Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
100.00% covered (success)
100.00%
27 / 27
100.00% covered (success)
100.00%
3 / 3
 CRAP
100.00% covered (success)
100.00%
1 / 1
phpbb_security_hash_test
100.00% covered (success)
100.00%
27 / 27
100.00% covered (success)
100.00%
3 / 3
 3
100.00% covered (success)
100.00%
1 / 1
 setUp
100.00% covered (success)
100.00%
17 / 17
100.00% covered (success)
100.00%
1 / 1
 1
 test_check_hash_with_phpass
100.00% covered (success)
100.00%
5 / 5
100.00% covered (success)
100.00%
1 / 1
 1
 test_check_hash_with_large_input
100.00% covered (success)
100.00%
5 / 5
100.00% covered (success)
100.00%
1 / 1
 1
1<?php
2/**
3*
4* This file is part of the phpBB Forum Software package.
5*
6* @copyright (c) phpBB Limited <https://www.phpbb.com>
7* @license GNU General Public License, version 2 (GPL-2.0)
8*
9* For full copyright and license information, please see
10* the docs/CREDITS.txt file.
11*
12*/
13
14class phpbb_security_hash_test extends phpbb_test_case
15{
16    protected function setUp(): void
17    {
18        global $phpbb_container;
19
20        $config = new \phpbb\config\config(array());
21        $phpbb_container = $this->createMock('Symfony\Component\DependencyInjection\ContainerInterface');
22        $driver_helper = new \phpbb\passwords\driver\helper($config);
23        $passwords_drivers = array(
24            'passwords.driver.bcrypt_2y'    => new \phpbb\passwords\driver\bcrypt_2y($config, $driver_helper),
25            'passwords.driver.bcrypt'        => new \phpbb\passwords\driver\bcrypt($config, $driver_helper),
26            'passwords.driver.salted_md5'    => new \phpbb\passwords\driver\salted_md5($config, $driver_helper),
27            'passwords.driver.phpass'        => new \phpbb\passwords\driver\phpass($config, $driver_helper),
28        );
29
30        $passwords_helper = new \phpbb\passwords\helper;
31        // Set up passwords manager
32        $passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
33
34        $phpbb_container
35            ->expects($this->any())
36            ->method('get')
37            ->with('passwords.manager')
38            ->will($this->returnValue($passwords_manager));
39    }
40
41    public function test_check_hash_with_phpass()
42    {
43        global $phpbb_container;
44
45        /** @var \phpbb\passwords\manager $passwords_manager */
46        $passwords_manager = $phpbb_container->get('passwords.manager');
47
48        $this->assertTrue($passwords_manager->check('test', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'));
49        $this->assertTrue($passwords_manager->check('test', '$P$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'));
50        $this->assertFalse($passwords_manager->check('foo', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'));
51    }
52
53    public function test_check_hash_with_large_input()
54    {
55        global $phpbb_container;
56
57        /** @var \phpbb\passwords\manager $passwords_manager */
58        $passwords_manager = $phpbb_container->get('passwords.manager');
59
60        // 16 MB password, should be rejected quite fast
61        $start_time = time();
62        $this->assertFalse($passwords_manager->check(str_repeat('a', 1024 * 1024 * 16), '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'));
63        $this->assertLessThanOrEqual(5, time() - $start_time);
64    }
65}
66