $this->objectInstance->getHashCount() + 1;
                $this->objectInstance->setMaxHashCount($increasedHashCount);
                $this->objectInstance->setHashCount($increasedHashCount);
-               $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
+               $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }
@@ -292,11 +379,11 @@ class tx_saltedpasswords_salts_blowfish_testcase extends tx_phpunit_testcase {
                $this->skipTestIfBlowfishIsNotAvailable();
 
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
                $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
                $this->objectInstance->setMinHashCount($decreasedHashCount);
                $this->objectInstance->setHashCount($decreasedHashCount);
-               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
+               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }
index 93a62b0..45b4e2b 100644 (file)
@@ -123,8 +123,8 @@ class tx_saltedpasswords_salts_md5_testcase extends tx_phpunit_testcase {
         */
        public function createdSaltedHashOfProperStructure() {
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW), $this->getWarningWhenMethodUnavailable());
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword), $this->getWarningWhenMethodUnavailable());
        }
 
        /**
@@ -138,17 +138,96 @@ class tx_saltedpasswords_salts_md5_testcase extends tx_phpunit_testcase {
                $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
                $this->assertTrue($this->objectInstance->isValidSalt($salt), $this->getWarningWhenMethodUnavailable());
 
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW), $this->getWarningWhenMethodUnavailable());
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword), $this->getWarningWhenMethodUnavailable());
        }
 
        /**
+        * Tests authentication procedure with alphabet characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
         * @test
         */
-       public function authenticationWithValidPassword() {
-               $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW), $this->getWarningWhenMethodUnavailable());
+       public function authenticationWithValidAlphaCharClassPassword() {
+               $password = 'aEjOtY';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
+       }
+
+       /**
+        * Tests authentication procedure with numeric characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidNumericCharClassPassword() {
+               $password = '01369';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
+       }
+
+       /**
+        * Tests authentication procedure with US-ASCII special characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidAsciiSpecialCharClassPassword() {
+               $password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
+       }
+
+       /**
+        * Tests authentication procedure with latin1 special characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidLatin1SpecialCharClassPassword() {
+               $password = '';
+               for ($i = 160; $i <= 191; $i++) {
+                       $password .= chr($i);
+               }
+               $password .= chr(215) . chr(247);
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
+       }
+
+       /**
+        * Tests authentication procedure with latin1 umlauts.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidLatin1UmlautCharClassPassword() {
+               $password = '';
+               for ($i = 192; $i <= 214; $i++) {
+                       $password .= chr($i);
+               }
+               for ($i = 216; $i <= 246; $i++) {
+                       $password .= chr($i);
+               }
+               for ($i = 248; $i <= 255; $i++) {
+                       $password .= chr($i);
+               }
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
        }
 
        /**
@@ -157,8 +236,8 @@ class tx_saltedpasswords_salts_md5_testcase extends tx_phpunit_testcase {
        public function authenticationWithNonValidPassword() {
                $password = 'password';
                $password1 = $password . 'INVALID';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW), $this->getWarningWhenMethodUnavailable());
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
        }
 
        /**
@@ -169,12 +248,12 @@ class tx_saltedpasswords_salts_md5_testcase extends tx_phpunit_testcase {
                $password = '';
                $criticalPwLength = 0;
                        // We're using a constant salt.
-               $saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
+               $saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
                for ($i = 0; $i <= 128; $i += 8) {
                        $password = str_repeat($pad, max($i, 1));
-                       $saltedHashPWPrevious = $saltedHashPWCurrent;
-                       $saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
-                       if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
+                       $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
+                       $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
+                       if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
                                $criticalPwLength = $i;
                                break;
                        }
@@ -187,8 +266,8 @@ class tx_saltedpasswords_salts_md5_testcase extends tx_phpunit_testcase {
         */
        public function noUpdateNecessityForMd5() {
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
        }
 }
 ?>
\ No newline at end of file
index 4468e23..9ae09ba 100644 (file)
@@ -110,8 +110,8 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
         */
        public function createdSaltedHashOfProperStructure() {
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
        }
 
        /**
@@ -125,8 +125,8 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
                $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
                $this->assertTrue($this->objectInstance->isValidSalt($salt));
 
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
        }
 
        /**
@@ -136,8 +136,8 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
                $password = 'password';
                $maxHashCount = $this->objectInstance->getMaxHashCount();
                $this->objectInstance->setHashCount($maxHashCount);
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }
@@ -149,19 +149,98 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
                $password = 'password';
                $minHashCount = $this->objectInstance->getMinHashCount();
                $this->objectInstance->setHashCount($minHashCount);
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }
 
        /**
+        * Tests authentication procedure with alphabet characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
         * @test
         */
-       public function authenticationWithValidPassword() {
-               $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW));
+       public function authenticationWithValidAlphaCharClassPassword() {
+               $password = 'aEjOtY';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with numeric characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidNumericCharClassPassword() {
+               $password = '01369';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with US-ASCII special characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidAsciiSpecialCharClassPassword() {
+               $password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with latin1 special characters.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidLatin1SpecialCharClassPassword() {
+               $password = '';
+               for ($i = 160; $i <= 191; $i++) {
+                       $password .= chr($i);
+               }
+               $password .= chr(215) . chr(247);
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
+       }
+
+       /**
+        * Tests authentication procedure with latin1 umlauts.
+        *
+        * Checks if a "plain-text password" is everytime mapped to the
+        * same "salted password hash" when using the same salt.
+        *
+        * @test
+        */
+       public function authenticationWithValidLatin1UmlautCharClassPassword() {
+               $password = '';
+               for ($i = 192; $i <= 214; $i++) {
+                       $password .= chr($i);
+               }
+               for ($i = 216; $i <= 246; $i++) {
+                       $password .= chr($i);
+               }
+               for ($i = 248; $i <= 255; $i++) {
+                       $password .= chr($i);
+               }
+
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
        }
 
        /**
@@ -170,8 +249,8 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
        public function authenticationWithNonValidPassword() {
                $password = 'password';
                $password1 = $password . 'INVALID';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
        }
 
        /**
@@ -182,13 +261,13 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
                $password = '';
                $criticalPwLength = 0;
                        // We're using a constant salt.
-               $saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
+               $saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
 
                for ($i = 0; $i <= 128; $i += 8) {
                        $password = str_repeat($pad, max($i, 1));
-                       $saltedHashPWPrevious = $saltedHashPWCurrent;
-                       $saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
-                       if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
+                       $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
+                       $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
+                       if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
                                $criticalPwLength = $i;
                                break;
                        }
@@ -238,8 +317,8 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
         */
        public function updateNecessityForValidSaltedPassword() {
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
-               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
+               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
        }
 
        /**
@@ -247,11 +326,11 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
         */
        public function updateNecessityForIncreasedHashcount() {
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
                $increasedHashCount = $this->objectInstance->getHashCount() + 1;
                $this->objectInstance->setMaxHashCount($increasedHashCount);
                $this->objectInstance->setHashCount($increasedHashCount);
-               $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
+               $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }
@@ -261,11 +340,11 @@ class tx_saltedpasswords_salts_phpass_testcase extends tx_phpunit_testcase {
         */
        public function updateNecessityForDecreasedHashcount() {
                $password = 'password';
-               $saltedHashPW = $this->objectInstance->getHashedPassword($password);
+               $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
                $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
                $this->objectInstance->setMinHashCount($decreasedHashCount);
                $this->objectInstance->setHashCount($decreasedHashCount);
-               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
+               $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
                        // reset hashcount
                $this->objectInstance->setHashCount(NULL);
        }