‪TYPO3CMS  ‪main
PhpassPasswordHashTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;
19 
20 use PHPUnit\Framework\Attributes\Test;
21 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash;
22 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
23 
24 final class ‪PhpassPasswordHashTest extends UnitTestCase
25 {
26  #[Test]
27  public function ‪constructorThrowsExceptionIfHashCountIsTooLow(): void
28  {
29  $this->expectException(\InvalidArgumentException::class);
30  $this->expectExceptionCode(1533940454);
31  new ‪PhpassPasswordHash(['hash_count' => 6]);
32  }
33 
34  #[Test]
35  public function ‪constructorThrowsExceptionIfHashCountIsTooHigh(): void
36  {
37  $this->expectException(\InvalidArgumentException::class);
38  $this->expectExceptionCode(1533940454);
39  new ‪PhpassPasswordHash(['hash_count' => 25]);
40  }
41 
42  #[Test]
43  public function ‪getHashedPasswordReturnsNullWithEmptyPassword(): void
44  {
45  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
46  self::assertNull($subject->getHashedPassword(''));
47  }
48 
49  #[Test]
50  public function ‪getHashedPasswordReturnsNotNullWithNotEmptyPassword(): void
51  {
52  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
53  self::assertNotNull($subject->getHashedPassword('a'));
54  }
55 
56  #[Test]
57  public function ‪getHashedPasswordValidates(): void
58  {
59  $password = 'password';
60  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
61  $saltedHashPassword = $subject->getHashedPassword($password);
62  self::assertTrue($subject->isValidSaltedPW($saltedHashPassword));
63  }
64 
71  #[Test]
72  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash(): void
73  {
74  $password = 'password';
75  $saltedHashPassword = '$P$C7u7E10SBEie/Jbdz0jDtUcWhzgOPF.';
76  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
77  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
78  }
79 
83  #[Test]
84  public function ‪checkPasswordReturnsFalseWithBrokenHash(): void
85  {
86  $password = 'password';
87  $saltedHashPassword = '$P$C7u7E10SBEie/Jbdz0jDtUcWhzgOPF';
88  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
89  self::assertFalse($subject->checkPassword($password, $saltedHashPassword));
90  }
91 
98  #[Test]
99  public function ‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword(): void
100  {
101  $password = 'aEjOtY';
102  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
103  $saltedHashPassword = $subject->getHashedPassword($password);
104  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
105  }
106 
113  #[Test]
114  public function ‪checkPasswordReturnsTrueWithValidNumericCharClassPassword(): void
115  {
116  $password = '01369';
117  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
118  $saltedHashPassword = $subject->getHashedPassword($password);
119  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
120  }
121 
128  #[Test]
129  public function ‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword(): void
130  {
131  $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
132  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
133  $saltedHashPassword = $subject->getHashedPassword($password);
134  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
135  }
136 
143  #[Test]
144  public function ‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword(): void
145  {
146  $password = '';
147  for ($i = 160; $i <= 191; $i++) {
148  $password .= chr($i);
149  }
150  $password .= chr(215) . chr(247);
151  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
152  $saltedHashPassword = $subject->getHashedPassword($password);
153  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
154  }
155 
162  #[Test]
163  public function ‪checkPasswordReturnsTrueWithValidLatin1UmlautCharClassPassword(): void
164  {
165  $password = '';
166  for ($i = 192; $i <= 214; $i++) {
167  $password .= chr($i);
168  }
169  for ($i = 216; $i <= 246; $i++) {
170  $password .= chr($i);
171  }
172  for ($i = 248; $i <= 255; $i++) {
173  $password .= chr($i);
174  }
175  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
176  $saltedHashPassword = $subject->getHashedPassword($password);
177  self::assertTrue($subject->checkPassword($password, $saltedHashPassword));
178  }
179 
180  #[Test]
181  public function ‪checkPasswordReturnsFalseWithNonValidPassword(): void
182  {
183  $password = 'password';
184  $password1 = $password . 'INVALID';
185  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
186  $saltedHashPassword = $subject->getHashedPassword($password);
187  self::assertFalse($subject->checkPassword($password1, $saltedHashPassword));
188  }
189 
190  #[Test]
191  public function ‪isHashUpdateNeededReturnsFalseForValidSaltedPassword(): void
192  {
193  $password = 'password';
194  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
195  $saltedHashPassword = $subject->getHashedPassword($password);
196  self::assertFalse($subject->isHashUpdateNeeded($saltedHashPassword));
197  }
198 
199  #[Test]
200  public function ‪isHashUpdateNeededReturnsFalseForChangedHashCountSaltedPassword(): void
201  {
202  $password = 'password';
203  $subject = new ‪PhpassPasswordHash(['hash_count' => 7]);
204  $saltedHashPassword = $subject->getHashedPassword($password);
205  $subject = new ‪PhpassPasswordHash(['hash_count' => 8]);
206  self::assertTrue($subject->isHashUpdateNeeded($saltedHashPassword));
207  }
208 }
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsFalseWithNonValidPassword
‪checkPasswordReturnsFalseWithNonValidPassword()
Definition: PhpassPasswordHashTest.php:181
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsTrueWithValidLatin1UmlautCharClassPassword
‪checkPasswordReturnsTrueWithValidLatin1UmlautCharClassPassword()
Definition: PhpassPasswordHashTest.php:163
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\constructorThrowsExceptionIfHashCountIsTooHigh
‪constructorThrowsExceptionIfHashCountIsTooHigh()
Definition: PhpassPasswordHashTest.php:35
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsFalseWithBrokenHash
‪checkPasswordReturnsFalseWithBrokenHash()
Definition: PhpassPasswordHashTest.php:84
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\getHashedPasswordReturnsNullWithEmptyPassword
‪getHashedPasswordReturnsNullWithEmptyPassword()
Definition: PhpassPasswordHashTest.php:43
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsTrueWithValidNumericCharClassPassword
‪checkPasswordReturnsTrueWithValidNumericCharClassPassword()
Definition: PhpassPasswordHashTest.php:114
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidAsciiSpecialCharClassPassword()
Definition: PhpassPasswordHashTest.php:129
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPassword
‪checkPasswordReturnsTrueWithValidAlphaCharClassPassword()
Definition: PhpassPasswordHashTest.php:99
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\isHashUpdateNeededReturnsFalseForChangedHashCountSaltedPassword
‪isHashUpdateNeededReturnsFalseForChangedHashCountSaltedPassword()
Definition: PhpassPasswordHashTest.php:200
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\constructorThrowsExceptionIfHashCountIsTooLow
‪constructorThrowsExceptionIfHashCountIsTooLow()
Definition: PhpassPasswordHashTest.php:27
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash
Definition: PhpassPasswordHash.php:35
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\getHashedPasswordValidates
‪getHashedPasswordValidates()
Definition: PhpassPasswordHashTest.php:57
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword
‪checkPasswordReturnsTrueWithValidLatin1SpecialCharClassPassword()
Definition: PhpassPasswordHashTest.php:144
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash
‪checkPasswordReturnsTrueWithValidAlphaCharClassPasswordAndFixedHash()
Definition: PhpassPasswordHashTest.php:72
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\isHashUpdateNeededReturnsFalseForValidSaltedPassword
‪isHashUpdateNeededReturnsFalseForValidSaltedPassword()
Definition: PhpassPasswordHashTest.php:191
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest\getHashedPasswordReturnsNotNullWithNotEmptyPassword
‪getHashedPasswordReturnsNotNullWithNotEmptyPassword()
Definition: PhpassPasswordHashTest.php:50
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PhpassPasswordHashTest
Definition: PhpassPasswordHashTest.php:25
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing
Definition: Argon2idPasswordHashTest.php:18