xref: /dokuwiki/_test/tests/inc/auth_password.test.php (revision 363404184fcd4ec7b0149662d99a22f2cc78020b) 
1f2ae886aSAndreas Gohr<?php
2f2ae886aSAndreas Gohr
3*36340418SAndreas Gohrclass auth_password_test extends DokuWikiTest {
4f2ae886aSAndreas Gohr
5f2ae886aSAndreas Gohr    // hashes for the password foo$method, using abcdefgh as salt
6f2ae886aSAndreas Gohr    var $passes = array(
7f2ae886aSAndreas Gohr        'smd5'  => '$1$abcdefgh$SYbjm2AEvSoHG7Xapi8so.',
8f2ae886aSAndreas Gohr        'apr1'  => '$apr1$abcdefgh$C/GzYTF4kOVByYLEoD5X4.',
9f2ae886aSAndreas Gohr        'md5'   => '8fa22d62408e5351553acdd91c6b7003',
10f2ae886aSAndreas Gohr        'sha1'  => 'b456d3b0efd105d613744ffd549514ecafcfc7e1',
11f2ae886aSAndreas Gohr        'ssha'  => '{SSHA}QMHG+uC7bHNYKkmoLbNsNI38/dJhYmNk',
12f2ae886aSAndreas Gohr        'lsmd5' => '{SMD5}HGbkPrkWgy9KgcRGWlrsUWFiY2RlZmdo',
13f2ae886aSAndreas Gohr        'crypt' => 'ablvoGr1hvZ5k',
14f2ae886aSAndreas Gohr        'mysql' => '4a1fa3780bd6fd55',
15f2ae886aSAndreas Gohr        'my411' => '*e5929347e25f82e19e4ebe92f1dc6b6e7c2dbd29',
16f2ae886aSAndreas Gohr        'kmd5'  => 'a579299436d7969791189acadd86fcb716',
17f2ae886aSAndreas Gohr        'djangomd5'  => 'md5$abcde$d0fdddeda8cd92725d2b54148ac09158',
18f2ae886aSAndreas Gohr        'djangosha1' => 'sha1$abcde$c8e65a7f0acc9158843048a53dcc5a6bc4d17678',
19dfbe4adfSAndreas Gohr        'sha512' => '$6$abcdefgh12345678$J9.zOcgx0lotwZdcz0uulA3IVQMinZvFZVjA5vapRLVAAqtay23XD4xeeUxQ3B4JvDWYFBIxVWW1tOYlHX13k1'
20f2ae886aSAndreas Gohr    );
21f2ae886aSAndreas Gohr
22f2ae886aSAndreas Gohr
23f2ae886aSAndreas Gohr    function test_cryptPassword(){
24f2ae886aSAndreas Gohr        foreach($this->passes as $method => $hash){
25f2ae886aSAndreas Gohr            $info = "testing method $method";
26f2ae886aSAndreas Gohr            $this->assertEquals(auth_cryptPassword('foo'.$method, $method,'abcdefgh12345678912345678912345678'),
27f2ae886aSAndreas Gohr                $hash, $info);
28f2ae886aSAndreas Gohr        }
29f2ae886aSAndreas Gohr    }
30f2ae886aSAndreas Gohr
31f2ae886aSAndreas Gohr    function test_verifyPassword(){
32f2ae886aSAndreas Gohr        foreach($this->passes as $method => $hash){
33f2ae886aSAndreas Gohr            $info = "testing method $method";
34f2ae886aSAndreas Gohr            $this->assertTrue(auth_verifyPassword('foo'.$method, $hash), $info);
351831d8a0SAndreas Gohr            $this->assertFalse(auth_verifyPassword('bar'.$method, $hash), $info);
36f2ae886aSAndreas Gohr        }
37f2ae886aSAndreas Gohr    }
38f2ae886aSAndreas Gohr
39f2ae886aSAndreas Gohr    function test_verifySelf(){
40f2ae886aSAndreas Gohr        foreach($this->passes as $method => $hash){
41f2ae886aSAndreas Gohr            $info = "testing method $method";
42f2ae886aSAndreas Gohr            $hash = auth_cryptPassword('foo'.$method,$method);
43f2ae886aSAndreas Gohr            $this->assertTrue(auth_verifyPassword('foo'.$method, $hash), $info);
44f2ae886aSAndreas Gohr        }
45f2ae886aSAndreas Gohr    }
46f2ae886aSAndreas Gohr
47f2ae886aSAndreas Gohr    function test_bcrypt_self(){
48f2ae886aSAndreas Gohr        $hash = auth_cryptPassword('foobcrypt','bcrypt');
49f2ae886aSAndreas Gohr        $this->assertTrue(auth_verifyPassword('foobcrypt',$hash));
50f2ae886aSAndreas Gohr    }
51f2ae886aSAndreas Gohr
52f2ae886aSAndreas Gohr    function test_verifyPassword_fixedbcrypt(){
53f2ae886aSAndreas Gohr        $this->assertTrue(auth_verifyPassword('foobcrypt','$2a$12$uTWercxbq4sjp2xAzv3we.ZOxk51m5V/Bv5bp2H27oVFJl5neFQoC'));
54f2ae886aSAndreas Gohr    }
55f2ae886aSAndreas Gohr
56f2ae886aSAndreas Gohr    function test_verifyPassword_nohash(){
57f2ae886aSAndreas Gohr        $this->assertTrue(auth_verifyPassword('foo','$1$$n1rTiFE0nRifwV/43bVon/'));
58f2ae886aSAndreas Gohr    }
59f2ae886aSAndreas Gohr
60f2ae886aSAndreas Gohr    function test_verifyPassword_fixedpmd5(){
61f2ae886aSAndreas Gohr        $this->assertTrue(auth_verifyPassword('test12345','$P$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0'));
62f2ae886aSAndreas Gohr        $this->assertTrue(auth_verifyPassword('test12345','$H$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0'));
63f2ae886aSAndreas Gohr    }
64f2ae886aSAndreas Gohr
65529b0416SAndreas Gohr    function test_veryPassword_mediawiki(){
66529b0416SAndreas Gohr        $this->assertTrue(auth_verifyPassword('password', ':B:838c83e1:e4ab7024509eef084cdabd03d8b2972c'));
67529b0416SAndreas Gohr    }
68529b0416SAndreas Gohr
69529b0416SAndreas Gohr
701831d8a0SAndreas Gohr    /**
711831d8a0SAndreas Gohr     * pmd5 checking should throw an exception when a hash with a too high
721831d8a0SAndreas Gohr     * iteration count is passed
731831d8a0SAndreas Gohr     */
741831d8a0SAndreas Gohr    function test_verifyPassword_pmd5Exception(){
751831d8a0SAndreas Gohr        $except = false;
761831d8a0SAndreas Gohr        try{
771831d8a0SAndreas Gohr            auth_verifyPassword('foopmd5', '$H$abcdefgh1ZbJodHxmeXVAhEzTG7IAp.');
781831d8a0SAndreas Gohr        }catch (Exception $e){
791831d8a0SAndreas Gohr            $except = true;
801831d8a0SAndreas Gohr        }
811831d8a0SAndreas Gohr        $this->assertTrue($except);
821831d8a0SAndreas Gohr    }
831831d8a0SAndreas Gohr
84f2ae886aSAndreas Gohr}
85f2ae886aSAndreas Gohr
86f2ae886aSAndreas Gohr//Setup VIM: ex: et ts=4 :
87