PageRenderTime 27ms CodeModel.GetById 27ms RepoModel.GetById 0ms app.codeStats 1ms

/public/typo3/sysext/saltedpasswords/Tests/Unit/Salt/SaltFactoryTest.php

https://bitbucket.org/followupcio/website
PHP | 143 lines | 75 code | 13 blank | 55 comment | 15 complexity | 7a6754e7e0f75717fea92f0a460473b0 MD5 | raw file
Possible License(s): GPL-2.0, MPL-2.0-no-copyleft-exception, BSD-2-Clause 
    

  1. <?php
    2. 

  2. namespace TYPO3\CMS\Saltedpasswords\Tests\Unit\Salt;
    3. 

  3. 

  4. /*
    5. 

  5.  * This file is part of the TYPO3 CMS project.
    6. 

  6.  *
    7. 

  7.  * It is free software; you can redistribute it and/or modify it under
    8. 

  8.  * the terms of the GNU General Public License, either version 2
    9. 

  9.  * of the License, or any later version.
    10. 

  10.  *
    11. 

  11.  * For the full copyright and license information, please read the
    12. 

  12.  * LICENSE.txt file that was distributed with this source code.
    13. 

  13.  *
    14. 

  14.  * The TYPO3 project - inspiring people to share!
    15. 

  15.  */
    16. 

  16. 

  17. use TYPO3\CMS\Core\Crypto\Random;
    18. 

  18. 

  19. /**
    20. 

  20.  * Testcase for SaltFactory
    21. 

  21.  */
    22. 

  22. class SaltFactoryTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestCase
    23. 

  23. {
    24. 

  24.     /**
    25. 

  25.      * Keeps instance of object to test.
    26. 

  26.      *
    27. 

  27.      * @var \TYPO3\CMS\Saltedpasswords\Salt\AbstractSalt
    28. 

  28.      */
    29. 

  29.     protected $objectInstance = null;
    30. 

  30. 

  31.     /**
    32. 

  32.      * Sets up the fixtures for this testcase.
    33. 

  33.      */
    34. 

  34.     protected function setUp()
    35. 

  35.     {
    36. 

  36.         $this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
    37. 

  37.     }
    38. 

  38. 

  39.     /**
    40. 

  40.      * @test
    41. 

  41.      */
    42. 

  42.     public function objectInstanceNotNull()
    43. 

  43.     {
    44. 

  44.         $this->assertNotNull($this->objectInstance);
    45. 

  45.     }
    46. 

  46. 

  47.     /**
    48. 

  48.      * @test
    49. 

  49.      */
    50. 

  50.     public function objectInstanceExtendsAbstractClass()
    51. 

  51.     {
    52. 

  52.         $this->assertTrue(is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\AbstractSalt::class));
    53. 

  53.     }
    54. 

  54. 

  55.     /**
    56. 

  56.      * @test
    57. 

  57.      */
    58. 

  58.     public function objectInstanceImplementsInterface()
    59. 

  59.     {
    60. 

  60.         $this->assertTrue(method_exists($this->objectInstance, 'checkPassword'), 'Missing method checkPassword() from interface ' . \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface::class . '.');
    61. 

  61.         $this->assertTrue(method_exists($this->objectInstance, 'isHashUpdateNeeded'), 'Missing method isHashUpdateNeeded() from interface ' . \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface::class . '.');
    62. 

  62.         $this->assertTrue(method_exists($this->objectInstance, 'isValidSalt'), 'Missing method isValidSalt() from interface ' . \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface::class . '.');
    63. 

  63.         $this->assertTrue(method_exists($this->objectInstance, 'isValidSaltedPW'), 'Missing method isValidSaltedPW() from interface ' . \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface::class . '.');
    64. 

  64.         $this->assertTrue(method_exists($this->objectInstance, 'getHashedPassword'), 'Missing method getHashedPassword() from interface ' . \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface::class . '.');
    65. 

  65.         $this->assertTrue(method_exists($this->objectInstance, 'getSaltLength'), 'Missing method getSaltLength() from interface ' . \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface::class . '.');
    66. 

  66.     }
    67. 

  67. 

  68.     /**
    69. 

  69.      * @test
    70. 

  70.      */
    71. 

  71.     public function base64EncodeReturnsProperLength()
    72. 

  72.     {
    73. 

  73.         // 3 Bytes should result in a 6 char length base64 encoded string
    74. 

  74.         // used for MD5 and PHPass salted hashing
    75. 

  75.         $byteLength = 3;
    76. 

  76.         $reqLengthBase64 = (int)ceil($byteLength * 8 / 6);
    77. 

  77.         $randomBytes = (new Random())->generateRandomBytes($byteLength);
    78. 

  78.         $this->assertTrue(strlen($this->objectInstance->base64Encode($randomBytes, $byteLength)) == $reqLengthBase64);
    79. 

  79.         // 16 Bytes should result in a 22 char length base64 encoded string
    80. 

  80.         // used for Blowfish salted hashing
    81. 

  81.         $byteLength = 16;
    82. 

  82.         $reqLengthBase64 = (int)ceil($byteLength * 8 / 6);
    83. 

  83.         $randomBytes = (new Random())->generateRandomBytes($byteLength);
    84. 

  84.         $this->assertTrue(strlen($this->objectInstance->base64Encode($randomBytes, $byteLength)) == $reqLengthBase64);
    85. 

  85.     }
    86. 

  86. 

  87.     /**
    88. 

  88.      * @test
    89. 

  89.      */
    90. 

  90.     public function objectInstanceForMD5Salts()
    91. 

  91.     {
    92. 

  92.         $saltMD5 = '$1$rasmusle$rISCgZzpwk3UhDidwXvin0';
    93. 

  93.         $this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($saltMD5);
    94. 

  94.         $this->assertTrue(get_class($this->objectInstance) == \TYPO3\CMS\Saltedpasswords\Salt\Md5Salt::class || is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\Md5Salt::class));
    95. 

  95.     }
    96. 

  96. 

  97.     /**
    98. 

  98.      * @test
    99. 

  99.      */
    100. 

  100.     public function objectInstanceForBlowfishSalts()
    101. 

  101.     {
    102. 

  102.         $saltBlowfish = '$2a$07$abcdefghijklmnopqrstuuIdQV69PAxWYTgmnoGpe0Sk47GNS/9ZW';
    103. 

  103.         $this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($saltBlowfish);
    104. 

  104.         $this->assertTrue(get_class($this->objectInstance) == \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class || is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class));
    105. 

  105.     }
    106. 

  106. 

  107.     /**
    108. 

  108.      * @test
    109. 

  109.      */
    110. 

  110.     public function objectInstanceForPhpassSalts()
    111. 

  111.     {
    112. 

  112.         $saltPhpass = '$P$CWF13LlG/0UcAQFUjnnS4LOqyRW43c.';
    113. 

  113.         $this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($saltPhpass);
    114. 

  114.         $this->assertTrue(get_class($this->objectInstance) == \TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::class || is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::class));
    115. 

  115.     }
    116. 

  116. 

  117.     /**
    118. 

  118.      * @test
    119. 

  119.      */
    120. 

  120.     public function objectInstanceForPbkdf2Salts()
    121. 

  121.     {
    122. 

  122.         $saltPbkdf2 = '$pbkdf2-sha256$6400$0ZrzXitFSGltTQnBWOsdAw$Y11AchqV4b0sUisdZd0Xr97KWoymNE0LNNrnEgY4H9M';
    123. 

  123.         $this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($saltPbkdf2);
    124. 

  124.         $this->assertTrue(get_class($this->objectInstance) == \TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt::class || is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt::class));
    125. 

  125.     }
    126. 

  126. 

  127.     /**
    128. 

  128.      * @test
    129. 

  129.      */
    130. 

  130.     public function resettingFactoryInstanceSucceeds()
    131. 

  131.     {
    132. 

  132.         $defaultClassNameToUse = \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::getDefaultSaltingHashingMethod();
    133. 

  133.         if ($defaultClassNameToUse == \TYPO3\CMS\Saltedpasswords\Salt\Md5Salt::class) {
    134. 

  134.             $saltedPW = '$P$CWF13LlG/0UcAQFUjnnS4LOqyRW43c.';
    135. 

  135.         } else {
    136. 

  136.             $saltedPW = '$1$rasmusle$rISCgZzpwk3UhDidwXvin0';
    137. 

  137.         }
    138. 

  138.         $this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($saltedPW);
    139. 

  139.         // resetting
    140. 

  140.         $this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(null);
    141. 

  141.         $this->assertTrue(get_class($this->objectInstance) == $defaultClassNameToUse || is_subclass_of($this->objectInstance, $defaultClassNameToUse));
    142. 

  142.     }
    143. 

  143. }
    144. 

  144.