1f1b824b5SAndreas Gohr<?php 2f1b824b5SAndreas Gohr 3f1b824b5SAndreas Gohr/** 4f1b824b5SAndreas Gohr * Class PassHash_test 5f1b824b5SAndreas Gohr * 6f1b824b5SAndreas Gohr * most tests are in auth_password.test.php 7f1b824b5SAndreas Gohr */ 836340418SAndreas Gohrclass PassHash_test extends DokuWikiTest { 9f1b824b5SAndreas Gohr 10f1b824b5SAndreas Gohr function test_hmac(){ 11f1b824b5SAndreas Gohr // known hashes taken from https://code.google.com/p/yii/issues/detail?id=1942 12f1b824b5SAndreas Gohr $this->assertEquals('df08aef118f36b32e29d2f47cda649b6', PassHash::hmac('md5','data','secret')); 13f1b824b5SAndreas Gohr $this->assertEquals('9818e3306ba5ac267b5f2679fe4abd37e6cd7b54', PassHash::hmac('sha1','data','secret')); 14f1b824b5SAndreas Gohr 15f1b824b5SAndreas Gohr // known hashes from https://en.wikipedia.org/wiki/Hash-based_message_authentication_code 16f1b824b5SAndreas Gohr $this->assertEquals('74e6f7298a9c2d168935f58c001bad88', PassHash::hmac('md5','','')); 17f1b824b5SAndreas Gohr $this->assertEquals('fbdb1d1b18aa6c08324b7d64b71fb76370690e1d', PassHash::hmac('sha1','','')); 18f1b824b5SAndreas Gohr $this->assertEquals('80070713463e7749b90c2dc24911e275', PassHash::hmac('md5','The quick brown fox jumps over the lazy dog','key')); 19f1b824b5SAndreas Gohr $this->assertEquals('de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9', PassHash::hmac('sha1','The quick brown fox jumps over the lazy dog','key')); 20*924cc11cSAndreas Gohr } 21f1b824b5SAndreas Gohr 22*924cc11cSAndreas Gohr function test_djangopbkdf2() { 23*924cc11cSAndreas Gohr if(!function_exists('hash_pbkdf2') || !in_array('sha256', hash_algos())){ 24*924cc11cSAndreas Gohr $this->markTestSkipped('missing hash functions for djangopbkdf2 password tests'); 25*924cc11cSAndreas Gohr return; 26*924cc11cSAndreas Gohr } 27*924cc11cSAndreas Gohr 28*924cc11cSAndreas Gohr $ph = new PassHash(); 29*924cc11cSAndreas Gohr $knownpasses = array ( 30*924cc11cSAndreas Gohr 'pbkdf2_sha256$24000$LakQQ2OOTO1v$dmUgz8V7zcpaoBSA3MV76J5a4rzrszF0NpxGx6HRBbE=', 31*924cc11cSAndreas Gohr 'pbkdf2_sha256$24000$PXogIZpE4gaK$F/P/L5SRrbb6taOGEr4w6DhxjMzNAj1jEWTPyAUn8WU=', 32*924cc11cSAndreas Gohr 'pbkdf2_sha256$24000$vtn5APnhirmB$/jzJXYvm78X8/FCOMhGUmcCy0iWhtk0L1hcBWN1AYZc=', 33*924cc11cSAndreas Gohr 'pbkdf2_sha256$24000$meyCtGKrS5Ai$vkMfMzB/yGFKplmXujgtfl3OGR27AwOQmP+YeRP6lbw=', 34*924cc11cSAndreas Gohr 'pbkdf2_sha256$24000$M8ecC8zfqLmJ$l6cIa/Od+m56VMm9hJbdPNhTXZykPVbUGGTPx7/VRE4=', 35*924cc11cSAndreas Gohr ); 36*924cc11cSAndreas Gohr foreach($knownpasses as $known) { 37*924cc11cSAndreas Gohr $this->assertTrue($ph->verify_hash('P4zzW0rd!', $known)); 38*924cc11cSAndreas Gohr } 39f1b824b5SAndreas Gohr } 40f1b824b5SAndreas Gohr} 41