‪TYPO3CMS  9.5
Pbkdf2PaswordHashTest.php
Go to the documentation of this file.
1 <?php
2 declare(strict_types = 1);
3 namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash;
19 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
20 
24 class ‪Pbkdf2PaswordHashTest extends UnitTestCase
25 {
29  public function ‪constructorThrowsExceptionIfHashCountIsTooLow()
30  {
31  $this->expectException(\InvalidArgumentException::class);
32  $this->expectExceptionCode(1533903544);
33  new ‪Pbkdf2PasswordHash(['hash_count' => 999]);
34  }
35 
39  public function ‪constructorThrowsExceptionIfHashCountIsTooHigh()
40  {
41  $this->expectException(\InvalidArgumentException::class);
42  $this->expectExceptionCode(1533903544);
43  new ‪Pbkdf2PasswordHash(['hash_count' => 10000001]);
44  }
45 
49  public function ‪getHashedPasswordReturnsNullWithEmptyPassword()
50  {
51  $password = '';
52  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
53  $this->assertNull($subject->getHashedPassword($password));
54  }
55 
59  public function ‪getHashedPasswordReturnsNotNullWithNullPassword()
60  {
61  $password = 'a';
62  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
63  $this->assertNotNull($subject->getHashedPassword($password));
64  }
65 
69  public function ‪getHashedPasswordValidates()
70  {
71  $password = 'password';
72  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
73  $saltedHashPassword = $subject->getHashedPassword($password);
74  $this->assertTrue($subject->isValidSaltedPW($saltedHashPassword));
75  }
76 
85  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash()
86  {
87  $password = 'password';
88  $saltedHashPassword = '$pbkdf2-sha256$1000$woPhT0yoWm3AXJXSjuxJ3w$iZ6EvTulMqXlzr0NO8z5EyrklFcJk5Uw2Fqje68FfaQ';
89  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
90  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
91  }
92 
98  public function ‪checkPasswordReturnsFalseWithBrokenHash()
99  {
100  $password = 'password';
101  $saltedHashPassword = '$pbkdf2-sha256$1000$woPhT0yoWm3AXJXSjuxJ3w$iZ6EvTulMqXlzr0NO8z5EyrklFcJk5Uw2Fqje68Ffa';
102  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
103  $this->assertFalse($subject->checkPassword($password, $saltedHashPassword));
104  }
105 
114  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword()
115  {
116  $password = 'aEjOtY';
117  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
118  $saltedHashPassword = $subject->getHashedPassword($password);
119  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
120  }
121 
130  public function ‪checkPasswordReturnsTrueWithValidNumericCharClassPassword()
131  {
132  $password = '01369';
133  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
134  $saltedHashPassword = $subject->getHashedPassword($password);
135  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
136  }
137 
146  public function ‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword()
147  {
148  $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
149  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
150  $saltedHashPassword = $subject->getHashedPassword($password);
151  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
152  }
153 
162  public function ‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword()
163  {
164  $password = '';
165  for ($i = 160; $i <= 191; $i++) {
166  $password .= chr($i);
167  }
168  $password .= chr(215) . chr(247);
169  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
170  $saltedHashPassword = $subject->getHashedPassword($password);
171  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
172  }
173 
182  public function ‪checkPasswordReturnsTrueWithValidLatin1UmlautCharClassPassword()
183  {
184  $password = '';
185  for ($i = 192; $i <= 214; $i++) {
186  $password .= chr($i);
187  }
188  for ($i = 216; $i <= 246; $i++) {
189  $password .= chr($i);
190  }
191  for ($i = 248; $i <= 255; $i++) {
192  $password .= chr($i);
193  }
194  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
195  $saltedHashPassword = $subject->getHashedPassword($password);
196  $this->assertTrue($subject->checkPassword($password, $saltedHashPassword));
197  }
198 
202  public function ‪checkPasswordReturnsFalseWithNonValidPassword()
203  {
204  $password = 'password';
205  $password1 = $password . 'INVALID';
206  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
207  $saltedHashPassword = $subject->getHashedPassword($password);
208  $this->assertFalse($subject->checkPassword($password1, $saltedHashPassword));
209  }
210 
214  public function ‪isHashUpdateNeededReturnsFalseForValidSaltedPassword()
215  {
216  $password = 'password';
217  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
218  $saltedHashPassword = $subject->getHashedPassword($password);
219  $this->assertFalse($subject->isHashUpdateNeeded($saltedHashPassword));
220  }
221 
225  public function ‪isHashUpdateNeededReturnsTrueWithChangedHashCount()
226  {
227  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
228  $saltedHashPassword = $subject->getHashedPassword('password');
229  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1001]);
230  $this->assertTrue($subject->isHashUpdateNeeded($saltedHashPassword));
231  }
232 
236  public function ‪checkPasswordIsCompatibleWithPythonPasslibHashes()
237  {
238  $passlibSaltedHash= '$pbkdf2-sha256$6400$.6UI/S.nXIk8jcbdHx3Fhg$98jZicV16ODfEsEZeYPGHU3kbrUrvUEXOPimVSQDD44';
239  $subject = new ‪Pbkdf2PasswordHash(['hash_count' => 1000]);
240  $this->assertTrue($subject->checkPassword('password', $passlibSaltedHash));
241  }
242 }
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\getHashedPasswordValidates
‪getHashedPasswordValidates()
Definition: Pbkdf2PaswordHashTest.php:69
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsFalseWithBrokenHash
‪checkPasswordReturnsFalseWithBrokenHash()
Definition: Pbkdf2PaswordHashTest.php:98
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\getHashedPasswordReturnsNullWithEmptyPassword
‪getHashedPasswordReturnsNullWithEmptyPassword()
Definition: Pbkdf2PaswordHashTest.php:49
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\isHashUpdateNeededReturnsTrueWithChangedHashCount
‪isHashUpdateNeededReturnsTrueWithChangedHashCount()
Definition: Pbkdf2PaswordHashTest.php:225
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\getHashedPasswordReturnsNotNullWithNullPassword
‪getHashedPasswordReturnsNotNullWithNullPassword()
Definition: Pbkdf2PaswordHashTest.php:59
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsTrueWithValidNumericCharClassPassword
‪checkPasswordReturnsTrueWithValidNumericCharClassPassword()
Definition: Pbkdf2PaswordHashTest.php:130
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordIsCompatibleWithPythonPasslibHashes
‪checkPasswordIsCompatibleWithPythonPasslibHashes()
Definition: Pbkdf2PaswordHashTest.php:236
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\isHashUpdateNeededReturnsFalseForValidSaltedPassword
‪isHashUpdateNeededReturnsFalseForValidSaltedPassword()
Definition: Pbkdf2PaswordHashTest.php:214
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsFalseWithNonValidPassword
‪checkPasswordReturnsFalseWithNonValidPassword()
Definition: Pbkdf2PaswordHashTest.php:202
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest
Definition: Pbkdf2PaswordHashTest.php:25
‪TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash
Definition: Pbkdf2PasswordHash.php:27
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPassword
‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword()
Definition: Pbkdf2PaswordHashTest.php:114
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsTrueWithValidLatin1UmlautCharClassPassword
‪checkPasswordReturnsTrueWithValidLatin1UmlautCharClassPassword()
Definition: Pbkdf2PaswordHashTest.php:182
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword()
Definition: Pbkdf2PaswordHashTest.php:146
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash
‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash()
Definition: Pbkdf2PaswordHashTest.php:85
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\constructorThrowsExceptionIfHashCountIsTooLow
‪constructorThrowsExceptionIfHashCountIsTooLow()
Definition: Pbkdf2PaswordHashTest.php:29
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword()
Definition: Pbkdf2PaswordHashTest.php:162
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Pbkdf2PaswordHashTest\constructorThrowsExceptionIfHashCountIsTooHigh
‪constructorThrowsExceptionIfHashCountIsTooHigh()
Definition: Pbkdf2PaswordHashTest.php:39
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing
Definition: Argon2iPasswordHashTest.php:3