Bug #22323 » 13908_3.diff
typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_blowfish_testcase.php (working copy) | ||
---|---|---|
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
$salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
|
||
$this->assertTrue($this->objectInstance->isValidSalt($salt));
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
$password = 'password';
|
||
$maxHashCount = $this->objectInstance->getMaxHashCount();
|
||
$this->objectInstance->setHashCount($maxHashCount);
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
||
... | ... | |
$password = 'password';
|
||
$minHashCount = $this->objectInstance->getMinHashCount();
|
||
$this->objectInstance->setHashCount($minHashCount);
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
||
/**
|
||
* Tests authentication procedure with alphabet characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidPassword() {
|
||
public function authenticationWithValidAlphaCharClassPassword() {
|
||
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW));
|
||
$password = 'aEjOtY';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with numeric characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidNumericCharClassPassword() {
|
||
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = '01369';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with US-ASCII special characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidAsciiSpecialCharClassPassword() {
|
||
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with latin1 special characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidLatin1SpecialCharClassPassword() {
|
||
$this->skipTestIfBlowfishIsNotAvailable();
|
||
|
||
$password = '';
|
||
for ($i = 160; $i <= 191; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
$password .= chr(215) . chr(247);
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with latin1 umlauts.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidLatin1UmlautCharClassPassword() {
|
||
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = '';
|
||
for ($i = 192; $i <= 214; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
for ($i = 216; $i <= 246; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
for ($i = 248; $i <= 255; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function authenticationWithNonValidPassword() {
|
||
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = 'password';
|
||
$password1 = $password . 'INVALID';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
$password = '';
|
||
$criticalPwLength = 0;
|
||
// We're using a constant salt.
|
||
$saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
for ($i = 0; $i <= 128; $i += 8) {
|
||
$password = str_repeat($pad, max($i, 1));
|
||
$saltedHashPWPrevious = $saltedHashPWCurrent;
|
||
$saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
|
||
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
|
||
$saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
|
||
$criticalPwLength = $i;
|
||
break;
|
||
}
|
||
... | ... | |
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
*/
|
||
public function updateNecessityForIncreasedHashcount() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$increasedHashCount = $this->objectInstance->getHashCount() + 1;
|
||
$this->objectInstance->setMaxHashCount($increasedHashCount);
|
||
$this->objectInstance->setHashCount($increasedHashCount);
|
||
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
||
... | ... | |
$this->skipTestIfBlowfishIsNotAvailable();
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$decreasedHashCount = $this->objectInstance->getHashCount() - 1;
|
||
$this->objectInstance->setMinHashCount($decreasedHashCount);
|
||
$this->objectInstance->setHashCount($decreasedHashCount);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_phpass_testcase.php (working copy) | ||
---|---|---|
*/
|
||
public function createdSaltedHashOfProperStructure() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
$salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
|
||
$this->assertTrue($this->objectInstance->isValidSalt($salt));
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
$password = 'password';
|
||
$maxHashCount = $this->objectInstance->getMaxHashCount();
|
||
$this->objectInstance->setHashCount($maxHashCount);
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
||
... | ... | |
$password = 'password';
|
||
$minHashCount = $this->objectInstance->getMinHashCount();
|
||
$this->objectInstance->setHashCount($minHashCount);
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
||
/**
|
||
* Tests authentication procedure with alphabet characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidPassword() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW));
|
||
public function authenticationWithValidAlphaCharClassPassword() {
|
||
$password = 'aEjOtY';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with numeric characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidNumericCharClassPassword() {
|
||
$password = '01369';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with US-ASCII special characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidAsciiSpecialCharClassPassword() {
|
||
$password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with latin1 special characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidLatin1SpecialCharClassPassword() {
|
||
$password = '';
|
||
for ($i = 160; $i <= 191; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
$password .= chr(215) . chr(247);
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* Tests authentication procedure with latin1 umlauts.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidLatin1UmlautCharClassPassword() {
|
||
$password = '';
|
||
for ($i = 192; $i <= 214; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
for ($i = 216; $i <= 246; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
for ($i = 248; $i <= 255; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function authenticationWithNonValidPassword() {
|
||
$password = 'password';
|
||
$password1 = $password . 'INVALID';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
$password = '';
|
||
$criticalPwLength = 0;
|
||
// We're using a constant salt.
|
||
$saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
for ($i = 0; $i <= 128; $i += 8) {
|
||
$password = str_repeat($pad, max($i, 1));
|
||
$saltedHashPWPrevious = $saltedHashPWCurrent;
|
||
$saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
|
||
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
|
||
$saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
|
||
$criticalPwLength = $i;
|
||
break;
|
||
}
|
||
... | ... | |
*/
|
||
public function updateNecessityForValidSaltedPassword() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
}
|
||
/**
|
||
... | ... | |
*/
|
||
public function updateNecessityForIncreasedHashcount() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$increasedHashCount = $this->objectInstance->getHashCount() + 1;
|
||
$this->objectInstance->setMaxHashCount($increasedHashCount);
|
||
$this->objectInstance->setHashCount($increasedHashCount);
|
||
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
$this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
||
... | ... | |
*/
|
||
public function updateNecessityForDecreasedHashcount() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$decreasedHashCount = $this->objectInstance->getHashCount() - 1;
|
||
$this->objectInstance->setMinHashCount($decreasedHashCount);
|
||
$this->objectInstance->setHashCount($decreasedHashCount);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
// reset hashcount
|
||
$this->objectInstance->setHashCount(NULL);
|
||
}
|
typo3/sysext/saltedpasswords/tests/tx_saltedpasswords_salts_md5_testcase.php (working copy) | ||
---|---|---|
*/
|
||
public function createdSaltedHashOfProperStructure() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
... | ... | |
$salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
|
||
$this->assertTrue($this->objectInstance->isValidSalt($salt), $this->getWarningWhenMethodUnavailable());
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password, $salt);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
|
||
$this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
* Tests authentication procedure with alphabet characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidPassword() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
public function authenticationWithValidAlphaCharClassPassword() {
|
||
$password = 'aEjOtY';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
* Tests authentication procedure with numeric characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidNumericCharClassPassword() {
|
||
$password = '01369';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
* Tests authentication procedure with US-ASCII special characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidAsciiSpecialCharClassPassword() {
|
||
$password = ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
* Tests authentication procedure with latin1 special characters.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidLatin1SpecialCharClassPassword() {
|
||
$password = '';
|
||
for ($i = 160; $i <= 191; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
$password .= chr(215) . chr(247);
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
* Tests authentication procedure with latin1 umlauts.
|
||
*
|
||
* Checks if a "plain-text password" is everytime mapped to the
|
||
* same "salted password hash" when using the same salt.
|
||
*
|
||
* @test
|
||
*/
|
||
public function authenticationWithValidLatin1UmlautCharClassPassword() {
|
||
$password = '';
|
||
for ($i = 192; $i <= 214; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
for ($i = 216; $i <= 246; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
for ($i = 248; $i <= 255; $i++) {
|
||
$password .= chr($i);
|
||
}
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function authenticationWithNonValidPassword() {
|
||
$password = 'password';
|
||
$password1 = $password . 'INVALID';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPW), $this->getWarningWhenMethodUnavailable());
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword), $this->getWarningWhenMethodUnavailable());
|
||
}
|
||
/**
|
||
... | ... | |
$password = '';
|
||
$criticalPwLength = 0;
|
||
// We're using a constant salt.
|
||
$saltedHashPWPrevious = $saltedHashPWCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
|
||
for ($i = 0; $i <= 128; $i += 8) {
|
||
$password = str_repeat($pad, max($i, 1));
|
||
$saltedHashPWPrevious = $saltedHashPWCurrent;
|
||
$saltedHashPWCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
if ($i > 0 && 0 == strcmp($saltedHashPWPrevious, $saltedHashPWCurrent)) {
|
||
$saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
|
||
$saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
|
||
if ($i > 0 && 0 == strcmp($saltedHashPasswordPrevious, $saltedHashPasswordCurrent)) {
|
||
$criticalPwLength = $i;
|
||
break;
|
||
}
|
||
... | ... | |
*/
|
||
public function noUpdateNecessityForMd5() {
|
||
$password = 'password';
|
||
$saltedHashPW = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPW));
|
||
$saltedHashPassword = $this->objectInstance->getHashedPassword($password);
|
||
$this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
|
||
}
|
||
}
|
||
?>
|
- « Previous
- 1
- 2
- 3
- 4
- Next »