main/_md5_password_hash_test_8php_source.html

<?php


declare(strict_types=1);


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;


use PHPUnit\Framework\Attributes\Test;

use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash;

use TYPO3\TestingFramework\Core\Unit\UnitTestCase;


final class ‪Md5PasswordHashTest extends UnitTestCase

{

    #[Test]

    public function ‪getHashedPasswordReturnsNullWithEmptyPassword(): void

    {

        self::assertNull((new ‪Md5PasswordHash())->getHashedPassword(''));

    }


    #[Test]

    public function ‪getHashedPasswordReturnsNotNullWithNonEmptyPassword(): void

    {

        self::assertNotNull((new ‪Md5PasswordHash())->getHashedPassword('a'));

    }


    #[Test]

    public function ‪getHashedPasswordCreatesAHashThatValidates(): void

    {

        $password = 'password';

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertTrue($subject->isValidSaltedPW($saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash(): void

    {

        $password = 'password';

        $saltedHashPassword = '$1$GNu9HdMt$RwkPb28pce4nXZfnplVZY/';

        self::assertTrue((new ‪Md5PasswordHash())->checkPassword($password, $saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsFalseWithBrokenHash(): void

    {

        $password = 'password';

        $saltedHashPassword = '$1$GNu9HdMt$RwkPb28pce4nXZfnplVZY';

        self::assertFalse((new ‪Md5PasswordHash())->checkPassword($password, $saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword(): void

    {

        $password = 'aEjOtY';

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertTrue($subject->checkPassword($password, $saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsTrueWithValidNumericCharClassPassword(): void

    {

        $password = '01369';

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertTrue($subject->checkPassword($password, $saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword(): void

    {

        $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertTrue($subject->checkPassword($password, $saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword(): void

    {

        $password = '';

        for ($i = 160; $i <= 191; $i++) {

            $password .= chr($i);

        }

        $password .= chr(215) . chr(247);

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertTrue($subject->checkPassword($password, $saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsTrueWithValidLatin1UmlautCharClassPassword(): void

    {

        $password = '';

        for ($i = 192; $i <= 214; $i++) {

            $password .= chr($i);

        }

        for ($i = 216; $i <= 246; $i++) {

            $password .= chr($i);

        }

        for ($i = 248; $i <= 255; $i++) {

            $password .= chr($i);

        }

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertTrue($subject->checkPassword($password, $saltedHashPassword));

    }


    #[Test]

    public function ‪checkPasswordReturnsFalseWithNonValidPassword(): void

    {

        $password = 'password';

        $password1 = $password . 'INVALID';

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertFalse($subject->checkPassword($password1, $saltedHashPassword));

    }


    #[Test]

    public function ‪isHashUpdateNeededReturnsFalse(): void

    {

        $password = 'password';

        $subject = new ‪Md5PasswordHash();

        $saltedHashPassword = $subject->getHashedPassword($password);

        self::assertFalse($subject->isHashUpdateNeeded($saltedHashPassword));

    }

}