ElggCryptoTest.php 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120
  1. <?php
  2. class ElggCryptoTest extends \PHPUnit_Framework_TestCase {
  3. /**
  4. * @var PHPUnit_Framework_MockObject_MockObject
  5. */
  6. protected $stub;
  7. /**
  8. * @see ElggCrypto
  9. * @see ElggCrypto::getRandomBytes
  10. */
  11. protected function setUp() {
  12. $this->stub = $this->getMockBuilder('\ElggCrypto')
  13. ->setMethods(array('getRandomBytes'))
  14. ->getMock();
  15. $this->stub->expects($this->any())
  16. ->method('getRandomBytes')
  17. ->will($this->returnCallback(array($this, 'mock_getRandomBytes')));
  18. }
  19. function mock_getRandomBytes($length) {
  20. mt_srand(1);
  21. $bytes = '';
  22. for ($i = 0; $i < $length; $i++) {
  23. $bytes .= chr(mt_rand(0, 254));
  24. }
  25. return $bytes;
  26. }
  27. function provider() {
  28. return array(
  29. array(32, null, 'kwG37f3ds_7awuiaL52mVWXud9dqT1GF'),
  30. array(32, \ElggCrypto::CHARS_HEX, '9301b7edfdddb3fedac2e89a2f9da655'),
  31. array(32, \ElggCrypto::CHARS_PASSWORD, 'kl4lmjwyrpyh6rpqct3rkd9zvxwvqww8'),
  32. array(32, "0123456789", "78181215379307389761767024720714"),
  33. );
  34. }
  35. /**
  36. * @dataProvider provider
  37. */
  38. function testGetRandomString($length, $chars, $expected) {
  39. $this->assertSame($expected, $this->stub->getRandomString($length, $chars));
  40. }
  41. function testGeneratesMacInBase64Url() {
  42. $crypto = new ElggCrypto();
  43. $key = 'a very bad key';
  44. $data = '1';
  45. $expected = 'nL0lgXrVWgGK0Cmr9_PjqQcR2_PzuAHH114AsPZk-AM';
  46. $algo = 'sha256';
  47. $this->assertEquals($expected, $crypto->getHmac($data, $algo, $key)->getToken());
  48. }
  49. function testStringCastAffectsMacs() {
  50. $crypto = new ElggCrypto();
  51. $key = 'a very bad key';
  52. $t1 = $crypto->getHmac(1234, 'sha256', $key)->getToken();
  53. $t2 = $crypto->getHmac('1234', 'sha256', $key)->getToken();
  54. $this->assertNotEquals($t1, $t2);
  55. }
  56. function testMacAlteredByVaryingData() {
  57. $crypto = new ElggCrypto();
  58. $key = 'a very bad key';
  59. $t1 = $crypto->getHmac('1234', 'sha256', $key)->getToken();
  60. $t2 = $crypto->getHmac('1235', 'sha256', $key)->getToken();
  61. $this->assertNotEquals($t1, $t2);
  62. }
  63. function testMacAlteredByVaryingKey() {
  64. $crypto = new ElggCrypto();
  65. $key1 = 'a very bad key';
  66. $key2 = 'b very bad key';
  67. $t1 = $crypto->getHmac('1234', 'sha256', $key1)->getToken();
  68. $t2 = $crypto->getHmac('1234', 'sha256', $key2)->getToken();
  69. $this->assertNotEquals($t1, $t2);
  70. }
  71. function testCanAcceptDataAsArray() {
  72. $crypto = new ElggCrypto();
  73. $key = 'a very bad key';
  74. $token = $crypto->getHmac([12, 34], 'sha256', $key)->getToken();
  75. $matches = $crypto->getHmac([12, 34], 'sha256', $key)->matchesToken($token);
  76. $this->assertTrue($matches);
  77. }
  78. function testMacAlteredByArrayModification() {
  79. $crypto = new ElggCrypto();
  80. $key = 'a very bad key';
  81. $t1 = $crypto->getHmac([12, 34], 'sha256', $key)->getToken();
  82. $t2 = $crypto->getHmac([123, 4], 'sha256', $key)->getToken();
  83. $this->assertNotEquals($t1, $t2);
  84. }
  85. function testMacAlteredByArrayTypeModification() {
  86. $crypto = new ElggCrypto();
  87. $key = 'a very bad key';
  88. $t1 = $crypto->getHmac([12, 34], 'sha256', $key)->getToken();
  89. $t2 = $crypto->getHmac([12, '34'], 'sha256', $key)->getToken();
  90. $this->assertNotEquals($t1, $t2);
  91. }
  92. }