TYPO3 CMS  TYPO3_6-2
BlowfishSaltTest.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Saltedpasswords\Tests\Unit\Salt;
3 
22 class BlowfishSaltTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
23 
29  protected $objectInstance = NULL;
30 
36  public function setUp() {
37  $this->objectInstance = $this->getMock('TYPO3\\CMS\\Saltedpasswords\\Salt\\BlowfishSalt', array('dummy'));
38  }
39 
45  protected function skipTestIfBlowfishIsNotAvailable() {
46  if (!CRYPT_BLOWFISH) {
47  $this->markTestSkipped('Blowfish is not supported on your platform.');
48  }
49  }
50 
54  public function hasCorrectBaseClass() {
55  $hasCorrectBaseClass = get_class($this->objectInstance) === 'TYPO3\\CMS\\Saltedpasswords\\Salt\\BlowfishSalt';
56  // XCLASS ?
57  if (!$hasCorrectBaseClass && FALSE != get_parent_class($this->objectInstance)) {
58  $hasCorrectBaseClass = is_subclass_of($this->objectInstance, 'TYPO3\\CMS\\Saltedpasswords\\Salt\\BlowfishSalt');
59  }
60  $this->assertTrue($hasCorrectBaseClass);
61  }
62 
66  public function nonZeroSaltLength() {
67  $this->assertTrue($this->objectInstance->getSaltLength() > 0);
68  }
69 
73  public function emptyPasswordResultsInNullSaltedPassword() {
74  $password = '';
75  $this->assertNull($this->objectInstance->getHashedPassword($password));
76  }
77 
81  public function nonEmptyPasswordResultsInNonNullSaltedPassword() {
82  $this->skipTestIfBlowfishIsNotAvailable();
83  $password = 'a';
84  $this->assertNotNull($this->objectInstance->getHashedPassword($password));
85  }
86 
90  public function createdSaltedHashOfProperStructure() {
91  $this->skipTestIfBlowfishIsNotAvailable();
92  $password = 'password';
93  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
94  $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
95  }
96 
100  public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting() {
101  $this->skipTestIfBlowfishIsNotAvailable();
102  $password = 'password';
103  // custom salt without setting
104  $randomBytes = \TYPO3\CMS\Core\Utility\GeneralUtility::generateRandomBytes($this->objectInstance->getSaltLength());
105  $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
106  $this->assertTrue($this->objectInstance->isValidSalt($salt));
107  $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
108  $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
109  }
110 
114  public function createdSaltedHashOfProperStructureForMinimumHashCount() {
115  $this->skipTestIfBlowfishIsNotAvailable();
116  $password = 'password';
117  $minHashCount = $this->objectInstance->getMinHashCount();
118  $this->objectInstance->setHashCount($minHashCount);
119  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
120  $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
121  // reset hashcount
122  $this->objectInstance->setHashCount(NULL);
123  }
124 
133  public function authenticationWithValidAlphaCharClassPassword() {
134  $this->skipTestIfBlowfishIsNotAvailable();
135  $password = 'aEjOtY';
136  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
137  $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
138  }
139 
148  public function authenticationWithValidNumericCharClassPassword() {
149  $this->skipTestIfBlowfishIsNotAvailable();
150  $password = '01369';
151  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
152  $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
153  }
154 
163  public function authenticationWithValidAsciiSpecialCharClassPassword() {
164  $this->skipTestIfBlowfishIsNotAvailable();
165  $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
166  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
167  $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
168  }
169 
178  public function authenticationWithValidLatin1SpecialCharClassPassword() {
179  $this->skipTestIfBlowfishIsNotAvailable();
180  $password = '';
181  for ($i = 160; $i <= 191; $i++) {
182  $password .= chr($i);
183  }
184  $password .= chr(215) . chr(247);
185  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
186  $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
187  }
188 
197  public function authenticationWithValidLatin1UmlautCharClassPassword() {
198  $this->skipTestIfBlowfishIsNotAvailable();
199  $password = '';
200  for ($i = 192; $i <= 214; $i++) {
201  $password .= chr($i);
202  }
203  for ($i = 216; $i <= 246; $i++) {
204  $password .= chr($i);
205  }
206  for ($i = 248; $i <= 255; $i++) {
207  $password .= chr($i);
208  }
209  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
210  $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
211  }
212 
216  public function authenticationWithNonValidPassword() {
217  $this->skipTestIfBlowfishIsNotAvailable();
218  $password = 'password';
219  $password1 = $password . 'INVALID';
220  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
221  $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
222  }
223 
227  public function passwordVariationsResultInDifferentHashes() {
228  $this->skipTestIfBlowfishIsNotAvailable();
229  $pad = 'a';
230  $password = '';
231  $criticalPwLength = 0;
232  // We're using a constant salt.
233  $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
234  for ($i = 0; $i <= 128; $i += 8) {
235  $password = str_repeat($pad, max($i, 1));
236  $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
237  $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
238  if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
239  $criticalPwLength = $i;
240  break;
241  }
242  }
243  $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
244  }
245 
249  public function modifiedMinHashCount() {
250  $minHashCount = $this->objectInstance->getMinHashCount();
251  $this->objectInstance->setMinHashCount($minHashCount - 1);
252  $this->assertTrue($this->objectInstance->getMinHashCount() < $minHashCount);
253  $this->objectInstance->setMinHashCount($minHashCount + 1);
254  $this->assertTrue($this->objectInstance->getMinHashCount() > $minHashCount);
255  }
256 
260  public function modifiedMaxHashCount() {
261  $maxHashCount = $this->objectInstance->getMaxHashCount();
262  $this->objectInstance->setMaxHashCount($maxHashCount + 1);
263  $this->assertTrue($this->objectInstance->getMaxHashCount() > $maxHashCount);
264  $this->objectInstance->setMaxHashCount($maxHashCount - 1);
265  $this->assertTrue($this->objectInstance->getMaxHashCount() < $maxHashCount);
266  }
267 
271  public function modifiedHashCount() {
272  $hashCount = $this->objectInstance->getHashCount();
273  $this->objectInstance->setMaxHashCount($hashCount + 1);
274  $this->objectInstance->setHashCount($hashCount + 1);
275  $this->assertTrue($this->objectInstance->getHashCount() > $hashCount);
276  $this->objectInstance->setMinHashCount($hashCount - 1);
277  $this->objectInstance->setHashCount($hashCount - 1);
278  $this->assertTrue($this->objectInstance->getHashCount() < $hashCount);
279  // reset hashcount
280  $this->objectInstance->setHashCount(NULL);
281  }
282 
286  public function updateNecessityForValidSaltedPassword() {
287  $this->skipTestIfBlowfishIsNotAvailable();
288  $password = 'password';
289  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
290  $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
291  }
292 
296  public function updateNecessityForIncreasedHashcount() {
297  $password = 'password';
298  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
299  $increasedHashCount = $this->objectInstance->getHashCount() + 1;
300  $this->objectInstance->setMaxHashCount($increasedHashCount);
301  $this->objectInstance->setHashCount($increasedHashCount);
302  $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
303  // reset hashcount
304  $this->objectInstance->setHashCount(NULL);
305  }
306 
310  public function updateNecessityForDecreasedHashcount() {
311  $this->skipTestIfBlowfishIsNotAvailable();
312  $password = 'password';
313  $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
314  $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
315  $this->objectInstance->setMinHashCount($decreasedHashCount);
316  $this->objectInstance->setHashCount($decreasedHashCount);
317  $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
318  // reset hashcount
319  $this->objectInstance->setHashCount(NULL);
320  }
321 
322 }
TYPO3\CMS\Core\Utility\GeneralUtility\generateRandomBytes
static generateRandomBytes($bytesToReturn)
Definition: GeneralUtility.php:1207