File: Blake2bTest.php

package info (click to toggle)
php-lcobucci-jwt 5.5.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,280 kB
  • sloc: php: 6,674; makefile: 49
file content (81 lines) | stat: -rw-r--r-- 2,787 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
<?php
declare(strict_types=1);

namespace Lcobucci\JWT\Tests\Signer;

use Lcobucci\JWT\Signer\Blake2b;
use Lcobucci\JWT\Signer\InvalidKeyProvided;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\SodiumBase64Polyfill;
use PHPUnit\Framework\Attributes as PHPUnit;
use PHPUnit\Framework\TestCase;

use function hash_equals;

#[PHPUnit\CoversClass(Blake2b::class)]
#[PHPUnit\UsesClass(InMemory::class)]
#[PHPUnit\UsesClass(InvalidKeyProvided::class)]
#[PHPUnit\UsesClass(SodiumBase64Polyfill::class)]
final class Blake2bTest extends TestCase
{
    private const KEY_ONE                    = 'GOu4rLyVCBxmxP+sbniU68ojAja5PkRdvv7vNvBCqDQ=';
    private const KEY_TWO                    = 'Pu7gywseH+R5HLIWnMll4rEg1ltjUPq/P9WwEzAsAb8=';
    private const CONTENTS                   = 'test';
    private const EXPECTED_HASH_WITH_KEY_ONE = '/TG5kmkav/YGl3I9uQiv4cm1VN6Q0zPCom4G7+p74JU=';

    private const SHORT_KEY = 'PIBQuM5PopdMxtmTWmyvNA==';

    private InMemory $keyOne;
    private InMemory $keyTwo;
    /** @var non-empty-string */
    private string $expectedHashWithKeyOne;

    #[PHPUnit\Before]
    public function initializeKey(): void
    {
        $this->keyOne = InMemory::base64Encoded(self::KEY_ONE);
        $this->keyTwo = InMemory::base64Encoded(self::KEY_TWO);

        $this->expectedHashWithKeyOne = SodiumBase64Polyfill::base642bin(
            self::EXPECTED_HASH_WITH_KEY_ONE,
            SodiumBase64Polyfill::SODIUM_BASE64_VARIANT_ORIGINAL,
        );
    }

    #[PHPUnit\Test]
    public function algorithmIdMustBeCorrect(): void
    {
        $signer = new Blake2b();

        self::assertSame('BLAKE2B', $signer->algorithmId());
    }

    #[PHPUnit\Test]
    public function generatedSignatureMustBeSuccessfullyVerified(): void
    {
        $signer = new Blake2b();

        self::assertTrue(hash_equals($this->expectedHashWithKeyOne, $signer->sign(self::CONTENTS, $this->keyOne)));
        self::assertTrue($signer->verify($this->expectedHashWithKeyOne, self::CONTENTS, $this->keyOne));
    }

    #[PHPUnit\Test]
    public function signShouldRejectShortKeys(): void
    {
        $signer = new Blake2b();

        $this->expectException(InvalidKeyProvided::class);
        $this->expectExceptionMessage('Key provided is shorter than 256 bits, only 128 bits provided');

        $signer->sign(self::CONTENTS, InMemory::base64Encoded(self::SHORT_KEY));
    }

    #[PHPUnit\Test]
    public function verifyShouldReturnFalseWhenExpectedHashWasNotCreatedWithSameInformation(): void
    {
        $signer = new Blake2b();

        self::assertFalse(hash_equals($this->expectedHashWithKeyOne, $signer->sign(self::CONTENTS, $this->keyTwo)));
        self::assertFalse($signer->verify($this->expectedHashWithKeyOne, self::CONTENTS, $this->keyTwo));
    }
}