Bug #22323 » 13908_3.diff
| typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_blowfish_testcase.php (working copy) | ||
|---|---|---|
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
|
||
|
$this->assertTrue($this->objectInstance->isValidSalt($salt));
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$password = 'password';
|
||
|
$maxHashCount = $this->objectInstance->getMaxHashCount();
|
||
|
$this->objectInstance->setHashCount($maxHashCount);
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
| ... | ... | |
|
$password = 'password';
|
||
|
$minHashCount = $this->objectInstance->getMinHashCount();
|
||
|
$this->objectInstance->setHashCount($minHashCount);
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with alphabet characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidPassword() {
|
||
|
public function authenticationWithValidAlphaCharClassPassword() {
|
||
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW));
|
||
|
$password = 'aEjOtY';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with numeric characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidNumericCharClassPassword() {
|
||
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = '01369';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with US-ASCII special characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidAsciiSpecialCharClassPassword() {
|
||
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with latin1 special characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidLatin1SpecialCharClassPassword() {
|
||
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
|
||
|
$password = '';
|
||
|
for ($i = 160; $i <= 191; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
$password .= chr(215) . chr(247);
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with latin1 umlauts.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidLatin1UmlautCharClassPassword() {
|
||
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = '';
|
||
|
for ($i = 192; $i <= 214; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
for ($i = 216; $i <= 246; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
for ($i = 248; $i <= 255; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithNonValidPassword() {
|
||
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = 'password';
|
||
|
$password1 = $password . 'INVALID';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$password = '';
|
||
|
$criticalPwLength = 0;
|
||
|
// We're using a constant salt.
|
||
|
$saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
|
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
|
for ($i = 0; $i <= 128; $i += 8) {
|
||
|
$password = str_repeat($pad, max($i, 1));
|
||
|
$saltedHashPWPrevious = $saltedHashPWCurrent;
|
||
|
$saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
|
||
|
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
|
||
|
$saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
|
||
|
$criticalPwLength = $i;
|
||
|
break;
|
||
|
}
|
||
| ... | ... | |
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
*/
|
||
|
public function updateNecessityForIncreasedHashcount() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$increasedHashCount = $this->objectInstance->getHashCount() + 1;
|
||
|
$this->objectInstance->setMaxHashCount($increasedHashCount);
|
||
|
$this->objectInstance->setHashCount($increasedHashCount);
|
||
|
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
|
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
| ... | ... | |
|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$decreasedHashCount = $this->objectInstance->getHashCount() - 1;
|
||
|
$this->objectInstance->setMinHashCount($decreasedHashCount);
|
||
|
$this->objectInstance->setHashCount($decreasedHashCount);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
| typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_phpass_testcase.php (working copy) | ||
|---|---|---|
|
*/
|
||
|
public function createdSaltedHashOfProperStructure() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
|
||
|
$this->assertTrue($this->objectInstance->isValidSalt($salt));
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$password = 'password';
|
||
|
$maxHashCount = $this->objectInstance->getMaxHashCount();
|
||
|
$this->objectInstance->setHashCount($maxHashCount);
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
| ... | ... | |
|
$password = 'password';
|
||
|
$minHashCount = $this->objectInstance->getMinHashCount();
|
||
|
$this->objectInstance->setHashCount($minHashCount);
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with alphabet characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidPassword() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW));
|
||
|
public function authenticationWithValidAlphaCharClassPassword() {
|
||
|
$password = 'aEjOtY';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with numeric characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidNumericCharClassPassword() {
|
||
|
$password = '01369';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with US-ASCII special characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidAsciiSpecialCharClassPassword() {
|
||
|
$password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with latin1 special characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidLatin1SpecialCharClassPassword() {
|
||
|
$password = '';
|
||
|
for ($i = 160; $i <= 191; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
$password .= chr(215) . chr(247);
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with latin1 umlauts.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidLatin1UmlautCharClassPassword() {
|
||
|
$password = '';
|
||
|
for ($i = 192; $i <= 214; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
for ($i = 216; $i <= 246; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
for ($i = 248; $i <= 255; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithNonValidPassword() {
|
||
|
$password = 'password';
|
||
|
$password1 = $password . 'INVALID';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$password = '';
|
||
|
$criticalPwLength = 0;
|
||
|
// We're using a constant salt.
|
||
|
$saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
|
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
|
for ($i = 0; $i <= 128; $i += 8) {
|
||
|
$password = str_repeat($pad, max($i, 1));
|
||
|
$saltedHashPWPrevious = $saltedHashPWCurrent;
|
||
|
$saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
|
||
|
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
|
||
|
$saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
|
||
|
$criticalPwLength = $i;
|
||
|
break;
|
||
|
}
|
||
| ... | ... | |
|
*/
|
||
|
public function updateNecessityForValidSaltedPassword() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
*/
|
||
|
public function updateNecessityForIncreasedHashcount() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$increasedHashCount = $this->objectInstance->getHashCount() + 1;
|
||
|
$this->objectInstance->setMaxHashCount($increasedHashCount);
|
||
|
$this->objectInstance->setHashCount($increasedHashCount);
|
||
|
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
|
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
| ... | ... | |
|
*/
|
||
|
public function updateNecessityForDecreasedHashcount() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$decreasedHashCount = $this->objectInstance->getHashCount() - 1;
|
||
|
$this->objectInstance->setMinHashCount($decreasedHashCount);
|
||
|
$this->objectInstance->setHashCount($decreasedHashCount);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
|
// reset hashcount
|
||
|
$this->objectInstance->setHashCount(NULL);
|
||
|
}
|
||
| typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_md5_testcase.php (working copy) | ||
|---|---|---|
|
*/
|
||
|
public function createdSaltedHashOfProperStructure() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
|
||
|
$this->assertTrue($this->objectInstance->isValidSalt($salt), $this->getWarningWhenMethodUnavailable());
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with alphabet characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidPassword() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
|
public function authenticationWithValidAlphaCharClassPassword() {
|
||
|
$password = 'aEjOtY';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with numeric characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidNumericCharClassPassword() {
|
||
|
$password = '01369';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with US-ASCII special characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidAsciiSpecialCharClassPassword() {
|
||
|
$password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with latin1 special characters.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidLatin1SpecialCharClassPassword() {
|
||
|
$password = '';
|
||
|
for ($i = 160; $i <= 191; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
$password .= chr(215) . chr(247);
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
|
* Tests authentication procedure with latin1 umlauts.
|
||
|
*
|
||
|
* Checks if a "plain-text password" is everytime mapped to the
|
||
|
* same "salted password hash" when using the same salt.
|
||
|
*
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithValidLatin1UmlautCharClassPassword() {
|
||
|
$password = '';
|
||
|
for ($i = 192; $i <= 214; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
for ($i = 216; $i <= 246; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
for ($i = 248; $i <= 255; $i++) {
|
||
|
$password .= chr($i);
|
||
|
}
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
|
* @test
|
||
|
*/
|
||
|
public function authenticationWithNonValidPassword() {
|
||
|
$password = 'password';
|
||
|
$password1 = $password . 'INVALID';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
|
}
|
||
|
/**
|
||
| ... | ... | |
|
$password = '';
|
||
|
$criticalPwLength = 0;
|
||
|
// We're using a constant salt.
|
||
|
$saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
|
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
|
for ($i = 0; $i <= 128; $i += 8) {
|
||
|
$password = str_repeat($pad, max($i, 1));
|
||
|
$saltedHashPWPrevious = $saltedHashPWCurrent;
|
||
|
$saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
|
||
|
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
|
||
|
$saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
|
if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
|
||
|
$criticalPwLength = $i;
|
||
|
break;
|
||
|
}
|
||
| ... | ... | |
|
*/
|
||
|
public function noUpdateNecessityForMd5() {
|
||
|
$password = 'password';
|
||
|
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
|
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
|
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
|
}
|
||
|
}
|
||
|
?>
|
||
- « Previous
- 1
- 2
- 3
- 4
- Next »