dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove hard deprecation of PasswordPolicyChecks::checkPopularPasswordBlacklist
[lhc/web/wiklou.git] / tests / phpunit / includes / password / Argon2PasswordTest.php
1 <?php
2
3 /**
4 * @group large
5 * @covers Argon2Password
6 * @covers Password
7 * @covers ParameterizedPassword
8 *
9 * @phpcs:disable Generic.Files.LineLength
10 */
11 class Argon2PasswordTest extends PasswordTestCase {
12
13 public function setUp() {
14 parent::setUp();
15 if ( !defined( 'PASSWORD_ARGON2I' ) ) {
16 $this->markTestSkipped( 'Argon2 support not found' );
17 }
18 }
19
20 /**
21 * Return an array of configs to be used for this class's password type.
22 *
23 * @return array[]
24 */
25 protected function getTypeConfigs() {
26 return [
27 'argon2' => [
28 'class' => Argon2Password::class,
29 'algo' => 'argon2i',
30 'memory_cost' => 1024,
31 'time_cost' => 2,
32 'threads' => 2,
33 ]
34 ];
35 }
36
37 /**
38 * @return array
39 */
40 public static function providePasswordTests() {
41 $result = [
42 [
43 true,
44 ':argon2:$argon2i$v=19$m=1024,t=2,p=2$RHpGTXJPeFlSV2NDTEswNA$VeW7rumZY4pL8XO4KeQkKD43r5uX3eazVJRtrFN7lNc',
45 'password',
46 ],
47 [
48 true,
49 ':argon2:$argon2i$v=19$m=2048,t=5,p=3$MHFKSnh6WWZEWkpKa09SUQ$vU92h/8hkByL5VKW1P9amCj054pZILGKznAvKWAivZE',
50 'password',
51 ],
52 [
53 true,
54 ':argon2:$argon2i$v=19$m=1024,t=2,p=2$bFJ4TzM5RWh2T0VmeFhDTA$AHFUFZRh69aZYBqyxn6tpujpEcf2JP8wgRCPU3nw3W4',
55 "pass\x00word",
56 ],
57 [
58 false,
59 ':argon2:$argon2i$v=19$m=1024,t=2,p=2$UGZqTWJRUkI1alVNTGRUbA$RcASw9XUWjCDO9WNnuVkGkEylURUW/CcNwSffdFwN74',
60 'password',
61 ]
62 ];
63
64 if ( defined( 'PASSWORD_ARGON2ID' ) ) {
65 // @todo: Argon2id cases
66 $result = array_merge( $result, [] );
67 }
68
69 return $result;
70 }
71
72 /**
73 * @dataProvider provideNeedsUpdate
74 */
75 public function testNeedsUpdate( $updateExpected, $hash ) {
76 $password = $this->passwordFactory->newFromCiphertext( $hash );
77 $this->assertSame( $updateExpected, $password->needsUpdate() );
78 }
79
80 public function provideNeedsUpdate() {
81 return [
82 [ false, ':argon2:$argon2i$v=19$m=1024,t=2,p=2$bFJ4TzM5RWh2T0VmeFhDTA$AHFUFZRh69aZYBqyxn6tpujpEcf2JP8wgRCPU3nw3W4' ],
83 [ false, ':argon2:$argon2i$v=19$m=1024,t=2,p=2$<whatever>' ],
84 [ true, ':argon2:$argon2i$v=19$m=666,t=2,p=2$<whatever>' ],
85 [ true, ':argon2:$argon2i$v=19$m=1024,t=666,p=2$<whatever>' ],
86 [ true, ':argon2:$argon2i$v=19$m=1024,t=2,p=666$<whatever>' ],
87 ];
88 }
89
90 public function testPartialConfig() {
91 // The default options changed in PHP 7.2.21 and 7.3.8. This seems to be the only way to
92 // fetch them at runtime.
93 $options = password_get_info( password_hash( '', PASSWORD_ARGON2I ) )['options'];
94
95 $factory = new PasswordFactory();
96 $factory->register( 'argon2', [
97 'class' => Argon2Password::class,
98 'algo' => 'argon2i',
99 ] );
100
101 $partialPassword = $factory->newFromType( 'argon2' );
102 $partialPassword->crypt( 'password' );
103
104 $factory2 = new PasswordFactory();
105 $factory2->register( 'argon2', [
106 'class' => Argon2Password::class,
107 'algo' => 'argon2i',
108 ] + $options );
109
110 $fullPassword = $factory2->newFromCiphertext( $partialPassword->toString() );
111
112 $this->assertFalse( $fullPassword->needsUpdate(),
113 'Options not set for a password should fall back to defaults'
114 );
115 }
116 }
Wiklou, le Wiki du Wiklou