‪TYPO3CMS  10.4
Argon2idPasswordHashTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;
19 
20 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2idPasswordHash;
21 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
22 
26 class ‪Argon2idPasswordHashTest extends UnitTestCase
27 {
31  protected ‪$subject;
32 
38  protected function ‪setUp(): void
39  {
40  parent::setUp();
41  $options = [
42  'memory_cost' => 65536,
43  'time_cost' => 4,
44  'threads' => 2,
45  ];
46  $this->subject = new ‪Argon2idPasswordHash($options);
47  }
48 
53  public function ‪constructorThrowsExceptionIfMemoryCostIsTooLow()
54  {
55  $this->expectException(\InvalidArgumentException::class);
56  $this->expectExceptionCode(1533899612);
57  new ‪Argon2idPasswordHash(['memory_cost' => 1]);
58  }
59 
64  public function ‪constructorThrowsExceptionIfTimeCostIsTooLow()
65  {
66  $this->expectException(\InvalidArgumentException::class);
67  $this->expectExceptionCode(1533899613);
68  new ‪Argon2idPasswordHash(['time_cost' => 1]);
69  }
70 
75  public function ‪constructorThrowsExceptionIfThreadsIsTooLow()
76  {
77  $this->expectException(\InvalidArgumentException::class);
78  $this->expectExceptionCode(1533899614);
79  new ‪Argon2idPasswordHash(['threads' => 0]);
80  }
81 
86  public function ‪getHashedPasswordReturnsNullOnEmptyPassword()
87  {
88  self::assertNull($this->subject->getHashedPassword(''));
89  }
90 
95  public function ‪getHashedPasswordReturnsString()
96  {
97  $hash = $this->subject->getHashedPassword('password');
98  self::assertNotNull($hash);
99  self::assertTrue(is_string($hash));
100  }
101 
106  public function ‪isValidSaltedPwValidatesHastCreatedByGetHashedPassword()
107  {
108  $hash = $this->subject->getHashedPassword('password');
109  self::assertTrue($this->subject->isValidSaltedPW($hash));
110  }
111 
118  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidAlphaCharClassPassword()
119  {
120  $password = 'aEjOtY';
121  $hash = $this->subject->getHashedPassword($password);
122  self::assertTrue($this->subject->checkPassword($password, $hash));
123  }
124 
131  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidNumericCharClassPassword()
132  {
133  $password = '01369';
134  $hash = $this->subject->getHashedPassword($password);
135  self::assertTrue($this->subject->checkPassword($password, $hash));
136  }
137 
144  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidAsciiSpecialCharClassPassword()
145  {
146  $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
147  $hash = $this->subject->getHashedPassword($password);
148  self::assertTrue($this->subject->checkPassword($password, $hash));
149  }
150 
157  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1SpecialCharClassPassword()
158  {
159  $password = '';
160  for ($i = 160; $i <= 191; $i++) {
161  $password .= chr($i);
162  }
163  $password .= chr(215) . chr(247);
164  $hash = $this->subject->getHashedPassword($password);
165  self::assertTrue($this->subject->checkPassword($password, $hash));
166  }
167 
174  public function ‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1UmlautCharClassPassword()
175  {
176  $password = '';
177  for ($i = 192; $i <= 255; $i++) {
178  if ($i === 215 || $i === 247) {
179  // skip multiplication sign (×) and obelus (÷)
180  continue;
181  }
182  $password .= chr($i);
183  }
184  $hash = $this->subject->getHashedPassword($password);
185  self::assertTrue($this->subject->checkPassword($password, $hash));
186  }
187 
192  public function ‪checkPasswordReturnsTrueForHashedPasswordWithNonValidPassword()
193  {
194  $password = 'password';
195  $password1 = $password . 'INVALID';
196  $hash = $this->subject->getHashedPassword($password);
197  self::assertFalse($this->subject->checkPassword($password1, $hash));
198  }
199 
204  public function ‪isHashUpdateNeededReturnsFalseForJustGeneratedHash()
205  {
206  $password = 'password';
207  $hash = $this->subject->getHashedPassword($password);
208  self::assertFalse($this->subject->isHashUpdateNeeded($hash));
209  }
210 
215  public function ‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions()
216  {
217  $originalOptions = [
218  'memory_cost' => 65536,
219  'time_cost' => 4,
220  'threads' => 2,
221  ];
222  ‪$subject = new ‪Argon2idPasswordHash($originalOptions);
223  $hash = ‪$subject->‪getHashedPassword('password');
224 
225  // Change $memoryCost
226  $newOptions = $originalOptions;
227  $newOptions['memory_cost'] = $newOptions['memory_cost'] + 1;
228  ‪$subject = new ‪Argon2idPasswordHash($newOptions);
229  self::assertTrue(‪$subject->‪isHashUpdateNeeded($hash));
230 
231  // Change $timeCost
232  $newOptions = $originalOptions;
233  $newOptions['time_cost'] = $newOptions['time_cost'] + 1;
234  ‪$subject = new ‪Argon2idPasswordHash($newOptions);
235  self::assertTrue(‪$subject->‪isHashUpdateNeeded($hash));
236 
237  // Change $threads
238  $newOptions = $originalOptions;
239  $newOptions['threads'] = $newOptions['threads'] + 1;
240  ‪$subject = new ‪Argon2idPasswordHash($newOptions);
241  self::assertTrue(‪$subject->‪isHashUpdateNeeded($hash));
242  }
243 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\isHashUpdateNeeded
‪bool isHashUpdateNeeded(string $passString)
Definition: AbstractArgon2PasswordHash.php:140
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\getHashedPassword
‪string null getHashedPassword(string $password)
Definition: AbstractArgon2PasswordHash.php:121
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidNumericCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidNumericCharClassPassword()
Definition: Argon2idPasswordHashTest.php:130
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidAsciiSpecialCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidAsciiSpecialCharClassPassword()
Definition: Argon2idPasswordHashTest.php:143
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidAlphaCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidAlphaCharClassPassword()
Definition: Argon2idPasswordHashTest.php:117
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidLatin1UmlautCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1UmlautCharClassPassword()
Definition: Argon2idPasswordHashTest.php:173
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\constructorThrowsExceptionIfTimeCostIsTooLow
‪constructorThrowsExceptionIfTimeCostIsTooLow()
Definition: Argon2idPasswordHashTest.php:63
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\isHashUpdateNeededReturnsFalseForJustGeneratedHash
‪isHashUpdateNeededReturnsFalseForJustGeneratedHash()
Definition: Argon2idPasswordHashTest.php:203
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\getHashedPasswordReturnsNullOnEmptyPassword
‪getHashedPasswordReturnsNullOnEmptyPassword()
Definition: Argon2idPasswordHashTest.php:85
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\getHashedPasswordReturnsString
‪getHashedPasswordReturnsString()
Definition: Argon2idPasswordHashTest.php:94
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithValidLatin1SpecialCharClassPassword
‪checkPasswordReturnsTrueForHashedPasswordWithValidLatin1SpecialCharClassPassword()
Definition: Argon2idPasswordHashTest.php:156
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\checkPasswordReturnsTrueForHashedPasswordWithNonValidPassword
‪checkPasswordReturnsTrueForHashedPasswordWithNonValidPassword()
Definition: Argon2idPasswordHashTest.php:191
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\$subject
‪Argon2idPasswordHash $subject
Definition: Argon2idPasswordHashTest.php:30
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest
Definition: Argon2idPasswordHashTest.php:27
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions
‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions()
Definition: Argon2idPasswordHashTest.php:214
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\constructorThrowsExceptionIfMemoryCostIsTooLow
‪constructorThrowsExceptionIfMemoryCostIsTooLow()
Definition: Argon2idPasswordHashTest.php:52
‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2idPasswordHash
Definition: Argon2idPasswordHash.php:31
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\setUp
‪setUp()
Definition: Argon2idPasswordHashTest.php:37
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing
Definition: Argon2idPasswordHashTest.php:18
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\constructorThrowsExceptionIfThreadsIsTooLow
‪constructorThrowsExceptionIfThreadsIsTooLow()
Definition: Argon2idPasswordHashTest.php:74
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\isValidSaltedPwValidatesHastCreatedByGetHashedPassword
‪isValidSaltedPwValidatesHastCreatedByGetHashedPassword()
Definition: Argon2idPasswordHashTest.php:105