diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-10-09 22:53:13 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-10-09 22:53:13 +0200 |
| commit | cd74fb094629cf07209b4fa13ebf0ddf5b4ce47c (patch) | |
| tree | 343dbdf6fdd3e87788e10479e88cf19f584cd6e3 | |
| parent | 3b6038cfcd6e00aaf8e9b5f68f2a925c9a85da51 (diff) | |
| download | forums-cd74fb094629cf07209b4fa13ebf0ddf5b4ce47c.tar forums-cd74fb094629cf07209b4fa13ebf0ddf5b4ce47c.tar.gz forums-cd74fb094629cf07209b4fa13ebf0ddf5b4ce47c.tar.bz2 forums-cd74fb094629cf07209b4fa13ebf0ddf5b4ce47c.tar.xz forums-cd74fb094629cf07209b4fa13ebf0ddf5b4ce47c.zip | |
[feature/passwords] Increase test coverage to 35 out ouf 36 methods
Only one small code part in the salted md5 driver can't be tested right now.
Passwords helper and passwords driver helper are now fully covered by tests.
PHPBB3-11610
| -rw-r--r-- | phpBB/phpbb/passwords/driver/helper.php | 5 | ||||
| -rw-r--r-- | phpBB/phpbb/passwords/driver/salted_md5.php | 5 | ||||
| -rw-r--r-- | tests/passwords/drivers_test.php | 86 | ||||
| -rw-r--r-- | tests/passwords/manager_test.php | 29 |
4 files changed, 111 insertions, 14 deletions
diff --git a/phpBB/phpbb/passwords/driver/helper.php b/phpBB/phpbb/passwords/driver/helper.php index da66347ac3..086edb6b65 100644 --- a/phpBB/phpbb/passwords/driver/helper.php +++ b/phpBB/phpbb/passwords/driver/helper.php @@ -120,12 +120,13 @@ class helper * Get random salt with specified length * * @param int $length Salt length + * @param string $rand_seed Seed for random data (optional). For tests. */ - public function get_random_salt($length) + public function get_random_salt($length, $rand_seed = '/dev/urandom') { $random = ''; - if (($fh = @fopen('/dev/urandom', 'rb'))) + if (($fh = @fopen($rand_seed, 'rb'))) { $random = fread($fh, $length); fclose($fh); diff --git a/phpBB/phpbb/passwords/driver/salted_md5.php b/phpBB/phpbb/passwords/driver/salted_md5.php index 13d25560fe..23ae25c0c9 100644 --- a/phpBB/phpbb/passwords/driver/salted_md5.php +++ b/phpBB/phpbb/passwords/driver/salted_md5.php @@ -46,10 +46,7 @@ class salted_md5 extends \phpbb\passwords\driver\base } else { - if (($settings = $this->get_hash_settings($this->generate_salt())) === false) - { - return false; - } + $settings = $this->get_hash_settings($this->generate_salt()); } $hash = md5($settings['salt'] . $password, true); diff --git a/tests/passwords/drivers_test.php b/tests/passwords/drivers_test.php new file mode 100644 index 0000000000..1fc51b1dd2 --- /dev/null +++ b/tests/passwords/drivers_test.php @@ -0,0 +1,86 @@ +<?php +/** +* +* @package testing +* @copyright (c) 2013 phpBB Group +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* +*/ + +class phpbb_passwords_helper_test extends PHPUnit_Framework_TestCase +{ + public function setUp() + { + // Prepare dependencies for drivers + $config = new \phpbb\config\config(array()); + $this->driver_helper = new \phpbb\passwords\driver\helper($config); + + $this->passwords_drivers = array( + 'passwords.driver.bcrypt' => new \phpbb\passwords\driver\bcrypt($config, $this->driver_helper), + 'passwords.driver.bcrypt_2y' => new \phpbb\passwords\driver\bcrypt_2y($config, $this->driver_helper), + 'passwords.driver.salted_md5' => new \phpbb\passwords\driver\salted_md5($config, $this->driver_helper), + 'passwords.driver.phpass' => new \phpbb\passwords\driver\phpass($config, $this->driver_helper), + ); + + foreach ($this->passwords_drivers as $key => $driver) + { + $driver->set_name($key); + } + } + + public function data_helper_encode64() + { + return array( + array('foobar', 6, 'axqPW3aQ'), + array('foobar', 7, 'axqPW3aQ..'), + array('foobar', 5, 'axqPW34'), + ); + } + + /** + * @dataProvider data_helper_encode64 + */ + public function test_helper_encode64($input, $length, $output) + { + $return = $this->driver_helper->hash_encode64($input, $length); + $this->assertEquals($output, $return); + } + + public function data_get_random_salt() + { + return array( + array(24, false), + array(24, '/dev/foobar'), + ); + } + + /** + * @dataProvider data_get_random_salt + */ + public function test_get_random_salt($length, $rand_seed) + { + $rand_string = (empty($rand_seed)) ? $this->driver_helper->get_random_salt($length) : $this->driver_helper->get_random_salt($length, $rand_seed); + $start = microtime(true); + + // Run each test for max. 1 second + while ((microtime(true) - $start) < 1) + { + $urandom_string = (empty($rand_seed)) ? $this->driver_helper->get_random_salt($length) : $this->driver_helper->get_random_salt($length, $rand_seed); + $this->assertEquals($length, strlen($urandom_string)); + $this->assertNotEquals($rand_string, $urandom_string); + } + } + + public function test_get_hash_settings_salted_md5() + { + $settings = $this->passwords_drivers['passwords.driver.salted_md5']->get_hash_settings('$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'); + $this->assertEquals(array( + 'count' => pow(2, 11), + 'salt' => 'isfrtKXW', + 'full' => '$H$9isfrtKXW', + ), + $settings + ); + $this->assertEquals(false, $this->passwords_drivers['passwords.driver.salted_md5']->get_hash_settings(false)); + } +} diff --git a/tests/passwords/manager_test.php b/tests/passwords/manager_test.php index 4ad5b439d6..568c53be3f 100644 --- a/tests/passwords/manager_test.php +++ b/tests/passwords/manager_test.php @@ -7,8 +7,6 @@ * */ -require_once dirname(__FILE__) . '/../mock/container_builder.php'; - class phpbb_passwords_manager_test extends PHPUnit_Framework_TestCase { protected $passwords_drivers; @@ -19,11 +17,6 @@ class phpbb_passwords_manager_test extends PHPUnit_Framework_TestCase public function setUp() { - global $phpbb_root_path, $phpEx; - - // Mock phpbb_container - $this->phpbb_container = new phpbb_mock_container_builder; - // Prepare dependencies for manager and driver $config = new \phpbb\config\config(array()); $this->driver_helper = new \phpbb\passwords\driver\helper($config); @@ -38,7 +31,6 @@ class phpbb_passwords_manager_test extends PHPUnit_Framework_TestCase foreach ($this->passwords_drivers as $key => $driver) { $driver->set_name($key); - $this->phpbb_container->set($key, $driver); } $this->helper = new \phpbb\passwords\helper; @@ -218,6 +210,11 @@ class phpbb_passwords_manager_test extends PHPUnit_Framework_TestCase array('passwords.driver.salted_md5'), false, ), + array( + 'passwords.driver.bcrypt_2y', + array('passwords.driver.salted_md4'), + false, + ), ); } } @@ -257,4 +254,20 @@ class phpbb_passwords_manager_test extends PHPUnit_Framework_TestCase $this->assertNotEquals($first_id, $this->driver_helper->unique_id()); } } + + public function test_check_hash_with_large_input() + { + // 16 MB password, should be rejected quite fast + $start_time = time(); + $this->assertFalse($this->manager->check(str_repeat('a', 1024 * 1024 * 16), '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + $this->assertLessThanOrEqual(5, time() - $start_time); + } + + public function test_hash_password_with_large_input() + { + // 16 MB password, should be rejected quite fast + $start_time = time(); + $this->assertFalse($this->manager->hash(str_repeat('a', 1024 * 1024 * 16))); + $this->assertLessThanOrEqual(5, time() - $start_time); + } } |