/**
* testHash method
*
* @return void
*/
public function testHash()
{
$_hashType = Security::$hashType;
$key = 'someKey';
$hash = 'someHash';
$this->assertSame(40, strlen(Security::hash($key, null, false)));
$this->assertSame(40, strlen(Security::hash($key, 'sha1', false)));
$this->assertSame(40, strlen(Security::hash($key, null, true)));
$this->assertSame(40, strlen(Security::hash($key, 'sha1', true)));
$result = Security::hash($key, null, $hash);
$this->assertSame($result, 'e38fcb877dccb6a94729a81523851c931a46efb1');
$result = Security::hash($key, 'sha1', $hash);
$this->assertSame($result, 'e38fcb877dccb6a94729a81523851c931a46efb1');
$hashType = 'sha1';
Security::setHash($hashType);
$this->assertSame($hashType, Security::$hashType);
$this->assertSame(40, strlen(Security::hash($key, null, true)));
$this->assertSame(40, strlen(Security::hash($key, null, false)));
$this->assertSame(32, strlen(Security::hash($key, 'md5', false)));
$this->assertSame(32, strlen(Security::hash($key, 'md5', true)));
$hashType = 'md5';
Security::setHash($hashType);
$this->assertSame($hashType, Security::$hashType);
$this->assertSame(32, strlen(Security::hash($key, null, false)));
$this->assertSame(32, strlen(Security::hash($key, null, true)));
$this->assertSame(64, strlen(Security::hash($key, 'sha256', false)));
$this->assertSame(64, strlen(Security::hash($key, 'sha256', true)));
Security::setHash($_hashType);
}
/**
* Test that hash() works with blowfish.
*
* @return void
*/
public function testHashBlowfish()
{
Security::setCost(10);
$test = Security::hash('password', 'blowfish');
$_hashType = Security::$hashType;
$key = 'someKey';
$hashType = 'blowfish';
Security::setHash($hashType);
$this->assertSame($hashType, Security::$hashType);
$this->assertSame(60, strlen(Security::hash($key, null, false)));
$password = $submittedPassword = $key;
$storedPassword = Security::hash($password);
$hashedPassword = Security::hash($submittedPassword, null, $storedPassword);
$this->assertSame($storedPassword, $hashedPassword);
$submittedPassword = '******';
$hashedPassword = Security::hash($submittedPassword, null, $storedPassword);
$this->assertNotSame($storedPassword, $hashedPassword);
$expected = sha1('customsaltsomevalue');
$result = Security::hash('somevalue', 'sha1', 'customsalt');
$this->assertSame($expected, $result);
$oldSalt = Configure::read('Security.salt');
Configure::write('Security.salt', 'customsalt');
$expected = sha1('customsaltsomevalue');
$result = Security::hash('somevalue', 'sha1', true);
$this->assertSame($expected, $result);
Configure::write('Security.salt', $oldSalt);
Security::setHash($_hashType);
}
