search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bugfix: trustedproxy is not a delimited pcre
[dokuwiki.git] / _test / tests / inc / auth_password.test.php
blobc7eaa700214fb5ccf37d6b06fa0ec38f6a63dc27
1 <?php
2
3 class auth_password_test extends DokuWikiTest {
4
5 /**
6 * precomputed hashes
7 *
8 * for the password foo$method, using abcdefgh12345678912345678912345678 as salt
9 *
10 * @return array
11 */
12 public function hashes() {
13
14 $passes = array(
15 array('smd5', '$1$abcdefgh$SYbjm2AEvSoHG7Xapi8so.'),
16 array('apr1', '$apr1$abcdefgh$C/GzYTF4kOVByYLEoD5X4.'),
17 array('md5', '8fa22d62408e5351553acdd91c6b7003'),
18 array('sha1', 'b456d3b0efd105d613744ffd549514ecafcfc7e1'),
19 array('ssha', '{SSHA}QMHG+uC7bHNYKkmoLbNsNI38/dJhYmNk'),
20 array('lsmd5', '{SMD5}HGbkPrkWgy9KgcRGWlrsUWFiY2RlZmdo'),
21 array('crypt', 'ablvoGr1hvZ5k'),
22 array('mysql', '4a1fa3780bd6fd55'),
23 array('my411', '*E5929347E25F82E19E4EBE92F1DC6B6E7C2DBD29'),
24 array('kmd5', 'a579299436d7969791189acadd86fcb716'),
25 array('djangomd5', 'md5$abcde$d0fdddeda8cd92725d2b54148ac09158'),
26 array('djangosha1', 'sha1$abcde$c8e65a7f0acc9158843048a53dcc5a6bc4d17678'),
27
28 );
29
30 if(defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
31 // Check SHA512 only if available in this PHP
32 $passes[] = array('sha512', '$6$abcdefgh12345678$J9.zOcgx0lotwZdcz0uulA3IVQMinZvFZVjA5vapRLVAAqtay23XD4xeeUxQ3B4JvDWYFBIxVWW1tOYlHX13k1');
33 }
34 if(function_exists('hash_pbkdf2')) {
35 if(in_array('sha256', hash_algos())) {
36 $passes[] = array('djangopbkdf2_sha256', 'pbkdf2_sha256$24000$abcdefgh1234$R23OyZJ0nGHLG6MvPNfEkV5AOz3jUY5zthByPXs2gn0=');
37 }
38 if(in_array('sha1', hash_algos())) {
39 $passes[] = array('djangopbkdf2_sha1', 'pbkdf2_sha1$24000$abcdefgh1234$pOliX4vV1hgOv7lFNURIHHx41HI=');
40 }
41 }
42 return $passes;
43 }
44
45 /**
46 * @dataProvider hashes
47 * @param $method
48 * @param $hash
49 */
50 function test_cryptPassword($method, $hash) {
51 $this->assertEquals(
52 $hash,
53 auth_cryptPassword('foo' . $method, $method, 'abcdefgh12345678912345678912345678')
54 );
55 }
56
57 /**
58 * @dataProvider hashes
59 * @param $method
60 * @param $hash
61 */
62 function test_verifyPassword($method, $hash) {
63 $this->assertTrue(auth_verifyPassword('foo' . $method, $hash));
64 $this->assertFalse(auth_verifyPassword('bar' . $method, $hash));
65 }
66
67 /**
68 * @dataProvider hashes
69 * @param $method
70 * @param $hash
71 */
72 function test_verifySelf($method, $hash) {
73 $hash = auth_cryptPassword('foo' . $method, $method);
74 $this->assertTrue(auth_verifyPassword('foo' . $method, $hash));
75 }
76
77 function test_bcrypt_self() {
78 $hash = auth_cryptPassword('foobcrypt', 'bcrypt');
79 $this->assertTrue(auth_verifyPassword('foobcrypt', $hash));
80 }
81
82 function test_verifyPassword_fixedbcrypt() {
83 $this->assertTrue(auth_verifyPassword('foobcrypt', '$2a$12$uTWercxbq4sjp2xAzv3we.ZOxk51m5V/Bv5bp2H27oVFJl5neFQoC'));
84 }
85
86 function test_verifyPassword_nohash() {
87 $this->assertTrue(auth_verifyPassword('foo', '$1$$n1rTiFE0nRifwV/43bVon/'));
88 }
89
90 function test_verifyPassword_fixedpmd5() {
91 $this->assertTrue(auth_verifyPassword('test12345', '$P$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0'));
92 $this->assertTrue(auth_verifyPassword('test12345', '$H$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0'));
93 }
94
95 function test_verifypassword_drupal_sha512() {
96 $this->assertTrue(auth_verifypassword('drupal_sha512', '$S$D7JxIm0f7QKO3zjwVS1RH4AW8sYvmLjO0.Rn4swH0JVt6OrZ4yzZ'));
97 }
98
99 function test_verifypassword_drupal_migrated_6to7() {
100 $this->assertTrue(auth_verifypassword('pouette1234', 'U$S$9c47LGZuhR6TvhRQXzymkJIQ3mXthUCc6KDEGTt4B7eOL/H9Ykuy'));
101 }
102
103 function test_verifyPassword_seafilepbkdf2() {
104 $hash='PBKDF2SHA256$10000$99227b6df52aa1394b5ca0aceee2733dd6c2670c85bbe26c751a2c65e79d4db7$d61dd1c4df6873c73813fe97f96d0e917792602a33966f3fab0eef154637cc84';
105 $pw='@STR0NGpassW0RD';
106 $this->assertTrue(auth_verifyPassword($pw, $hash));
107 }
108
109 function test_veryPassword_mediawiki() {
110 $this->assertTrue(auth_verifyPassword('password', ':B:838c83e1:e4ab7024509eef084cdabd03d8b2972c'));
111 }
112
113 /**
114 * pmd5 checking should throw an exception when a hash with a too high
115 * iteration count is passed
116 */
117 function test_verifyPassword_pmd5Exception() {
118 $except = false;
119 try {
120 auth_verifyPassword('foopmd5', '$H$abcdefgh1ZbJodHxmeXVAhEzTG7IAp.');
121 } catch(Exception $e) {
122 $except = true;
123 }
124 $this->assertTrue($except);
125 }
126
127 function test_verifyPassword_sha256_crypt() {
128 if(defined('CRYPT_SHA256') && CRYPT_SHA256 == 1) {
129 $this->assertTrue(auth_verifyPassword('password', '$5$KvtIFskJlsLHR95A$CABu0dPozYsRq/dGNj4KITBQ21ZK.gC9KVXAkYFNE85'));
130 $this->assertTrue(auth_verifyPassword('password', '$5$rounds=1000$FQM/YjSke3Iqsdma$RYwG1MP21u68qUBQKqHoz7GLpWlnA6tunNKMNH3nRh5'));
131 } else {
132 $this->markTestSkipped('SHA256 not available in this PHP environment');
133 }
134 }
135 /**
136 * issue #2629, support PHP's crypt() format (with rounds=0 parameter)
137 */
138 function test_verifyPassword_sha512_crypt() {
139 if(defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
140 $this->assertTrue(auth_verifyPassword('Qwerty123', '$6$rounds=3000$9in6UciYPFG6ydsJ$YBjypQ7XoRqvJoX1a2.spSysSVHcdreVXi1Xh5SyOxo2yNSxDjlUCun2YXrwk9.YP6vmRvCWrhp0fbPgSOT7..'));
141 } else {
142 $this->markTestSkipped('SHA512 not available in this PHP environment');
143 }
144 }
145
146 }