‪TYPO3CMS  10.4
Argon2iPasswordHashTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;
19 
20 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash;
21 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
22 
26 class ‪Argon2iPasswordHashTest extends UnitTestCase
27 {
31  protected ‪$subject;
32 
36  protected function ‪setUp(): void
37  {
38  parent::setUp();
39  $options = [
40  'memory_cost' => 65536,
41  'time_cost' => 4,
42  'threads' => 2,
43  ];
44  $this->subject = new ‪Argon2iPasswordHash($options);
45  }
46 
50  public function ‪constructorThrowsExceptionIfMemoryCostIsTooLow()
51  {
52  $this->expectException(\InvalidArgumentException::class);
53  $this->expectExceptionCode(1533899612);
54  new ‪Argon2iPasswordHash(['memory_cost' => 1]);
55  }
56 
60  public function ‪constructorThrowsExceptionIfTimeCostIsTooLow()
61  {
62  $this->expectException(\InvalidArgumentException::class);
63  $this->expectExceptionCode(1533899613);
64  new ‪Argon2iPasswordHash(['time_cost' => 1]);
65  }
66 
70  public function ‪constructorThrowsExceptionIfThreadsIsTooLow()
71  {
72  $this->expectException(\InvalidArgumentException::class);
73  $this->expectExceptionCode(1533899614);
74  new ‪Argon2iPasswordHash(['threads' => 0]);
75  }
76 
80  public function ‪getHashedPasswordReturnsNullOnEmptyPassword()
81  {
82  self::assertNull($this->subject->getHashedPassword(''));
83  }
84 
88  public function ‪getHashedPasswordReturnsString()
89  {
90  $hash = $this->subject->getHashedPassword('password');
91  self::assertNotNull($hash);
92  self::assertTrue(is_string($hash));
93  }
94 
98  public function ‪isValidSaltedPwValidatesHastCreatedByGetHashedPassword()
99  {
100  $hash = $this->subject->getHashedPassword('password');
101  self::assertTrue($this->subject->isValidSaltedPW($hash));
102  }
103 
109  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidAlphaCharClassPassword()
110  {
111  $password = 'aEjOtY';
112  $hash = $this->subject->getHashedPassword($password);
113  self::assertTrue($this->subject->checkPassword($password, $hash));
114  }
115 
121  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidNumericCharClassPassword()
122  {
123  $password = '01369';
124  $hash = $this->subject->getHashedPassword($password);
125  self::assertTrue($this->subject->checkPassword($password, $hash));
126  }
127 
133  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidAsciiSpecialCharClassPassword()
134  {
135  $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
136  $hash = $this->subject->getHashedPassword($password);
137  self::assertTrue($this->subject->checkPassword($password, $hash));
138  }
139 
145  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1SpecialCharClassPassword()
146  {
147  $password = '';
148  for ($i = 160; $i <= 191; $i++) {
149  $password .= chr($i);
150  }
151  $password .= chr(215) . chr(247);
152  $hash = $this->subject->getHashedPassword($password);
153  self::assertTrue($this->subject->checkPassword($password, $hash));
154  }
155 
161  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1UmlautCharClassPassword()
162  {
163  $password = '';
164  for ($i = 192; $i <= 255; $i++) {
165  if ($i === 215 || $i === 247) {
166  // skip multiplication sign (×) and obelus (÷)
167  continue;
168  }
169  $password .= chr($i);
170  }
171  $hash = $this->subject->getHashedPassword($password);
172  self::assertTrue($this->subject->checkPassword($password, $hash));
173  }
174 
178  public function ‪checkPasswordReturnsTrueForHashedPasswordWithNonValidPassword()
179  {
180  $password = 'password';
181  $password1 = $password . 'INVALID';
182  $hash = $this->subject->getHashedPassword($password);
183  self::assertFalse($this->subject->checkPassword($password1, $hash));
184  }
185 
189  public function ‪isHashUpdateNeededReturnsFalseForJustGeneratedHash()
190  {
191  $password = 'password';
192  $hash = $this->subject->getHashedPassword($password);
193  self::assertFalse($this->subject->isHashUpdateNeeded($hash));
194  }
195 
199  public function ‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions()
200  {
201  $originalOptions = [
202  'memory_cost' => 65536,
203  'time_cost' => 4,
204  'threads' => 2,
205  ];
206  ‪$subject = new ‪Argon2iPasswordHash($originalOptions);
207  $hash = ‪$subject->‪getHashedPassword('password');
208 
209  // Change $memoryCost
210  $newOptions = $originalOptions;
211  $newOptions['memory_cost'] = $newOptions['memory_cost'] + 1;
212  ‪$subject = new ‪Argon2iPasswordHash($newOptions);
213  self::assertTrue(‪$subject->‪isHashUpdateNeeded($hash));
214 
215  // Change $timeCost
216  $newOptions = $originalOptions;
217  $newOptions['time_cost'] = $newOptions['time_cost'] + 1;
218  ‪$subject = new ‪Argon2iPasswordHash($newOptions);
219  self::assertTrue(‪$subject->‪isHashUpdateNeeded($hash));
220 
221  // Change $threads
222  $newOptions = $originalOptions;
223  $newOptions['threads'] = $newOptions['threads'] + 1;
224  ‪$subject = new ‪Argon2iPasswordHash($newOptions);
225  self::assertTrue(‪$subject->‪isHashUpdateNeeded($hash));
226  }
227 }
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\constructorThrowsExceptionIfMemoryCostIsTooLow
‪constructorThrowsExceptionIfMemoryCostIsTooLow()
Definition: Argon2iPasswordHashTest.php:49
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\isHashUpdateNeededReturnsFalseForJustGeneratedHash
‪isHashUpdateNeededReturnsFalseForJustGeneratedHash()
Definition: Argon2iPasswordHashTest.php:188
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\isHashUpdateNeeded
‪bool isHashUpdateNeeded(string $passString)
Definition: AbstractArgon2PasswordHash.php:140
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\getHashedPassword
‪string null getHashedPassword(string $password)
Definition: AbstractArgon2PasswordHash.php:121
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\constructorThrowsExceptionIfThreadsIsTooLow
‪constructorThrowsExceptionIfThreadsIsTooLow()
Definition: Argon2iPasswordHashTest.php:69
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\getHashedPasswordReturnsNullOnEmptyPassword
‪getHashedPasswordReturnsNullOnEmptyPassword()
Definition: Argon2iPasswordHashTest.php:79
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions
‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions()
Definition: Argon2iPasswordHashTest.php:198
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidAlphaCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidAlphaCharClassPassword()
Definition: Argon2iPasswordHashTest.php:108
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidLatin1SpecialCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1SpecialCharClassPassword()
Definition: Argon2iPasswordHashTest.php:144
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidNumericCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidNumericCharClassPassword()
Definition: Argon2iPasswordHashTest.php:120
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidLatin1UmlautCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1UmlautCharClassPassword()
Definition: Argon2iPasswordHashTest.php:160
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidAsciiSpecialCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidAsciiSpecialCharClassPassword()
Definition: Argon2iPasswordHashTest.php:132
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest
Definition: Argon2iPasswordHashTest.php:27
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\constructorThrowsExceptionIfTimeCostIsTooLow
‪constructorThrowsExceptionIfTimeCostIsTooLow()
Definition: Argon2iPasswordHashTest.php:59
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\isValidSaltedPwValidatesHastCreatedByGetHashedPassword
‪isValidSaltedPwValidatesHastCreatedByGetHashedPassword()
Definition: Argon2iPasswordHashTest.php:97
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\getHashedPasswordReturnsString
‪getHashedPasswordReturnsString()
Definition: Argon2iPasswordHashTest.php:87
‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash
Definition: Argon2iPasswordHash.php:31
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithNonValidPassword
‪checkPasswordReturnsTrueForHashedPasswordWithNonValidPassword()
Definition: Argon2iPasswordHashTest.php:177
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\setUp
‪setUp()
Definition: Argon2iPasswordHashTest.php:35
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing
Definition: Argon2idPasswordHashTest.php:18
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\$subject
‪Argon2iPasswordHash $subject
Definition: Argon2iPasswordHashTest.php:30