diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2020-01-29 21:39:58 +0100 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2020-02-03 21:41:17 +0100 |
commit | 0d651f106c3bd317835c15cc82f3689d71432d48 (patch) | |
tree | 24e19f1378cd7f5aa9f26e882b5d1fac2478ff8c /tests/lib | |
parent | 4503cff51a5a075291ac63d1ae5472ae49b97679 (diff) | |
download | nextcloud-server-0d651f106c3bd317835c15cc82f3689d71432d48.tar.gz nextcloud-server-0d651f106c3bd317835c15cc82f3689d71432d48.zip |
Allow selecting the hashing algorithm
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'tests/lib')
-rw-r--r-- | tests/lib/Security/HasherTest.php | 65 |
1 files changed, 63 insertions, 2 deletions
diff --git a/tests/lib/Security/HasherTest.php b/tests/lib/Security/HasherTest.php index 3222b5d0984..e680efb19b6 100644 --- a/tests/lib/Security/HasherTest.php +++ b/tests/lib/Security/HasherTest.php @@ -126,8 +126,12 @@ class HasherTest extends \Test\TestCase { $this->config ->expects($this->any()) ->method('getSystemValue') - ->with('passwordsalt', null) - ->will($this->returnValue('6Wow67q1wZQZpUUeI6G2LsWUu4XKx')); + ->willReturnCallback(function ($key, $default) { + if($key === 'passwordsalt') { + return '6Wow67q1wZQZpUUeI6G2LsWUu4XKx'; + } + return $default; + }); $result = $this->hasher->verify($password, $hash); $this->assertSame($expected, $result); @@ -162,4 +166,61 @@ class HasherTest extends \Test\TestCase { $this->assertFalse(password_needs_rehash($relativePath['hash'], PASSWORD_ARGON2I, [])); } + + public function testUsePasswordDefaultArgon2iVerify() { + if (!\defined('PASSWORD_ARGON2I')) { + $this->markTestSkipped('Need ARGON2 support to test ARGON2 hashes'); + } + + $this->config->method('getSystemValue') + ->with('hashing_default_password') + ->willReturn(true); + + $message = 'mysecret'; + + $argon2i = 2 . '|' . password_hash($message, PASSWORD_ARGON2I, []); + + $newHash = null; + $this->assertTrue($this->hasher->verify($message, $argon2i, $newHash)); + $this->assertNotNull($newHash); + } + + public function testDoNotUserPasswordDefaultArgon2iVerify() { + if (!\defined('PASSWORD_ARGON2I')) { + $this->markTestSkipped('Need ARGON2 support to test ARGON2 hashes'); + } + + $this->config->method('getSystemValue') + ->with('hashing_default_password') + ->willReturn(false); + + $message = 'mysecret'; + + $argon2i = 2 . '|' . password_hash($message, PASSWORD_ARGON2I, []); + + $newHash = null; + $this->assertTrue($this->hasher->verify($message, $argon2i, $newHash)); + $this->assertNull($newHash); + } + + public function testHashUsePasswordDefault() { + if (!\defined('PASSWORD_ARGON2I')) { + $this->markTestSkipped('Need ARGON2 support to test ARGON2 hashes'); + } + + $this->config->method('getSystemValue') + ->with('hashing_default_password') + ->willReturn(true); + + $message = 'mysecret'; + + $hash = $this->hasher->hash($message); + $relativePath = self::invokePrivate($this->hasher, 'splitHash', [$hash]); + + $this->assertSame(1, $relativePath['version']); + + $info = password_get_info($relativePath['hash']); + $this->assertEquals(PASSWORD_BCRYPT, $info['algo']); + + } } |