2013-06-15 12:14:16 +02:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @package testing
|
|
|
|
|
* @copyright (c) 2013 phpBB Group
|
|
|
|
|
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
require_once dirname(__FILE__) . '/../mock/container_builder.php';
|
|
|
|
|
require_once dirname(__FILE__) . '/../../phpBB/includes/crypto/driver/bcrypt.php';
|
|
|
|
|
require_once dirname(__FILE__) . '/../../phpBB/includes/crypto/driver/bcrypt_2y.php';
|
|
|
|
|
require_once dirname(__FILE__) . '/../../phpBB/includes/crypto/driver/salted_md5.php';
|
2013-06-15 17:56:29 +02:00
|
|
|
require_once dirname(__FILE__) . '/../../phpBB/includes/crypto/driver/phpass.php';
|
2013-06-15 13:40:14 +02:00
|
|
|
require_once dirname(__FILE__) . '/../../phpBB/includes/crypto/driver/helper.php';
|
2013-06-15 12:14:16 +02:00
|
|
|
|
|
|
|
|
class phpbb_crypto_manager_test extends PHPUnit_Framework_TestCase
|
|
|
|
|
{
|
2013-06-16 23:55:33 +02:00
|
|
|
protected $crypto_drivers;
|
|
|
|
|
|
2013-06-15 12:14:16 +02:00
|
|
|
public function setUp()
|
|
|
|
|
{
|
|
|
|
|
global $phpbb_root_path, $phpEx;
|
|
|
|
|
|
|
|
|
|
// Mock phpbb_container
|
|
|
|
|
$this->phpbb_container = new phpbb_mock_container_builder;
|
|
|
|
|
|
|
|
|
|
// Prepare dependencies for manager and driver
|
|
|
|
|
$config = new phpbb_config(array());
|
|
|
|
|
|
2013-06-16 23:55:33 +02:00
|
|
|
$this->crypto_drivers = array(
|
2013-06-15 12:14:16 +02:00
|
|
|
'crypto.driver.bcrypt' => new phpbb_crypto_driver_bcrypt($config),
|
|
|
|
|
'crypto.driver.bcrypt_2y' => new phpbb_crypto_driver_bcrypt_2y($config),
|
|
|
|
|
'crypto.driver.salted_md5' => new phpbb_crypto_driver_salted_md5($config),
|
2013-06-15 17:56:29 +02:00
|
|
|
'crypto.driver.phpass' => new phpbb_crypto_driver_phpass($config),
|
2013-06-15 12:14:16 +02:00
|
|
|
);
|
|
|
|
|
|
2013-06-16 23:55:33 +02:00
|
|
|
foreach ($this->crypto_drivers as $key => $driver)
|
2013-06-15 12:14:16 +02:00
|
|
|
{
|
|
|
|
|
$this->phpbb_container->set($key, $driver);
|
|
|
|
|
}
|
|
|
|
|
/*
|
|
|
|
|
$config['allow_avatar_' . get_class($this->avatar_foobar)] = true;
|
|
|
|
|
$config['allow_avatar_' . get_class($this->avatar_barfoo)] = false;
|
|
|
|
|
*/
|
|
|
|
|
// Set up avatar manager
|
2013-06-16 23:55:33 +02:00
|
|
|
$this->manager = new phpbb_crypto_manager($config, $this->phpbb_container, $this->crypto_drivers);
|
2013-06-15 12:14:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function hash_password_data()
|
|
|
|
|
{
|
2013-06-15 16:35:27 +02:00
|
|
|
if (version_compare(PHP_VERSION, '5.3.7', '<'))
|
|
|
|
|
{
|
|
|
|
|
return array(
|
|
|
|
|
array('', '2a', 60),
|
|
|
|
|
array('crypto.driver.bcrypt_2y', '2a', 60),
|
|
|
|
|
array('crypto.driver.bcrypt', '2a', 60),
|
|
|
|
|
array('crypto.driver.salted_md5', 'H', 34),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
return array(
|
|
|
|
|
array('', '2y', 60),
|
|
|
|
|
array('crypto.driver.bcrypt_2y', '2y', 60),
|
|
|
|
|
array('crypto.driver.bcrypt', '2a', 60),
|
|
|
|
|
array('crypto.driver.salted_md5', 'H', 34),
|
|
|
|
|
);
|
|
|
|
|
}
|
2013-06-15 12:14:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider hash_password_data
|
|
|
|
|
*/
|
|
|
|
|
public function test_hash_password($type, $prefix, $length)
|
|
|
|
|
{
|
|
|
|
|
$hash = $this->manager->hash_password('foobar', $type);
|
|
|
|
|
preg_match('#^\$([a-zA-Z0-9\\\]*?)\$#', $hash, $match);
|
|
|
|
|
$this->assertEquals($prefix, $match[1]);
|
|
|
|
|
$this->assertEquals($length, strlen($hash));
|
|
|
|
|
}
|
2013-06-15 17:56:29 +02:00
|
|
|
|
|
|
|
|
public function check_password_data()
|
|
|
|
|
{
|
|
|
|
|
if (version_compare(PHP_VERSION, '5.3.7', '<'))
|
|
|
|
|
{
|
|
|
|
|
return array(
|
|
|
|
|
array('foobar', 'crypto.driver.bcrypt'),
|
|
|
|
|
array('foobar', 'crypto.driver.salted_md5'),
|
|
|
|
|
array('barfoo', 'crypto.driver.phpass'),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
return array(
|
|
|
|
|
array('foobar', 'crypto.driver.bcrypt_2y'),
|
|
|
|
|
array('barfoo', 'crypto.driver.bcrypt'),
|
|
|
|
|
array('foobar', 'crypto.driver.salted_md5'),
|
|
|
|
|
array('barfoo', 'crypto.driver.phpass'),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider check_password_data
|
|
|
|
|
*/
|
|
|
|
|
public function test_check_password($password, $hash_type)
|
|
|
|
|
{
|
|
|
|
|
$hash = $this->manager->hash_password($password, $hash_type);
|
|
|
|
|
$test_word = $password;
|
|
|
|
|
$time = microtime(true);
|
|
|
|
|
|
2013-06-27 14:29:23 +02:00
|
|
|
// Limit each test to 1 second
|
|
|
|
|
while ((microtime(true) - $time) < 1)
|
2013-06-15 17:56:29 +02:00
|
|
|
{
|
|
|
|
|
$this->assertEquals($test_word === $password, $this->manager->check_hash($test_word, $hash));
|
|
|
|
|
$test_word = str_shuffle($test_word);
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-06-16 23:55:33 +02:00
|
|
|
|
|
|
|
|
public function test_hash_password_length()
|
|
|
|
|
{
|
|
|
|
|
foreach ($this->crypto_drivers as $driver)
|
|
|
|
|
{
|
|
|
|
|
$this->assertEquals(false, $driver->hash('foobar', 'foobar'));
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-06-27 14:29:23 +02:00
|
|
|
|
|
|
|
|
public function test_combined_hash_data()
|
|
|
|
|
{
|
|
|
|
|
return array(
|
|
|
|
|
array(
|
|
|
|
|
'crypto.driver.salted_md5',
|
2013-06-27 16:14:08 +02:00
|
|
|
array('crypto.driver.bcrypt_2y'),
|
2013-06-27 14:29:23 +02:00
|
|
|
),
|
|
|
|
|
array(
|
|
|
|
|
'crypto.driver.salted_md5',
|
|
|
|
|
array('crypto.driver.bcrypt'),
|
|
|
|
|
),
|
|
|
|
|
array(
|
|
|
|
|
'crypto.driver.phpass',
|
|
|
|
|
array('crypto.driver.salted_md5'),
|
|
|
|
|
),
|
2013-06-27 16:14:08 +02:00
|
|
|
array(
|
|
|
|
|
'crypto.driver.salted_md5',
|
|
|
|
|
array('crypto.driver.bcrypt_2y', 'crypto.driver.bcrypt'),
|
|
|
|
|
),
|
2013-06-27 14:29:23 +02:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider test_combined_hash_data
|
|
|
|
|
*/
|
|
|
|
|
public function test_combined_hash_password($first_type, $second_type)
|
|
|
|
|
{
|
|
|
|
|
$password = 'foobar';
|
|
|
|
|
$test_word = $password;
|
|
|
|
|
$hash = $this->manager->hash_password($password, $first_type);
|
|
|
|
|
$combined_hash = $this->manager->hash_password($hash, $second_type);
|
|
|
|
|
|
|
|
|
|
$time = microtime(true);
|
|
|
|
|
// Limit each test to 1 second
|
|
|
|
|
while ((microtime(true) - $time) < 1)
|
|
|
|
|
{
|
|
|
|
|
$this->assertEquals(($test_word === $password), $this->manager->check_hash($test_word, $combined_hash));
|
|
|
|
|
$test_word = str_shuffle($test_word);
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-06-15 12:14:16 +02:00
|
|
|
}
|
