assertRegExp( '~^[a-f0-9]{16}$~i', PasswordHelper::generateSalt(), 'A hex based salt with 16 chars must be returned' ); } public function testHash() { foreach (array(self::TEST_PASSWORD, self::TEST_PASSWORD_LONG) as $pw) { $hashed = PasswordHelper::hash($pw); $this->assertRegExp( '~^\$\d\w*\$(?:rounds=\d+\$)?~', $hashed, 'Hash output must look like a hash: ' . $hashed ); $this->assertEquals( crypt($pw, $hashed), $hashed, 'New hashed password must validate via crypt: ' . $hashed ); } } public function testHashFallback() { $hashed = PasswordHelper::hash(self::TEST_PASSWORD, PasswordHelper::PASSWORD_ALGO_FALLBACK); $this->assertRegExp( '~^\$6\$rounds=\d+\$?~', $hashed, 'Hash output must look like a SHA-512 hash: ' . $hashed ); $this->assertEquals( crypt(self::TEST_PASSWORD, $hashed), $hashed, 'New hashed password must validate via crypt: ' . $hashed ); } public function testVerify() { $pws = array( self::TEST_PASSWORD_HASHED_BLOWFISH_1 => self::TEST_PASSWORD, self::TEST_PASSWORD_HASHED_BLOWFISH_2 => self::TEST_PASSWORD, self::TEST_PASSWORD_HASHED_BLOWFISH_LONG => self::TEST_PASSWORD_LONG, self::TEST_PASSWORD_HASHED_SHA256 => self::TEST_PASSWORD, pack('H*', self::TEST_PASSWORD_OLD_MD5) => self::TEST_PASSWORD, ); foreach ($pws as $hash => $pw) { $this->assertTrue( PasswordHelper::verify($pw, $hash), 'Password must be validated against its hash' ); } } }