-
-
Notifications
You must be signed in to change notification settings - Fork 176
Expand file tree
/
Copy pathPasswordHasherTest.php
More file actions
90 lines (73 loc) · 2.96 KB
/
Copy pathPasswordHasherTest.php
File metadata and controls
90 lines (73 loc) · 2.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
namespace Tempest\Cryptography\Tests\Password;
use PHPUnit\Framework\TestCase;
use Tempest\Cryptography\Password\ArgonConfig;
use Tempest\Cryptography\Password\BcryptConfig;
use Tempest\Cryptography\Password\Exceptions\HashingFailed;
use Tempest\Cryptography\Password\GenericPasswordHasher;
use Tempest\Cryptography\Password\HashingAlgorithm;
final class PasswordHasherTest extends TestCase
{
public function test_algorithm(): void
{
$hasher = new GenericPasswordHasher(new ArgonConfig());
$this->assertSame(HashingAlgorithm::ARGON2ID, $hasher->algorithm);
$hasher = new GenericPasswordHasher(new BcryptConfig());
$this->assertSame(HashingAlgorithm::BCRYPT, $hasher->algorithm);
}
public function test_config_options(): void
{
$this->assertSame(
['memory_cost' => 1024, 'time_cost' => 2, 'threads' => 2],
new ArgonConfig(memoryCost: 1024, timeCost: 2, threads: 2)->options,
);
$this->assertSame(
['cost' => 10],
new BcryptConfig(cost: 10)->options,
);
}
public function test_hash_verify(): void
{
$hasher = new GenericPasswordHasher(new ArgonConfig());
$password = 'my_secure_password'; // @mago-expect lint:no-literal-password
$hash = $hasher->hash($password);
$this->assertTrue($hasher->verify($password, $hash));
}
public function test_wrong_password(): void
{
$hasher = new GenericPasswordHasher(new ArgonConfig());
$hash = $hasher->hash('my_secure_password');
$this->assertFalse($hasher->verify('wrong_password', $hash));
}
public function test_needs_rehash(): void
{
$hasher1 = new GenericPasswordHasher(new ArgonConfig(timeCost: 2));
$hasher2 = new GenericPasswordHasher(new ArgonConfig(timeCost: 4));
$hash = $hasher1->hash('my_secure_password');
$this->assertFalse($hasher1->needsRehash($hash));
$this->assertTrue($hasher2->needsRehash($hash));
}
public function test_analyze(): void
{
$hasher = new GenericPasswordHasher(new ArgonConfig(
memoryCost: 1024,
timeCost: 2,
threads: 2,
));
$hash = $hasher->hash('my_secure_password');
$analysis = $hasher->analyze($hash);
$this->assertSame($hash, $analysis->hash);
$this->assertSame(HashingAlgorithm::ARGON2ID, $analysis->algorithm);
$this->assertInstanceOf(ArgonConfig::class, $analysis->config);
$this->assertSame(1024, $analysis->config->memoryCost);
$this->assertSame(2, $analysis->config->timeCost);
$this->assertSame(2, $analysis->config->threads);
}
public function test_hashing_failed_empty_password(): void
{
$this->expectException(HashingFailed::class);
$this->expectExceptionMessage('Could not hash an empty password.');
$hasher = new GenericPasswordHasher(new BcryptConfig());
$hasher->hash('');
}
}