SecurityTest.php

<?php
/**
 * @link http://www.yiiframework.com/
 * @copyright Copyright (c) 2008 Yii Software LLC
 * @license http://www.yiiframework.com/license/
 */

namespace yiiunit\framework\base;

use yiiunit\TestCase;
use yii\base\Security;

/**
 * @group base
 */
class SecurityTest extends TestCase
{
    /**
     * @var Security
     */
    protected $security;

    protected function setUp()
    {
        parent::setUp();
        $this->security = new Security();
        $this->security->derivationIterations = 100; // speed up test running
    }

    // Tests :

    public function testHashData()
    {
        $data = 'known data';
        $key = 'secret';
        $hashedData = $this->security->hashData($data, $key);
        $this->assertFalse($data === $hashedData);
        $this->assertEquals($data, $this->security->validateData($hashedData, $key));
        $hashedData[strlen($hashedData) - 1] = 'A';
        $this->assertFalse($this->security->validateData($hashedData, $key));
    }

    /**
     * Data provider for [[testPasswordHash()]]
     * @return array test data
     */
    public function dataProviderPasswordHash()
    {
        return [
            [
                'crypt',
                false
            ],
            [
                'password_hash',
                !function_exists('password_hash')
            ],
        ];
    }

    /**
     * @dataProvider dataProviderPasswordHash
     *
     * @param string $passwordHashStrategy
     * @param boolean $isSkipped
     */
    public function testPasswordHash($passwordHashStrategy, $isSkipped)
    {
        if ($isSkipped) {
            $this->markTestSkipped("Unable to test '{$passwordHashStrategy}' password hash strategy");
            return;
        }
        $this->security->passwordHashStrategy = $passwordHashStrategy;

        $password = 'secret';
        $hash = $this->security->generatePasswordHash($password);
        $this->assertTrue($this->security->validatePassword($password, $hash));
        $this->assertFalse($this->security->validatePassword('test', $hash));
    }

    /**
     * Data provider for [[testEncrypt()]]
     * @return array test data
     */
    public function dataProviderEncrypt()
    {
        return [
            [
                'hmac',
                true,
                false,
            ],
            [
                'hmac',
                false,
                false,
            ],
            [
                'pbkdf2',
                true,
                !function_exists('hash_pbkdf2')
            ],
            [
                'pbkdf2',
                false,
                !function_exists('hash_pbkdf2')
            ],
        ];
    }

    /**
     * @dataProvider dataProviderEncrypt
     *
     * @param string $deriveKeyStrategy
     * @param boolean $useDeriveKeyUniqueSalt
     * @param boolean $isSkipped
     */
    public function testEncrypt($deriveKeyStrategy, $useDeriveKeyUniqueSalt, $isSkipped)
    {
        if ($isSkipped) {
            $this->markTestSkipped("Unable to test '{$deriveKeyStrategy}' derive key strategy");
            return;
        }
        $this->security->deriveKeyStrategy = $deriveKeyStrategy;
        $this->security->useDeriveKeyUniqueSalt = $useDeriveKeyUniqueSalt;

        $data = 'known data';
        $key = 'secret';
        $encryptedData = $this->security->encrypt($data, $key);
        $this->assertFalse($data === $encryptedData);
        $decryptedData = $this->security->decrypt($encryptedData, $key);
        $this->assertEquals($data, $decryptedData);
    }

    public function testGenerateRandomBytes()
    {
        $length = 21;
        $key = $this->security->generateRandomBytes($length);
        $this->assertEquals($length, strlen($key));
    }

    public function testGenerateRandomKey()
    {
        $length = 21;
        $key = $this->security->generateRandomKey($length);
        $this->assertEquals($length, strlen($key));
        $this->assertEquals(1, preg_match('/[A-Za-z0-9_.-]+/', $key));
    }
}