Ignore:
Timestamp:
Aug 12, 2015 12:22:54 AM (9 years ago)
Author:
anonymous
Message:

v2.2.0-3: Fixed auth password hashing verification issues. Updated hyperlinkTxt() with option. Updated tests.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/AuthSQLTest.php

    r479 r541  
    7171        ");
    7272        $_SESSION = AuthSQLTest::$shared_session;
     73
     74        // Sessions require client IP addr.
     75        $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
    7376    }
    7477
     
    206209    function test_generatepassword()
    207210    {
    208         $result = $this->Auth_SQL->generatepassword('xCVcvd');
    209         $this->assertRegExp('/[bcdfghjklmnprstvwxzBCDFGHJKLMNPRSTVWXZaeiouyAEIOUY0123456789!@#%&*-=+.?][bcdfghjklmnprstvwxzBCDFGHJKLMNPRSTVWXZ][aeiouyAEIOUY][bcdfghjklmnprstvwxz][aeiouy][0123456789]/', $result, 'Generated password does not match intended pattern');
     211        $result = $this->Auth_SQL->generatepassword(10);
     212        $this->assertEquals(14, strlen($result));
    210213    }
    211214
    212215    function test_encryptpassword()
    213216    {
    214         $this->Auth_SQL->setParam(array('encryption_type' => Auth_SQL::ENCRYPT_MD5));
    215         $result = $this->Auth_SQL->encryptpassword('123');
     217        $result = $this->Auth_SQL->encryptpassword('123', null, Auth_SQL::ENCRYPT_MD5);
    216218        $this->assertEquals('202cb962ac59075b964b07152d234b70', $result);
    217 
    218         $this->Auth_SQL->setParam(array('encryption_type' => Auth_SQL::ENCRYPT_MD5_HARDENED));
    219         $result = $this->Auth_SQL->encryptpassword('123');
    220         $this->assertEquals('c55e4ac608a8768ecd758fab971b0646', $result);
    221 
    222         $this->Auth_SQL->setParam(array('encryption_type' => Auth_SQL::ENCRYPT_SHA1));
    223         $result = $this->Auth_SQL->encryptpassword('123');
     219        $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_MD5));
     220
     221        $result = $this->Auth_SQL->encryptpassword('123', null, Auth_SQL::ENCRYPT_MD5_HARDENED);
     222        $this->assertEquals('1f0f8d357a96eb97f24371ebf53dcaf6', $result);
     223        $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_MD5_HARDENED));
     224
     225        $result = $this->Auth_SQL->encryptpassword('123', null, Auth_SQL::ENCRYPT_SHA1);
    224226        $this->assertEquals('40bd001563085fc35165329ea1ff5c5ecbdbbeef', $result);
    225 
    226         $this->Auth_SQL->setParam(array('encryption_type' => Auth_SQL::ENCRYPT_SHA1_HARDENED));
    227         $result = $this->Auth_SQL->encryptpassword('123');
    228         $this->assertEquals('33d90af96a5928ac93cbd41fc436e8c55d2768c2', $result);
    229 
    230         $this->Auth_SQL->setParam(array('encryption_type' => Auth_SQL::ENCRYPT_PLAINTEXT));
    231         $result = $this->Auth_SQL->encryptpassword('123');
     227        $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_SHA1));
     228
     229        $result = $this->Auth_SQL->encryptpassword('123', null, Auth_SQL::ENCRYPT_SHA1_HARDENED);
     230        $this->assertEquals('1d086fcae3dd941e0f1371148502d03e96ab536f', $result);
     231        $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_SHA1_HARDENED));
     232
     233        $result = $this->Auth_SQL->encryptpassword('123', null, Auth_SQL::ENCRYPT_PLAINTEXT);
    232234        $this->assertEquals('123', $result);
    233 
    234         $this->Auth_SQL->setParam(array('encryption_type' => Auth_SQL::ENCRYPT_CRYPT));
    235         $result = $this->Auth_SQL->encryptpassword('123', 'saltstring');
    236         $this->assertEquals('saEZ6MlWYV9nQ', $result);
     235        $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_PLAINTEXT));
     236
     237        $result = $this->Auth_SQL->encryptpassword('123', 'saltstring', Auth_SQL::ENCRYPT_CRYPT);
     238        $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_CRYPT));
     239
     240        if (function_exists('password_hash')) {
     241            // Only available in PHP >= 5.5
     242            $result = $this->Auth_SQL->encryptpassword('123', 'saltstring', Auth_SQL::ENCRYPT_PASSWORD_BCRYPT);
     243            $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_PASSWORD_BCRYPT));
     244
     245            $result = $this->Auth_SQL->encryptpassword('123', 'saltstring', Auth_SQL::ENCRYPT_PASSWORD_DEFAULT);
     246            $this->assertTrue($this->Auth_SQL->verifyPassword('123', $result, Auth_SQL::ENCRYPT_PASSWORD_DEFAULT));
     247        }
    237248    }
    238249
     
    241252        $db =& DB::getInstance();
    242253
    243         $this->Auth_SQL->setParam(array('encryption_type' => Auth_SQL::ENCRYPT_SHA1_HARDENED));
     254        $this->Auth_SQL->setParam(array('hash_type' => Auth_SQL::ENCRYPT_SHA1_HARDENED));
    244255        $this->Auth_SQL->setpassword(null, '123');
    245256        $qid = $db->query("
     
    248259        ");
    249260        list($pass) = mysql_fetch_row($qid);
    250         $this->assertEquals('33d90af96a5928ac93cbd41fc436e8c55d2768c2', $pass);
     261        $this->assertEquals('1d086fcae3dd941e0f1371148502d03e96ab536f', $pass);
    251262    }
    252263
Note: See TracChangeset for help on using the changeset viewer.