‪TYPO3CMS  11.5
BlowfishPasswordHashTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;
19 
20 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash;
21 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
22 
26 class ‪BlowfishPasswordHashTest extends UnitTestCase
27 {
31  public function ‪constructorThrowsExceptionIfHashCountIsTooLow(): void
32  {
33  $this->expectException(\InvalidArgumentException::class);
34  $this->expectExceptionCode(1533903545);
35  new ‪BlowfishPasswordHash(['hash_count' => 3]);
36  }
37 
41  public function ‪constructorThrowsExceptionIfHashCountIsTooHigh(): void
42  {
43  $this->expectException(\InvalidArgumentException::class);
44  $this->expectExceptionCode(1533903545);
45  new ‪BlowfishPasswordHash(['hash_count' => 18]);
46  }
47 
51  public function ‪getHashedPasswordWithEmptyPasswordResultsInNullSaltedPassword(): void
52  {
53  $password = '';
54  self::assertNull((new ‪BlowfishPasswordHash(['hash_count' => 4]))->getHashedPassword($password));
55  }
56 
60  public function ‪getHashedPasswordWithNonEmptyPasswordResultsInNonNullSaltedPassword(): void
61  {
62  $password = 'a';
63  self::assertNotNull((new ‪BlowfishPasswordHash(['hash_count' => 4]))->getHashedPassword($password));
64  }
65 
69  public function ‪getHashedPasswordValidates(): void
70  {
71  $password = 'password';
72  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
73  $saltedHashPassword = $subject->getHashedPassword($password);
74  self::assertTrue($subject->isValidSaltedPW($saltedHashPassword));
75  }
76 
85  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash(): void
86  {
87  $password = 'password';
88  $saltedHashPassword = '$2a$07$Rvtl6CyMhR8GZGhHypjwOuydeN0nKFAlgo1LmmGrLowtIrtkov5Na';
89  self::assertTrue((new ‪BlowfishPasswordHash(['hash_count' => 4]))->checkPassword($password, $saltedHashPassword));
90  }
91 
97  public function ‪checkPasswordReturnsFalseFailsWithBrokenHash(): void
98  {
99  $password = 'password';
100  $saltedHashPassword = '$2a$07$Rvtl6CyMhR8GZGhHypjwOuydeN0nKFAlgo1LmmGrLowtIrtkov5N';
101  self::assertFalse((new ‪BlowfishPasswordHash(['hash_count' => 4]))->checkPassword($password, $saltedHashPassword));
102  }
103 
112  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword(): void
113  {
114  $password = 'aEjOtY';
115  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
116  $saltedHashPassword = $subject->getHashedPassword($password);
117  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
118  }
119 
128  public function ‪checkPasswordReturnsTrueWithValidNumericCharClassPassword(): void
129  {
130  $password = '01369';
131  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
132  $saltedHashPassword = $subject->getHashedPassword($password);
133  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
134  }
135 
144  public function ‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword(): void
145  {
146  $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
147  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
148  $saltedHashPassword = $subject->getHashedPassword($password);
149  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
150  }
151 
160  public function ‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword(): void
161  {
162  $password = '';
163  for ($i = 160; $i <= 191; $i++) {
164  $password .= chr($i);
165  }
166  $password .= chr(215) . chr(247);
167  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
168  $saltedHashPassword = $subject->getHashedPassword($password);
169  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
170  }
171 
180  public function ‪checkPasswordReturnsReturnsTrueWithValidLatin1UmlautCharClassPassword(): void
181  {
182  $password = '';
183  for ($i = 192; $i <= 214; $i++) {
184  $password .= chr($i);
185  }
186  for ($i = 216; $i <= 246; $i++) {
187  $password .= chr($i);
188  }
189  for ($i = 248; $i <= 255; $i++) {
190  $password .= chr($i);
191  }
192  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
193  $saltedHashPassword = $subject->getHashedPassword($password);
194  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
195  }
196 
200  public function ‪checkPasswordReturnsFalseWithNonValidPassword(): void
201  {
202  $password = 'password';
203  $password1 = $password . 'INVALID';
204  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
205  $saltedHashPassword = $subject->getHashedPassword($password);
206  self::assertFalse($subject->checkPassword($password1, $saltedHashPassword));
207  }
208 
212  public function ‪isHashUpdateNeededReturnsFalseForValidSaltedPassword(): void
213  {
214  $password = 'password';
215  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
216  $saltedHashPassword = $subject->getHashedPassword($password);
217  self::assertFalse($subject->isHashUpdateNeeded($saltedHashPassword));
218  }
219 
223  public function ‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions(): void
224  {
225  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
226  $hash = $subject->getHashedPassword('password');
227  $subject = new ‪BlowfishPasswordHash(['hash_count' => 5]);
228  self::assertTrue($subject->isHashUpdateNeeded($hash));
229  }
230 }
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsFalseWithNonValidPassword
‪checkPasswordReturnsFalseWithNonValidPassword()
Definition: BlowfishPasswordHashTest.php:200
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword()
Definition: BlowfishPasswordHashTest.php:160
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\isHashUpdateNeededReturnsFalseForValidSaltedPassword
‪isHashUpdateNeededReturnsFalseForValidSaltedPassword()
Definition: BlowfishPasswordHashTest.php:212
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\getHashedPasswordValidates
‪getHashedPasswordValidates()
Definition: BlowfishPasswordHashTest.php:69
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash
‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash()
Definition: BlowfishPasswordHashTest.php:85
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPassword
‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword()
Definition: BlowfishPasswordHashTest.php:112
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidNumericCharClassPassword
‪checkPasswordReturnsTrueWithValidNumericCharClassPassword()
Definition: BlowfishPasswordHashTest.php:128
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\getHashedPasswordWithNonEmptyPasswordResultsInNonNullSaltedPassword
‪getHashedPasswordWithNonEmptyPasswordResultsInNonNullSaltedPassword()
Definition: BlowfishPasswordHashTest.php:60
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash
Definition: BlowfishPasswordHash.php:31
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest
Definition: BlowfishPasswordHashTest.php:27
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsFalseFailsWithBrokenHash
‪checkPasswordReturnsFalseFailsWithBrokenHash()
Definition: BlowfishPasswordHashTest.php:97
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\constructorThrowsExceptionIfHashCountIsTooHigh
‪constructorThrowsExceptionIfHashCountIsTooHigh()
Definition: BlowfishPasswordHashTest.php:41
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsReturnsTrueWithValidLatin1UmlautCharClassPassword
‪checkPasswordReturnsReturnsTrueWithValidLatin1UmlautCharClassPassword()
Definition: BlowfishPasswordHashTest.php:180
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword()
Definition: BlowfishPasswordHashTest.php:144
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\constructorThrowsExceptionIfHashCountIsTooLow
‪constructorThrowsExceptionIfHashCountIsTooLow()
Definition: BlowfishPasswordHashTest.php:31
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\getHashedPasswordWithEmptyPasswordResultsInNullSaltedPassword
‪getHashedPasswordWithEmptyPasswordResultsInNullSaltedPassword()
Definition: BlowfishPasswordHashTest.php:51
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing
Definition: Argon2idPasswordHashTest.php:18
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions
‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions()
Definition: BlowfishPasswordHashTest.php:223