‪TYPO3CMS  9.5
BlowfishPasswordHashTest.php
Go to the documentation of this file.
1 <?php
2 declare(strict_types = 1);
3 namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash;
19 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
20 
24 class ‪BlowfishPasswordHashTest extends UnitTestCase
25 {
29  public function ‪constructorThrowsExceptionIfHashCountIsTooLow()
30  {
31  $this->expectException(\InvalidArgumentException::class);
32  $this->expectExceptionCode(1533903545);
33  new ‪BlowfishPasswordHash(['hash_count' => 3]);
34  }
35 
39  public function ‪constructorThrowsExceptionIfHashCountIsTooHigh()
40  {
41  $this->expectException(\InvalidArgumentException::class);
42  $this->expectExceptionCode(1533903545);
43  new ‪BlowfishPasswordHash(['hash_count' => 18]);
44  }
45 
49  public function ‪getHashedPasswordWithEmptyPasswordResultsInNullSaltedPassword()
50  {
51  $password = '';
52  $this->assertNull((new ‪BlowfishPasswordHash(['hash_count' => 4]))->getHashedPassword($password));
53  }
54 
58  public function ‪getHashedPasswordWithNonEmptyPasswordResultsInNonNullSaltedPassword()
59  {
60  $password = 'a';
61  $this->assertNotNull((new ‪BlowfishPasswordHash(['hash_count' => 4]))->getHashedPassword($password));
62  }
63 
67  public function ‪getHashedPasswordValidates()
68  {
69  $password = 'password';
70  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
71  $saltedHashPassword = $subject->getHashedPassword($password);
72  $this->assertTrue($subject->isValidSaltedPW($saltedHashPassword));
73  }
74 
83  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash()
84  {
85  $password = 'password';
86  $saltedHashPassword = '$2a$07$Rvtl6CyMhR8GZGhHypjwOuydeN0nKFAlgo1LmmGrLowtIrtkov5Na';
87  $this->assertTrue((new ‪BlowfishPasswordHash(['hash_count' => 4]))->checkPassword($password, $saltedHashPassword));
88  }
89 
95  public function ‪checkPasswordReturnsFalseFailsWithBrokenHash()
96  {
97  $password = 'password';
98  $saltedHashPassword = '$2a$07$Rvtl6CyMhR8GZGhHypjwOuydeN0nKFAlgo1LmmGrLowtIrtkov5N';
99  $this->assertFalse((new ‪BlowfishPasswordHash(['hash_count' => 4]))->checkPassword($password, $saltedHashPassword));
100  }
101 
110  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword()
111  {
112  $password = 'aEjOtY';
113  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
114  $saltedHashPassword = $subject->getHashedPassword($password);
115  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
116  }
117 
126  public function ‪checkPasswordReturnsTrueWithValidNumericCharClassPassword()
127  {
128  $password = '01369';
129  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
130  $saltedHashPassword = $subject->getHashedPassword($password);
131  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
132  }
133 
142  public function ‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword()
143  {
144  $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
145  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
146  $saltedHashPassword = $subject->getHashedPassword($password);
147  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
148  }
149 
158  public function ‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword()
159  {
160  $password = '';
161  for ($i = 160; $i <= 191; $i++) {
162  $password .= chr($i);
163  }
164  $password .= chr(215) . chr(247);
165  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
166  $saltedHashPassword = $subject->getHashedPassword($password);
167  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
168  }
169 
178  public function ‪checkPasswordReturnsReturnsTrueWithValidLatin1UmlautCharClassPassword()
179  {
180  $password = '';
181  for ($i = 192; $i <= 214; $i++) {
182  $password .= chr($i);
183  }
184  for ($i = 216; $i <= 246; $i++) {
185  $password .= chr($i);
186  }
187  for ($i = 248; $i <= 255; $i++) {
188  $password .= chr($i);
189  }
190  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
191  $saltedHashPassword = $subject->getHashedPassword($password);
192  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
193  }
194 
198  public function ‪checkPasswordReturnsFalseWithNonValidPassword()
199  {
200  $password = 'password';
201  $password1 = $password . 'INVALID';
202  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
203  $saltedHashPassword = $subject->getHashedPassword($password);
204  $this->assertFalse($subject->checkPassword($password1, $saltedHashPassword));
205  }
206 
210  public function ‪isHashUpdateNeededReturnsFalseForValidSaltedPassword()
211  {
212  $password = 'password';
213  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
214  $saltedHashPassword = $subject->getHashedPassword($password);
215  $this->assertFalse($subject->isHashUpdateNeeded($saltedHashPassword));
216  }
217 
221  public function ‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions()
222  {
223  $subject = new ‪BlowfishPasswordHash(['hash_count' => 4]);
224  $hash = $subject->getHashedPassword('password');
225  $subject = new ‪BlowfishPasswordHash(['hash_count' => 5]);
226  $this->assertTrue($subject->isHashUpdateNeeded($hash));
227  }
228 }
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsFalseWithNonValidPassword
‪checkPasswordReturnsFalseWithNonValidPassword()
Definition: BlowfishPasswordHashTest.php:198
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword()
Definition: BlowfishPasswordHashTest.php:158
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\isHashUpdateNeededReturnsFalseForValidSaltedPassword
‪isHashUpdateNeededReturnsFalseForValidSaltedPassword()
Definition: BlowfishPasswordHashTest.php:210
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\getHashedPasswordValidates
‪getHashedPasswordValidates()
Definition: BlowfishPasswordHashTest.php:67
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash
‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash()
Definition: BlowfishPasswordHashTest.php:83
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPassword
‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword()
Definition: BlowfishPasswordHashTest.php:110
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidNumericCharClassPassword
‪checkPasswordReturnsTrueWithValidNumericCharClassPassword()
Definition: BlowfishPasswordHashTest.php:126
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\getHashedPasswordWithNonEmptyPasswordResultsInNonNullSaltedPassword
‪getHashedPasswordWithNonEmptyPasswordResultsInNonNullSaltedPassword()
Definition: BlowfishPasswordHashTest.php:58
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash
Definition: BlowfishPasswordHash.php:30
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest
Definition: BlowfishPasswordHashTest.php:25
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsFalseFailsWithBrokenHash
‪checkPasswordReturnsFalseFailsWithBrokenHash()
Definition: BlowfishPasswordHashTest.php:95
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\constructorThrowsExceptionIfHashCountIsTooHigh
‪constructorThrowsExceptionIfHashCountIsTooHigh()
Definition: BlowfishPasswordHashTest.php:39
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsReturnsTrueWithValidLatin1UmlautCharClassPassword
‪checkPasswordReturnsReturnsTrueWithValidLatin1UmlautCharClassPassword()
Definition: BlowfishPasswordHashTest.php:178
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword()
Definition: BlowfishPasswordHashTest.php:142
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\constructorThrowsExceptionIfHashCountIsTooLow
‪constructorThrowsExceptionIfHashCountIsTooLow()
Definition: BlowfishPasswordHashTest.php:29
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\getHashedPasswordWithEmptyPasswordResultsInNullSaltedPassword
‪getHashedPasswordWithEmptyPasswordResultsInNullSaltedPassword()
Definition: BlowfishPasswordHashTest.php:49
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing
Definition: Argon2iPasswordHashTest.php:3
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\BlowfishPasswordHashTest\isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions
‪isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions()
Definition: BlowfishPasswordHashTest.php:221