diff options
Diffstat (limited to 'tests/lib/Security/HasherTest.php')
| -rw-r--r-- | tests/lib/Security/HasherTest.php | 77 |
1 files changed, 45 insertions, 32 deletions
diff --git a/tests/lib/Security/HasherTest.php b/tests/lib/Security/HasherTest.php index 3848b216f2b..33130f86a73 100644 --- a/tests/lib/Security/HasherTest.php +++ b/tests/lib/Security/HasherTest.php @@ -3,10 +3,9 @@ declare(strict_types=1); /** - * Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com> - * This file is licensed under the Affero General Public License version 3 or - * later. - * See the COPYING-README file. + * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace Test\Security; @@ -18,10 +17,7 @@ use OCP\IConfig; * Class HasherTest */ class HasherTest extends \Test\TestCase { - /** - * @return array - */ - public function versionHashProvider() { + public static function versionHashProvider(): array { return [ ['asf32äà$$a.|3', null], ['asf32äà$$a.|3|5', null], @@ -31,7 +27,7 @@ class HasherTest extends \Test\TestCase { ]; } - public function hashProviders70_71(): array { + public static function hashProviders70_71(): array { return [ // Valid SHA1 strings ['password', '5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8', true], @@ -67,7 +63,7 @@ class HasherTest extends \Test\TestCase { ]; } - public function hashProviders72(): array { + public static function hashProviders72(): array { return [ // Valid ARGON2 hashes ['password', '2|$argon2i$v=19$m=1024,t=2,p=2$T3JGcEkxVFNOVktNSjZUcg$4/hyLtSejxNgAuzSFFV/HLM3qRQKBwEtKw61qPN4zWA', true], @@ -84,7 +80,7 @@ class HasherTest extends \Test\TestCase { ]; } - public function hashProviders73(): array { + public static function hashProviders73(): array { return [ // Valid ARGON2ID hashes ['password', '2|$argon2id$v=19$m=65536,t=4,p=1$TEtIMnhUczliQzI0Y01WeA$BpMUDrApy25iagIogUAnlc0rNTPJmGs8lOEeVHujJ9Q', true], @@ -123,24 +119,20 @@ class HasherTest extends \Test\TestCase { $this->hasher = new Hasher($this->config); } - public function testHash() { + public function testHash(): void { $hash = $this->hasher->hash('String To Hash'); $this->assertNotNull($hash); } - /** - * @dataProvider versionHashProvider - */ - public function testSplitHash($hash, $expected) { + #[\PHPUnit\Framework\Attributes\DataProvider('versionHashProvider')] + public function testSplitHash($hash, $expected): void { $relativePath = self::invokePrivate($this->hasher, 'splitHash', [$hash]); $this->assertSame($expected, $relativePath); } - /** - * @dataProvider hashProviders70_71 - */ - public function testVerify($password, $hash, $expected) { + #[\PHPUnit\Framework\Attributes\DataProvider('hashProviders70_71')] + public function testVerify($password, $hash, $expected): void { $this->config ->expects($this->any()) ->method('getSystemValue') @@ -155,10 +147,8 @@ class HasherTest extends \Test\TestCase { $this->assertSame($expected, $result); } - /** - * @dataProvider hashProviders72 - */ - public function testVerifyArgon2i($password, $hash, $expected) { + #[\PHPUnit\Framework\Attributes\DataProvider('hashProviders72')] + public function testVerifyArgon2i($password, $hash, $expected): void { if (!\defined('PASSWORD_ARGON2I')) { $this->markTestSkipped('Need ARGON2 support to test ARGON2 hashes'); } @@ -167,10 +157,8 @@ class HasherTest extends \Test\TestCase { $this->assertSame($expected, $result); } - /** - * @dataProvider hashProviders73 - */ - public function testVerifyArgon2id(string $password, string $hash, bool $expected) { + #[\PHPUnit\Framework\Attributes\DataProvider('hashProviders73')] + public function testVerifyArgon2id(string $password, string $hash, bool $expected): void { if (!\defined('PASSWORD_ARGON2ID')) { $this->markTestSkipped('Need ARGON2ID support to test ARGON2ID hashes'); } @@ -179,7 +167,7 @@ class HasherTest extends \Test\TestCase { $this->assertSame($expected, $result); } - public function testUpgradeHashBlowFishToArgon2() { + public function testUpgradeHashBlowFishToArgon2(): void { if (!\defined('PASSWORD_ARGON2I')) { $this->markTestSkipped('Need ARGON2 support to test ARGON2 hashes'); } @@ -204,7 +192,7 @@ class HasherTest extends \Test\TestCase { $this->assertFalse(password_needs_rehash($relativePath['hash'], $newAlg, [])); } - public function testUsePasswordDefaultArgon2iVerify() { + public function testUsePasswordDefaultArgon2iVerify(): void { if (!\defined('PASSWORD_ARGON2I')) { $this->markTestSkipped('Need ARGON2 support to test ARGON2 hashes'); } @@ -228,7 +216,7 @@ class HasherTest extends \Test\TestCase { $this->assertTrue(password_verify($message, $relativePath['hash'])); } - public function testDoNotUsePasswordDefaultArgon2idVerify() { + public function testDoNotUsePasswordDefaultArgon2idVerify(): void { if (!\defined('PASSWORD_ARGON2ID')) { $this->markTestSkipped('Need ARGON2ID support to test ARGON2ID hashes'); } @@ -246,7 +234,7 @@ class HasherTest extends \Test\TestCase { $this->assertNull($newHash); } - public function testHashUsePasswordDefault() { + public function testHashUsePasswordDefault(): void { if (!\defined('PASSWORD_ARGON2I')) { $this->markTestSkipped('Need ARGON2 support to test ARGON2 hashes'); } @@ -265,4 +253,29 @@ class HasherTest extends \Test\TestCase { $info = password_get_info($relativePath['hash']); $this->assertEquals(PASSWORD_BCRYPT, $info['algo']); } + + public function testValidHash(): void { + $hash = '3|$argon2id$v=19$m=65536,t=4,p=1$czFCSjk3LklVdXppZ2VCWA$li0NgdXe2/jwSRxgteGQPWlzJU0E0xdtfHbCbrpych0'; + + $isValid = $this->hasher->validate($hash); + + $this->assertTrue($isValid); + } + + public function testValidGeneratedHash(): void { + $message = 'secret'; + $hash = $this->hasher->hash($message); + + $isValid = $this->hasher->validate($hash); + + $this->assertTrue($isValid); + } + + public function testInvalidHash(): void { + $invalidHash = 'someInvalidHash'; + + $isValid = $this->hasher->validate($invalidHash); + + $this->assertFalse($isValid); + } } |