7a7976ba7a
So far, our key derivation code assumed that it has control over the salt used by the derivation routines, however I want to add Argon2 support and it doesn't work this way: password_hash() generates the salt itself, and the only way to verify a password is by using password_verify(). Current way the things are done doesn't support it because it relies on the result of password hashing with parameters we provide to be deterministic. Therefore, I'm deprecating Password::equals(), as well as whole concept of comparing Password objects - it's used only in tests anyway. It's getting replaced with verify() that only accepts password strings. Uses of old function are fixed with exception of a few calls in tests that will be addressed in my Argon2 patch. Change-Id: I2b2be9a422ee0f773490eac316ad81505c3f8571
63 lines
1.7 KiB
PHP
63 lines
1.7 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @covers LayeredParameterizedPassword
|
|
* @covers Password
|
|
*/
|
|
class LayeredParameterizedPasswordTest extends PasswordTestCase {
|
|
protected function getTypeConfigs() {
|
|
return [
|
|
'testLargeLayeredTop' => [
|
|
'class' => LayeredParameterizedPassword::class,
|
|
'types' => [
|
|
'testLargeLayeredBottom',
|
|
'testLargeLayeredBottom',
|
|
'testLargeLayeredBottom',
|
|
'testLargeLayeredBottom',
|
|
'testLargeLayeredFinal',
|
|
],
|
|
],
|
|
'testLargeLayeredBottom' => [
|
|
'class' => Pbkdf2Password::class,
|
|
'algo' => 'sha512',
|
|
'cost' => 1024,
|
|
'length' => 512,
|
|
],
|
|
'testLargeLayeredFinal' => [
|
|
'class' => BcryptPassword::class,
|
|
'cost' => 5,
|
|
]
|
|
];
|
|
}
|
|
|
|
protected function getValidTypes() {
|
|
return [ 'testLargeLayeredFinal' ];
|
|
}
|
|
|
|
public static function providePasswordTests() {
|
|
// phpcs:disable Generic.Files.LineLength
|
|
return [
|
|
[
|
|
true,
|
|
':testLargeLayeredTop:sha512:1024:512!sha512:1024:512!sha512:1024:512!sha512:1024:512!5!vnRy+2SrSA0fHt3dwhTP5g==!AVnwfZsAQjn+gULv7FSGjA==!xvHUX3WcpkeSn1lvjWcvBg==!It+OC/N9tu+d3ByHhuB0BQ==!Tb.gqUOiD.aWktVwHM.Q/O!7CcyMfXUPky5ptyATJsR2nq3vUqtnBC',
|
|
'testPassword123'
|
|
],
|
|
];
|
|
// phpcs:enable
|
|
}
|
|
|
|
/**
|
|
* @covers LayeredParameterizedPassword::partialCrypt
|
|
*/
|
|
public function testLargeLayeredPartialUpdate() {
|
|
/** @var ParameterizedPassword $partialPassword */
|
|
$partialPassword = $this->passwordFactory->newFromType( 'testLargeLayeredBottom' );
|
|
$partialPassword->crypt( 'testPassword123' );
|
|
|
|
/** @var LayeredParameterizedPassword $totalPassword */
|
|
$totalPassword = $this->passwordFactory->newFromType( 'testLargeLayeredTop' );
|
|
$totalPassword->partialCrypt( $partialPassword );
|
|
|
|
$this->assertTrue( $totalPassword->verify( 'testPassword123' ) );
|
|
}
|
|
}
|