lithium\tests\cases\security\PasswordTest::testSaltBlowfish PHP Method

PasswordTest Class Documentation Show file Open project: unionofrad/lithium

testSaltBlowfish() public method

It also contains tests to prove that password longer than 72 characters are translated into the same hash.

public testSaltBlowfish ( )

    public function testSaltBlowfish()
    {
        $this->skipIf(!CRYPT_BLOWFISH, 'Blowfish is not supported.');
        $saltPattern = "{^\\\$2a\\\$06\\\$[0-9A-Za-z./]{22}\$}";
        $hashPattern = "{^\\\$2a\\\$06\\\$[0-9A-Za-z./]{53}\$}";
        $log2 = 6;
        $salt = Password::salt('bf', $log2);
        $this->assertPattern($saltPattern, $salt);
        $this->assertNotEqual($salt, Password::salt('bf', $log2));
        $hash = Password::hash($this->_password, $salt);
        $hash2 = Password::hash($this->_password, Password::salt('bf', $log2));
        $this->assertPattern($hashPattern, $hash);
        $this->assertNotEqual($hash, $hash2);
        $maxLength = 72;
        $salt = Password::salt('bf');
        $password = str_repeat('a', $maxLength);
        $expected = Password::hash($password, $salt);
        $result = Password::hash($password . 'a', $salt);
        $this->assertIdentical($expected, $result);
    }

PasswordTest

testCheck

testHash

testSaltBlowfish

testSaltMD5

testSaltXDES