newsupernova/vendor/magento/framework/Encryption/Test/Unit/EncryptorTest.php

<?php
/**
 * Copyright © Magento, Inc. All rights reserved.
 * See COPYING.txt for license details.
 */

declare(strict_types=1);

namespace Magento\Framework\Encryption\Test\Unit;

use Magento\Framework\Encryption\Adapter\SodiumChachaIetf;
use Magento\Framework\Encryption\Encryptor;
use Magento\Framework\Encryption\Crypt;
use Magento\Framework\Encryption\KeyValidator;
use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;

class EncryptorTest extends \PHPUnit\Framework\TestCase
{
    const CRYPT_KEY_1 = 'g9mY9KLrcuAVJfsmVUSRkKFLDdUPVkaZ';
    const CRYPT_KEY_2 = '7wEjmrliuqZQ1NQsndSa8C8WHvddeEbN';

    /**
     * @var \Magento\Framework\Encryption\Encryptor
     */
    private $encryptor;

    /**
     * @var \PHPUnit_Framework_MockObject_MockObject
     */
    private $randomGeneratorMock;

    /**
     * @var KeyValidator|\PHPUnit_Framework_MockObject_MockObject
     */
    private $keyValidatorMock;

    protected function setUp()
    {
        $this->randomGeneratorMock = $this->createMock(\Magento\Framework\Math\Random::class);
        $deploymentConfigMock = $this->createMock(\Magento\Framework\App\DeploymentConfig::class);
        $deploymentConfigMock->expects($this->any())
            ->method('get')
            ->with(Encryptor::PARAM_CRYPT_KEY)
            ->will($this->returnValue(self::CRYPT_KEY_1));
        $this->keyValidatorMock = $this->createMock(KeyValidator::class);
        $this->encryptor = (new ObjectManager($this))->getObject(
            \Magento\Framework\Encryption\Encryptor::class,
            [
                'random' => $this->randomGeneratorMock,
                'deploymentConfig' => $deploymentConfigMock,
                'keyValidator' => $this->keyValidatorMock
            ]
        );
    }

    public function testGetHashNoSalt()
    {
        $this->randomGeneratorMock->expects($this->never())->method('getRandomString');
        $expected = '5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8';
        $actual = $this->encryptor->getHash('password');
        $this->assertEquals($expected, $actual);
    }

    public function testGetHashSpecifiedSalt()
    {
        $this->randomGeneratorMock->expects($this->never())->method('getRandomString');
        $expected = '13601bda4ea78e55a07b98866d2be6be0744e3866f13c00c811cab608a28f322:salt:1';
        $actual = $this->encryptor->getHash('password', 'salt');
        $this->assertEquals($expected, $actual);
    }

    public function testGetHashRandomSaltDefaultLength()
    {
        $salt = '-----------random_salt----------';
        $this->randomGeneratorMock
            ->expects($this->once())
            ->method('getRandomString')
            ->with(32)
            ->will($this->returnValue($salt));
        $expected = 'a1c7fc88037b70c9be84d3ad12522c7888f647915db78f42eb572008422ba2fa:' . $salt . ':1';
        $actual = $this->encryptor->getHash('password', true);
        $this->assertEquals($expected, $actual);
    }

    public function testGetHashRandomSaltSpecifiedLength()
    {
        $this->randomGeneratorMock
            ->expects($this->once())
            ->method('getRandomString')
            ->with(11)
            ->will($this->returnValue('random_salt'));
        $expected = '4c5cab8dd00137d11258f8f87b93fd17bd94c5026fc52d3c5af911dd177a2611:random_salt:1';
        $actual = $this->encryptor->getHash('password', 11);
        $this->assertEquals($expected, $actual);
    }

    /**
     * @param string $password
     * @param string $hash
     * @param bool $expected
     *
     * @dataProvider validateHashDataProvider
     */
    public function testValidateHash($password, $hash, $expected)
    {
        $actual = $this->encryptor->validateHash($password, $hash);
        $this->assertEquals($expected, $actual);
    }

    /**
     * @return array
     */
    public function validateHashDataProvider()
    {
        return [
            ['password', 'hash:salt:1', false],
            ['password', '67a1e09bb1f83f5007dc119c14d663aa:salt:0', true],
            ['password', '13601bda4ea78e55a07b98866d2be6be0744e3866f13c00c811cab608a28f322:salt:1', true],
        ];
    }

    /**
     * @param mixed $key
     *
     * @dataProvider encryptWithEmptyKeyDataProvider
     * @expectedException \SodiumException
     */
    public function testEncryptWithEmptyKey($key)
    {
        $deploymentConfigMock = $this->createMock(\Magento\Framework\App\DeploymentConfig::class);
        $deploymentConfigMock->expects($this->any())
            ->method('get')
            ->with(Encryptor::PARAM_CRYPT_KEY)
            ->will($this->returnValue($key));
        $model = new Encryptor($this->randomGeneratorMock, $deploymentConfigMock);
        $value = 'arbitrary_string';
        $this->assertEquals($value, $model->encrypt($value));
    }

    /**
     * @return array
     */
    public function encryptWithEmptyKeyDataProvider()
    {
        return [[null], [0], [''], ['0']];
    }

    /**
     * @param mixed $key
     *
     * @dataProvider decryptWithEmptyKeyDataProvider
     */
    public function testDecryptWithEmptyKey($key)
    {
        $deploymentConfigMock = $this->createMock(\Magento\Framework\App\DeploymentConfig::class);
        $deploymentConfigMock->expects($this->any())
            ->method('get')
            ->with(Encryptor::PARAM_CRYPT_KEY)
            ->will($this->returnValue($key));
        $model = new Encryptor($this->randomGeneratorMock, $deploymentConfigMock);
        $value = 'arbitrary_string';
        $this->assertEquals('', $model->decrypt($value));
    }

    /**
     * @return array
     */
    public function decryptWithEmptyKeyDataProvider()
    {
        return [[null], [0], [''], ['0']];
    }

    public function testEncrypt()
    {
        // sample data to encrypt
        $data = 'Mares eat oats and does eat oats, but little lambs eat ivy.';

        $actual = $this->encryptor->encrypt($data);

        // Extract the initialization vector and encrypted data
        $parts = explode(':', $actual, 3);
        list(, , $encryptedData) = $parts;

        $crypt = new SodiumChachaIetf(self::CRYPT_KEY_1);
        // Verify decrypted matches original data
        $this->assertEquals($data, $crypt->decrypt(base64_decode((string)$encryptedData)));
    }

    public function testDecrypt()
    {
        $message = 'Mares eat oats and does eat oats, but little lambs eat ivy.';
        $encrypted = $this->encryptor->encrypt($message);

        $this->assertEquals($message, $this->encryptor->decrypt($encrypted));
    }

    public function testLegacyDecrypt()
    {
        // sample data to encrypt
        $data = '0:2:z3a4ACpkU35W6pV692U4ueCVQP0m0v0p:' .
            'DhEG8/uKGGq92ZusqrGb6X/9+2Ng0QZ9z2UZwljgJbs5/A3LaSnqcK0oI32yjHY49QJi+Z7q1EKu2yVqB8EMpA==';

        $actual = $this->encryptor->decrypt($data);

        // Extract the initialization vector and encrypted data
        $parts = explode(':', $data, 4);
        list(, , $iv, $encrypted) = $parts;

        // Decrypt returned data with RIJNDAEL_256 cipher, cbc mode
        $crypt = new Crypt(self::CRYPT_KEY_1, MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC, $iv);
        // Verify decrypted matches original data
        $this->assertEquals($encrypted, base64_encode($crypt->encrypt($actual)));
    }

    public function testEncryptDecryptNewKeyAdded()
    {
        $deploymentConfigMock = $this->createMock(\Magento\Framework\App\DeploymentConfig::class);
        $deploymentConfigMock->expects($this->at(0))
            ->method('get')
            ->with(Encryptor::PARAM_CRYPT_KEY)
            ->will($this->returnValue(self::CRYPT_KEY_1));
        $deploymentConfigMock->expects($this->at(1))
            ->method('get')
            ->with(Encryptor::PARAM_CRYPT_KEY)
            ->will($this->returnValue(self::CRYPT_KEY_1 . "\n" . self::CRYPT_KEY_2));
        $model1 = new Encryptor($this->randomGeneratorMock, $deploymentConfigMock);
        // simulate an encryption key is being added
        $model2 = new Encryptor($this->randomGeneratorMock, $deploymentConfigMock);

        // sample data to encrypt
        $data = 'Mares eat oats and does eat oats, but little lambs eat ivy.';
        // encrypt with old key
        $encryptedData = $model1->encrypt($data);
        $decryptedData = $model2->decrypt($encryptedData);

        $this->assertSame($data, $decryptedData, 'Encryptor failed to decrypt data encrypted by old keys.');
    }

    public function testValidateKey()
    {
        $this->keyValidatorMock->method('isValid')->willReturn(true);
        $this->encryptor->validateKey(self::CRYPT_KEY_1);
    }

    /**
     * @expectedException \Exception
     */
    public function testValidateKeyInvalid()
    {
        $this->keyValidatorMock->method('isValid')->willReturn(false);
        $this->encryptor->validateKey('-----    ');
    }

    /**
     * @return array
     */
    public function useSpecifiedHashingAlgoDataProvider()
    {
        return [
            ['password', 'salt', Encryptor::HASH_VERSION_MD5,
             '67a1e09bb1f83f5007dc119c14d663aa:salt:0'],
            ['password', 'salt', Encryptor::HASH_VERSION_SHA256,
             '13601bda4ea78e55a07b98866d2be6be0744e3866f13c00c811cab608a28f322:salt:1'],
            ['password', false, Encryptor::HASH_VERSION_MD5,
             '5f4dcc3b5aa765d61d8327deb882cf99'],
            ['password', false, Encryptor::HASH_VERSION_SHA256,
             '5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8']
        ];
    }

    /**
     * @dataProvider useSpecifiedHashingAlgoDataProvider
     *
     * @param $password
     * @param $salt
     * @param $hashAlgo
     * @param $expected
     */
    public function testGetHashMustUseSpecifiedHashingAlgo($password, $salt, $hashAlgo, $expected)
    {
        $hash = $this->encryptor->getHash($password, $salt, $hashAlgo);
        $this->assertEquals($expected, $hash);
    }
}