hasher.php 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
  1. <?php
  2. /**
  3. * Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com>
  4. * This file is licensed under the Affero General Public License version 3 or
  5. * later.
  6. * See the COPYING-README file.
  7. */
  8. use OC\Security\Hasher;
  9. /**
  10. * Class HasherTest
  11. */
  12. class HasherTest extends \PHPUnit_Framework_TestCase {
  13. /**
  14. * @return array
  15. */
  16. public function versionHashProvider()
  17. {
  18. return array(
  19. array('asf32äà$$a.|3', null),
  20. array('asf32äà$$a.|3|5', null),
  21. array('1|2|3|4', array('version' => 1, 'hash' => '2|3|4')),
  22. array('1|我看|这本书。 我看這本書', array('version' => 1, 'hash' => '我看|这本书。 我看這本書'))
  23. );
  24. }
  25. /**
  26. * @return array
  27. */
  28. public function allHashProviders()
  29. {
  30. return array(
  31. // Bogus values
  32. array(null, 'asf32äà$$a.|3', false),
  33. array(null, false, false),
  34. // Valid SHA1 strings
  35. array('password', '5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8', true),
  36. array('owncloud.com', '27a4643e43046c3569e33b68c1a4b15d31306d29', true),
  37. // Invalid SHA1 strings
  38. array('InvalidString', '5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8', false),
  39. array('AnotherInvalidOne', '27a4643e43046c3569e33b68c1a4b15d31306d29', false),
  40. // Valid legacy password string with password salt "6Wow67q1wZQZpUUeI6G2LsWUu4XKx"
  41. array('password', '$2a$08$emCpDEl.V.QwPWt5gPrqrOhdpH6ailBmkj2Hd2vD5U8qIy20HBe7.', true),
  42. array('password', '$2a$08$yjaLO4ev70SaOsWZ9gRS3eRSEpHVsmSWTdTms1949mylxJ279hzo2', true),
  43. array('password', '$2a$08$.jNRG/oB4r7gHJhAyb.mDupNUAqTnBIW/tWBqFobaYflKXiFeG0A6', true),
  44. array('owncloud.com', '$2a$08$YbEsyASX/hXVNMv8hXQo7ezreN17T8Jl6PjecGZvpX.Ayz2aUyaZ2', true),
  45. array('owncloud.com', '$2a$11$cHdDA2IkUP28oNGBwlL7jO/U3dpr8/0LIjTZmE8dMPA7OCUQsSTqS', true),
  46. array('owncloud.com', '$2a$08$GH.UoIfJ1e.qeZ85KPqzQe6NR8XWRgJXWIUeE1o/j1xndvyTA1x96', true),
  47. // Invalid legacy passwords
  48. array('password', '$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2', false),
  49. // Valid passwords "6Wow67q1wZQZpUUeI6G2LsWUu4XKx"
  50. array('password', '1|$2a$05$ezAE0dkwk57jlfo6z5Pql.gcIK3ReXT15W7ITNxVS0ksfhO/4E4Kq', true),
  51. array('password', '1|$2a$05$4OQmloFW4yTVez2MEWGIleDO9Z5G9tWBXxn1vddogmKBQq/Mq93pe', true),
  52. array('password', '1|$2a$11$yj0hlp6qR32G9exGEXktB.yW2rgt2maRBbPgi3EyxcDwKrD14x/WO', true),
  53. array('owncloud.com', '1|$2a$10$Yiss2WVOqGakxuuqySv5UeOKpF8d8KmNjuAPcBMiRJGizJXjA2bKm', true),
  54. array('owncloud.com', '1|$2a$10$v9mh8/.mF/Ut9jZ7pRnpkuac3bdFCnc4W/gSumheQUi02Sr.xMjPi', true),
  55. array('owncloud.com', '1|$2a$05$ST5E.rplNRfDCzRpzq69leRzsTGtY7k88h9Vy2eWj0Ug/iA9w5kGK', true),
  56. // Invalid passwords
  57. array('password', '0|$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2', false),
  58. array('password', '1|$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2', false),
  59. array('password', '2|$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2', false),
  60. );
  61. }
  62. /** @var Hasher */
  63. protected $hasher;
  64. /** @var \OCP\IConfig */
  65. protected $config;
  66. protected function setUp() {
  67. $this->config = $this->getMockBuilder('\OCP\IConfig')
  68. ->disableOriginalConstructor()->getMock();
  69. $this->hasher = new Hasher($this->config);
  70. }
  71. function testHash() {
  72. $hash = $this->hasher->hash('String To Hash');
  73. $this->assertNotNull($hash);
  74. }
  75. /**
  76. * @dataProvider versionHashProvider
  77. */
  78. function testSplitHash($hash, $expected) {
  79. $relativePath = \Test_Helper::invokePrivate($this->hasher, 'splitHash', array($hash));
  80. $this->assertSame($expected, $relativePath);
  81. }
  82. /**
  83. * @dataProvider allHashProviders
  84. */
  85. function testVerify($password, $hash, $expected) {
  86. $this->config
  87. ->expects($this->any())
  88. ->method('getSystemValue')
  89. ->with('passwordsalt', null)
  90. ->will($this->returnValue('6Wow67q1wZQZpUUeI6G2LsWUu4XKx'));
  91. $result = $this->hasher->verify($password, $hash);
  92. $this->assertSame($expected, $result);
  93. }
  94. }