1<?php 2 3class auth_password_test extends DokuWikiTest { 4 5 // hashes for the password foo$method, using abcdefgh12345678912345678912345678 as salt 6 var $passes = array( 7 'smd5' => '$1$abcdefgh$SYbjm2AEvSoHG7Xapi8so.', 8 'apr1' => '$apr1$abcdefgh$C/GzYTF4kOVByYLEoD5X4.', 9 'md5' => '8fa22d62408e5351553acdd91c6b7003', 10 'sha1' => 'b456d3b0efd105d613744ffd549514ecafcfc7e1', 11 'ssha' => '{SSHA}QMHG+uC7bHNYKkmoLbNsNI38/dJhYmNk', 12 'lsmd5' => '{SMD5}HGbkPrkWgy9KgcRGWlrsUWFiY2RlZmdo', 13 'crypt' => 'ablvoGr1hvZ5k', 14 'mysql' => '4a1fa3780bd6fd55', 15 'my411' => '*E5929347E25F82E19E4EBE92F1DC6B6E7C2DBD29', 16 'kmd5' => 'a579299436d7969791189acadd86fcb716', 17 'djangomd5' => 'md5$abcde$d0fdddeda8cd92725d2b54148ac09158', 18 'djangosha1' => 'sha1$abcde$c8e65a7f0acc9158843048a53dcc5a6bc4d17678', 19 20 ); 21 22 function __construct() { 23 if(defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) { 24 // Check SHA512 only if available in this PHP 25 $this->passes['sha512'] = '$6$abcdefgh12345678$J9.zOcgx0lotwZdcz0uulA3IVQMinZvFZVjA5vapRLVAAqtay23XD4xeeUxQ3B4JvDWYFBIxVWW1tOYlHX13k1'; 26 } 27 if(function_exists('hash_pbkdf2')) { 28 if(in_array('sha256', hash_algos())) { 29 $this->passes['djangopbkdf2_sha256'] = 'pbkdf2_sha256$24000$abcdefgh1234$R23OyZJ0nGHLG6MvPNfEkV5AOz3jUY5zthByPXs2gn0='; 30 } 31 if(in_array('sha1', hash_algos())) { 32 $this->passes['djangopbkdf2_sha1'] = 'pbkdf2_sha1$24000$abcdefgh1234$pOliX4vV1hgOv7lFNURIHHx41HI='; 33 } 34 } 35 } 36 37 38 function test_cryptPassword(){ 39 foreach($this->passes as $method => $hash){ 40 $info = "testing method $method"; 41 $this->assertEquals( 42 $hash, 43 auth_cryptPassword('foo'.$method, $method,'abcdefgh12345678912345678912345678'), 44 $info); 45 } 46 } 47 48 function test_verifyPassword(){ 49 foreach($this->passes as $method => $hash){ 50 $info = "testing method $method"; 51 $this->assertTrue(auth_verifyPassword('foo'.$method, $hash), $info); 52 $this->assertFalse(auth_verifyPassword('bar'.$method, $hash), $info); 53 } 54 } 55 56 function test_verifySelf(){ 57 foreach($this->passes as $method => $hash){ 58 $info = "testing method $method"; 59 $hash = auth_cryptPassword('foo'.$method,$method); 60 $this->assertTrue(auth_verifyPassword('foo'.$method, $hash), $info); 61 } 62 } 63 64 function test_bcrypt_self(){ 65 $hash = auth_cryptPassword('foobcrypt','bcrypt'); 66 $this->assertTrue(auth_verifyPassword('foobcrypt',$hash)); 67 } 68 69 function test_verifyPassword_fixedbcrypt(){ 70 $this->assertTrue(auth_verifyPassword('foobcrypt','$2a$12$uTWercxbq4sjp2xAzv3we.ZOxk51m5V/Bv5bp2H27oVFJl5neFQoC')); 71 } 72 73 function test_verifyPassword_nohash(){ 74 $this->assertTrue(auth_verifyPassword('foo','$1$$n1rTiFE0nRifwV/43bVon/')); 75 } 76 77 function test_verifyPassword_fixedpmd5(){ 78 $this->assertTrue(auth_verifyPassword('test12345','$P$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0')); 79 $this->assertTrue(auth_verifyPassword('test12345','$H$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0')); 80 } 81 82 function test_veryPassword_mediawiki(){ 83 $this->assertTrue(auth_verifyPassword('password', ':B:838c83e1:e4ab7024509eef084cdabd03d8b2972c')); 84 } 85 86 87 /** 88 * pmd5 checking should throw an exception when a hash with a too high 89 * iteration count is passed 90 */ 91 function test_verifyPassword_pmd5Exception(){ 92 $except = false; 93 try{ 94 auth_verifyPassword('foopmd5', '$H$abcdefgh1ZbJodHxmeXVAhEzTG7IAp.'); 95 }catch (Exception $e){ 96 $except = true; 97 } 98 $this->assertTrue($except); 99 } 100 101} 102 103//Setup VIM: ex: et ts=4 : 104