xref: /dokuwiki/_test/tests/inc/auth_password.test.php (revision f461b96d476f9ab838d4503a50f28a9b82b23a4f) 
1<?php
2
3class auth_password_test extends DokuWikiTest {
4
5    // hashes for the password foo$method, using abcdefgh as salt
6    var $passes = array(
7        'smd5'  => '$1$abcdefgh$SYbjm2AEvSoHG7Xapi8so.',
8        'apr1'  => '$apr1$abcdefgh$C/GzYTF4kOVByYLEoD5X4.',
9        'md5'   => '8fa22d62408e5351553acdd91c6b7003',
10        'sha1'  => 'b456d3b0efd105d613744ffd549514ecafcfc7e1',
11        'ssha'  => '{SSHA}QMHG+uC7bHNYKkmoLbNsNI38/dJhYmNk',
12        'lsmd5' => '{SMD5}HGbkPrkWgy9KgcRGWlrsUWFiY2RlZmdo',
13        'crypt' => 'ablvoGr1hvZ5k',
14        'mysql' => '4a1fa3780bd6fd55',
15        'my411' => '*e5929347e25f82e19e4ebe92f1dc6b6e7c2dbd29',
16        'kmd5'  => 'a579299436d7969791189acadd86fcb716',
17        'djangomd5'  => 'md5$abcde$d0fdddeda8cd92725d2b54148ac09158',
18        'djangosha1' => 'sha1$abcde$c8e65a7f0acc9158843048a53dcc5a6bc4d17678',
19
20    );
21
22    function __construct() {
23        if(defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
24            // Check SHA512 only if available in this PHP
25            $this->passes['sha512'] = '$6$abcdefgh12345678$J9.zOcgx0lotwZdcz0uulA3IVQMinZvFZVjA5vapRLVAAqtay23XD4xeeUxQ3B4JvDWYFBIxVWW1tOYlHX13k1';
26        }
27    }
28
29
30    function test_cryptPassword(){
31        foreach($this->passes as $method => $hash){
32            $info = "testing method $method";
33            $this->assertEquals(auth_cryptPassword('foo'.$method, $method,'abcdefgh12345678912345678912345678'),
34                $hash, $info);
35        }
36    }
37
38    function test_verifyPassword(){
39        foreach($this->passes as $method => $hash){
40            $info = "testing method $method";
41            $this->assertTrue(auth_verifyPassword('foo'.$method, $hash), $info);
42            $this->assertFalse(auth_verifyPassword('bar'.$method, $hash), $info);
43        }
44    }
45
46    function test_verifySelf(){
47        foreach($this->passes as $method => $hash){
48            $info = "testing method $method";
49            $hash = auth_cryptPassword('foo'.$method,$method);
50            $this->assertTrue(auth_verifyPassword('foo'.$method, $hash), $info);
51        }
52    }
53
54    function test_bcrypt_self(){
55        $hash = auth_cryptPassword('foobcrypt','bcrypt');
56        $this->assertTrue(auth_verifyPassword('foobcrypt',$hash));
57    }
58
59    function test_verifyPassword_fixedbcrypt(){
60        $this->assertTrue(auth_verifyPassword('foobcrypt','$2a$12$uTWercxbq4sjp2xAzv3we.ZOxk51m5V/Bv5bp2H27oVFJl5neFQoC'));
61    }
62
63    function test_verifyPassword_nohash(){
64        $this->assertTrue(auth_verifyPassword('foo','$1$$n1rTiFE0nRifwV/43bVon/'));
65    }
66
67    function test_verifyPassword_fixedpmd5(){
68        $this->assertTrue(auth_verifyPassword('test12345','$P$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0'));
69        $this->assertTrue(auth_verifyPassword('test12345','$H$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0'));
70    }
71
72    function test_veryPassword_mediawiki(){
73        $this->assertTrue(auth_verifyPassword('password', ':B:838c83e1:e4ab7024509eef084cdabd03d8b2972c'));
74    }
75
76
77    /**
78     * pmd5 checking should throw an exception when a hash with a too high
79     * iteration count is passed
80     */
81    function test_verifyPassword_pmd5Exception(){
82        $except = false;
83        try{
84            auth_verifyPassword('foopmd5', '$H$abcdefgh1ZbJodHxmeXVAhEzTG7IAp.');
85        }catch (Exception $e){
86            $except = true;
87        }
88        $this->assertTrue($except);
89    }
90
91}
92
93//Setup VIM: ex: et ts=4 :
94