/** * testHash method * * @return void */ public function testHash() { $_hashType = Security::$hashType; $key = 'someKey'; $hash = 'someHash'; $this->assertSame(40, strlen(Security::hash($key, null, false))); $this->assertSame(40, strlen(Security::hash($key, 'sha1', false))); $this->assertSame(40, strlen(Security::hash($key, null, true))); $this->assertSame(40, strlen(Security::hash($key, 'sha1', true))); $result = Security::hash($key, null, $hash); $this->assertSame($result, 'e38fcb877dccb6a94729a81523851c931a46efb1'); $result = Security::hash($key, 'sha1', $hash); $this->assertSame($result, 'e38fcb877dccb6a94729a81523851c931a46efb1'); $hashType = 'sha1'; Security::setHash($hashType); $this->assertSame($hashType, Security::$hashType); $this->assertSame(40, strlen(Security::hash($key, null, true))); $this->assertSame(40, strlen(Security::hash($key, null, false))); $this->assertSame(32, strlen(Security::hash($key, 'md5', false))); $this->assertSame(32, strlen(Security::hash($key, 'md5', true))); $hashType = 'md5'; Security::setHash($hashType); $this->assertSame($hashType, Security::$hashType); $this->assertSame(32, strlen(Security::hash($key, null, false))); $this->assertSame(32, strlen(Security::hash($key, null, true))); $this->assertSame(64, strlen(Security::hash($key, 'sha256', false))); $this->assertSame(64, strlen(Security::hash($key, 'sha256', true))); Security::setHash($_hashType); }
/** * Test that hash() works with blowfish. * * @return void */ public function testHashBlowfish() { Security::setCost(10); $test = Security::hash('password', 'blowfish'); $_hashType = Security::$hashType; $key = 'someKey'; $hashType = 'blowfish'; Security::setHash($hashType); $this->assertSame($hashType, Security::$hashType); $this->assertSame(60, strlen(Security::hash($key, null, false))); $password = $submittedPassword = $key; $storedPassword = Security::hash($password); $hashedPassword = Security::hash($submittedPassword, null, $storedPassword); $this->assertSame($storedPassword, $hashedPassword); $submittedPassword = '******'; $hashedPassword = Security::hash($submittedPassword, null, $storedPassword); $this->assertNotSame($storedPassword, $hashedPassword); $expected = sha1('customsaltsomevalue'); $result = Security::hash('somevalue', 'sha1', 'customsalt'); $this->assertSame($expected, $result); $oldSalt = Configure::read('Security.salt'); Configure::write('Security.salt', 'customsalt'); $expected = sha1('customsaltsomevalue'); $result = Security::hash('somevalue', 'sha1', true); $this->assertSame($expected, $result); Configure::write('Security.salt', $oldSalt); Security::setHash($_hashType); }