Commit: e505316aeba0fbb52cd21ff84af784a9d3e2b49a Author: Anthony Ferrara <ircmax...@ircmaxell.com> Tue, 26 Jun 2012 22:05:25 -0400 Parents: 232da90388de2a3ba4ad430d281469498e88aca2 Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e505316aeba0fbb52cd21ff84af784a9d3e2b49a Log: Add tests for password hashing Changed paths: A ext/standard/tests/password/password_bcrypt_errors.phpt A ext/standard/tests/password/password_hash.phpt A ext/standard/tests/password/password_hash_error.phpt A ext/standard/tests/password/password_make_salt.phpt A ext/standard/tests/password/password_make_salt_error.phpt A ext/standard/tests/password/password_verify.phpt A ext/standard/tests/password/password_verify_error.phpt Diff: diff --git a/ext/standard/tests/password/password_bcrypt_errors.phpt b/ext/standard/tests/password/password_bcrypt_errors.phpt new file mode 100644 index 0000000..4223817 --- /dev/null +++ b/ext/standard/tests/password/password_bcrypt_errors.phpt @@ -0,0 +1,28 @@ +--TEST-- +Test error operation of password_hash() with bcrypt hashing +--FILE-- +<?php +//-=-=-=- + +var_dump(password_hash("foo", PASSWORD_BCRYPT, array("cost" => 3))); + +var_dump(password_hash("foo", PASSWORD_BCRYPT, array("cost" => 32))); + +var_dump(password_hash("foo", PASSWORD_BCRYPT, array("salt" => "foo"))); + +var_dump(password_hash("foo", PASSWORD_BCRYPT, array("salt" => "123456789012345678901"))); + +?> +--EXPECTF-- +Warning: password_hash(): Invalid bcrypt cost parameter specified: 3 in %s on line %d +bool(false) + +Warning: password_hash(): Invalid bcrypt cost parameter specified: 32 in %s on line %d +bool(false) + +Warning: password_hash(): Provided salt is too short: 3 expecting 22 in %s on line %d +bool(false) + +Warning: password_hash(): Provided salt is too short: 21 expecting 22 in %s on line %d +bool(false) + diff --git a/ext/standard/tests/password/password_hash.phpt b/ext/standard/tests/password/password_hash.phpt new file mode 100644 index 0000000..ecefa10 --- /dev/null +++ b/ext/standard/tests/password/password_hash.phpt @@ -0,0 +1,27 @@ +--TEST-- +Test normal operation of password_hash() +--FILE-- +<?php +//-=-=-=- + +// Set the cost low so the test is fast +ini_set('password.bcrypt_cost', '4'); + +var_dump(strlen(password_hash("foo"))); + +$hash = password_hash("foo"); + +var_dump($hash == crypt("foo", $hash)); + +var_dump(password_hash("rasmuslerdorf", PASSWORD_BCRYPT, array("cost" => 7, "salt" => "usesomesillystringforsalt"))); + +var_dump(password_hash("test", PASSWORD_BCRYPT, array("salt" => "123456789012345678901" . chr(0)))); + +echo "OK!"; +?> +--EXPECT-- +int(60) +bool(true) +string(60) "$2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi" +string(60) "$2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG" +OK! diff --git a/ext/standard/tests/password/password_hash_error.phpt b/ext/standard/tests/password/password_hash_error.phpt new file mode 100644 index 0000000..dfbb094 --- /dev/null +++ b/ext/standard/tests/password/password_hash_error.phpt @@ -0,0 +1,38 @@ +--TEST-- +Test error operation of password_hash() +--FILE-- +<?php +//-=-=-=- + +var_dump(password_hash()); + +var_dump(password_hash("foo", array())); + +var_dump(password_hash("foo", "bar", new StdClass)); + +var_dump(password_hash("foo", "bar", "baz")); + +var_dump(password_hash(123)); + +var_dump(password_hash("123", PASSWORD_BCRYPT, array("salt" => 13))); + +?> +--EXPECTF-- +Warning: password_hash() expects at least 1 parameter, 0 given in %s on line %d +bool(false) + +Warning: password_hash() expects parameter 2 to be string, array given in %s on line %d +bool(false) + +Warning: password_hash(): Unknown password hashing algorithm: bar in %s on line %d +bool(false) + +Warning: password_hash() expects parameter 3 to be array, string given in %s on line %d +bool(false) + +Warning: password_hash(): Password must be a string in %s on line %d +bool(false) + +Warning: password_hash(): Non-string salt parameter supplied in %s on line %d +bool(false) + diff --git a/ext/standard/tests/password/password_make_salt.phpt b/ext/standard/tests/password/password_make_salt.phpt new file mode 100644 index 0000000..63b56f8 --- /dev/null +++ b/ext/standard/tests/password/password_make_salt.phpt @@ -0,0 +1,40 @@ +--TEST-- +Test normal operation of password_make_salt() +--FILE-- +<?php +//-=-=-=- +echo strlen(password_make_salt(1)) . "\n"; +echo strlen(password_make_salt(2)) . "\n"; +echo strlen(password_make_salt(3)) . "\n"; +echo strlen(password_make_salt(4)) . "\n"; +echo strlen(password_make_salt(5)) . "\n"; +echo "\n"; + +echo strlen(password_make_salt(1, true)) . "\n"; +echo strlen(password_make_salt(2, true)) . "\n"; +echo strlen(password_make_salt(3, true)) . "\n"; +echo strlen(password_make_salt(4, true)) . "\n"; +echo strlen(password_make_salt(5, true)) . "\n"; +echo "\n"; + +$a = password_make_salt(32); +$b = password_make_salt(32); + +var_dump($a != $b); +echo "OK!"; +?> +--EXPECT-- +1 +2 +3 +4 +5 + +1 +2 +3 +4 +5 + +bool(true) +OK! diff --git a/ext/standard/tests/password/password_make_salt_error.phpt b/ext/standard/tests/password/password_make_salt_error.phpt new file mode 100644 index 0000000..7d79713 --- /dev/null +++ b/ext/standard/tests/password/password_make_salt_error.phpt @@ -0,0 +1,23 @@ +--TEST-- +Test error operation of password_make_salt() +--FILE-- +<?php +//-=-=-=- + +var_dump(password_make_salt()); + +var_dump(password_make_salt("foo")); + +var_dump(password_make_salt(-1)); + +?> +--EXPECTF-- +Warning: password_make_salt() expects at least 1 parameter, 0 given in %s on line %d +bool(false) + +Warning: password_make_salt() expects parameter 1 to be long, string given in %s on line %d +bool(false) + +Warning: password_make_salt(): Length cannot be less than or equal zero: -1 in %s on line %d +bool(false) + diff --git a/ext/standard/tests/password/password_verify.phpt b/ext/standard/tests/password/password_verify.phpt new file mode 100644 index 0000000..e7ecc7e --- /dev/null +++ b/ext/standard/tests/password/password_verify.phpt @@ -0,0 +1,21 @@ +--TEST-- +Test normal operation of password_verify) +--FILE-- +<?php +//-=-=-=- + +var_dump(password_verify(123, 123)); + +var_dump(password_verify("foo", '$2a$07$usesomesillystringforsalt$')); + +var_dump(password_verify('rasmusler', '$2a$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi')); + +var_dump(password_verify('rasmuslerdorf', '$2a$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi')); +echo "OK!"; +?> +--EXPECT-- +bool(false) +bool(false) +bool(false) +bool(true) +OK! diff --git a/ext/standard/tests/password/password_verify_error.phpt b/ext/standard/tests/password/password_verify_error.phpt new file mode 100644 index 0000000..3e653fa --- /dev/null +++ b/ext/standard/tests/password/password_verify_error.phpt @@ -0,0 +1,18 @@ +--TEST-- +Test error operation of password_verify() +--FILE-- +<?php +//-=-=-=- + +var_dump(password_verify()); + +var_dump(password_verify("foo")); + +?> +--EXPECTF-- +Warning: password_verify() expects exactly 2 parameters, 0 given in %s on line %d +bool(false) + +Warning: password_verify() expects exactly 2 parameters, 1 given in %s on line %d +bool(false) + -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php