ilArgon2IdPasswordEncoderTest.php

Go to the documentation of this file.

<?php

declare(strict_types=1);

class ilArgon2IdPasswordEncoderTest extends ilPasswordBaseTestCase
{
    private const PASSWORD = 'password';
    private const WRONG_PASSWORD = 'wrong_password';

    public function testInstanceCanBeCreated(): ilArgon2idPasswordEncoder
    {
        $encoder = new ilArgon2idPasswordEncoder();
        $this->assertInstanceOf(ilArgon2idPasswordEncoder::class, $encoder);

        if (!$encoder->isSupportedByRuntime()) {
            $this->markTestSkipped('Argon2id is not supported by the runtime.');
        }

        return $encoder;
    }

    public function testPasswordShouldBeCorrectlyEncodedAndVerified(
        ilArgon2idPasswordEncoder $encoder
    ): ilArgon2idPasswordEncoder {
        $encoded_password = $encoder->encodePassword(self::PASSWORD, '');
        $this->assertTrue($encoder->isPasswordValid($encoded_password, self::PASSWORD, ''));
        $this->assertFalse($encoder->isPasswordValid($encoded_password, self::WRONG_PASSWORD, ''));
        return $encoder;
    }

    public function testExceptionIsRaisedIfThePasswordExceedsTheSupportedLengthOnEncoding(
        ilArgon2idPasswordEncoder $encoder
    ): void {
        $this->expectException(ilPasswordException::class);
        $encoder->encodePassword(str_repeat('a', 5000), '');
    }

    public function testPasswordVerificationShouldFailIfTheRawPasswordExceedsTheSupportedLength(
        ilArgon2idPasswordEncoder $encoder
    ): void {
        $this->assertFalse($encoder->isPasswordValid('encoded', str_repeat('a', 5000), ''));
    }

    public function testNameShouldBeArgon2id(ilArgon2idPasswordEncoder $encoder): void
    {
        $this->assertSame('argon2id', $encoder->getName());
    }

    public function testEncoderDoesNotRelyOnSalts(ilArgon2idPasswordEncoder $encoder): void
    {
        $this->assertFalse($encoder->requiresSalt());
    }

    public function testReencodingIsDetectedWhenNecessary(ilArgon2idPasswordEncoder $encoder): void
    {
        $raw = self::PASSWORD;

        $encoder->setThreads(2);
        $encoder->setMemoryCost(4096);
        $encoder->setTimeCost(8);
        $encoded = $encoder->encodePassword($raw, '');

        $encoder->setThreads(2);
        $encoder->setMemoryCost(4096);
        $encoder->setTimeCost(8);
        $this->assertFalse($encoder->requiresReencoding($encoded));

        $encoder->setThreads(2);
        $encoder->setMemoryCost(4096);
        $encoder->setTimeCost(4);
        $this->assertTrue($encoder->requiresReencoding($encoded));

        $encoder->setThreads(1);
        $encoder->setMemoryCost(4096);
        $encoder->setTimeCost(8);
        $this->assertTrue($encoder->requiresReencoding($encoded));

        $encoder->setThreads(2);
        $encoder->setMemoryCost(2048);
        $encoder->setTimeCost(8);
        $this->assertTrue($encoder->requiresReencoding($encoded));
    }
}