Add unit tests for PasswordEncoder

Author: troosan

src/PhpWord/Shared/Microsoft/PasswordEncoder.php

@@ -98,8 +98,10 @@ public static function hashPassword($password, $algorithmSid = 4, $salt = null,
         //   For each character, if the low byte is not equal to 0, take it. Otherwise, take the high byte.
         $passUtf8 = mb_convert_encoding($password, 'UCS-2LE', 'UTF-8');
         $byteChars = array();
+
         for ($i = 0; $i < mb_strlen($password); $i++) {
             $byteChars[$i] = ord(substr($passUtf8, $i * 2, 1));
+
             if ($byteChars[$i] == 0) {
                 $byteChars[$i] = ord(substr($passUtf8, $i * 2 + 1, 1));
             }
@@ -189,6 +191,7 @@ private static function buildCombinedKey($byteChars)
     /**
      * Simulate behaviour of (signed) int32
      *
+     * @codeCoverageIgnore
      * @param int $value
      * @return int
      */

tests/PhpWord/Metadata/SettingsTest.php

@@ -75,8 +75,8 @@ public function testDocumentProtection()
      */
     public function testInvalidSalt()
     {
-        $p = new Protection();
-        $p->setSalt('123');
+        $protection = new Protection();
+        $protection->setSalt('123');
     }
 
     /**

tests/PhpWord/Shared/Microsoft/PasswordEncoderTest.php

@@ -0,0 +1,91 @@
+<?php
+/**
+ * This file is part of PHPWord - A pure PHP library for reading and writing
+ * word processing documents.
+ *
+ * PHPWord is free software distributed under the terms of the GNU Lesser
+ * General Public License version 3 as published by the Free Software Foundation.
+ *
+ * For the full copyright and license information, please read the LICENSE
+ * file that was distributed with this source code. For the full list of
+ * contributors, visit https://github.com/PHPOffice/PHPWord/contributors.
+ *
+ * @see         https://github.com/PHPOffice/PHPWord
+ * @copyright   2010-2017 PHPWord contributors
+ * @license     http://www.gnu.org/licenses/lgpl.txt LGPL version 3
+ */
+
+namespace PhpOffice\PhpWord\Shared;
+
+use PhpOffice\PhpWord\Shared\Microsoft\PasswordEncoder;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * Test class for PhpOffice\PhpWord\Shared\Html
+ * @coversDefaultClass \PhpOffice\PhpWord\Shared\Html
+ */
+class PasswordEncoderTest extends \PHPUnit\Framework\TestCase
+{
+    /**
+     * Test that a password can be hashed without specifying any additional parameters
+     */
+    public function testEncodePassword()
+    {
+        //given
+        $password = 'test';
+
+        //when
+        $hashPassword = PasswordEncoder::hashPassword($password);
+
+        //then
+        TestCase::assertEquals('M795/MAlmGU8RIsY9Q9uDLHC7bk=', $hashPassword);
+    }
+
+    /**
+     * Test that a password can be hashed with a custom salt
+     */
+    public function testEncodePasswordWithSalt()
+    {
+        //given
+        $password = 'test';
+        $salt = base64_decode('uq81pJRRGFIY5U+E9gt8tA==');
+
+        //when
+        $hashPassword = PasswordEncoder::hashPassword($password, 4, $salt);
+
+        //then
+        TestCase::assertEquals('QiDOcpia1YzSVJPiKPwWebl9p/0=', $hashPassword);
+    }
+
+    /**
+     * Test that the encoder falls back on SHA-1 if a non supported algorithm is given
+     */
+    public function testDafaultsToSha1IfUnsupportedAlgorithm()
+    {
+        //given
+        $password = 'test';
+        $salt = base64_decode('uq81pJRRGFIY5U+E9gt8tA==');
+
+        //when
+        $hashPassword = PasswordEncoder::hashPassword($password, 5, $salt);
+
+        //then
+        TestCase::assertEquals('QiDOcpia1YzSVJPiKPwWebl9p/0=', $hashPassword);
+    }
+
+    /**
+     * Test that the encoder falls back on SHA-1 if a non supported algorithm is given
+     */
+    public function testEncodePasswordWithNullAsciiCodeInPassword()
+    {
+        //given
+        $password = 'test' . chr(0);
+        $salt = base64_decode('uq81pJRRGFIY5U+E9gt8tA==');
+
+        //when
+        $hashPassword = PasswordEncoder::hashPassword($password, 5, $salt, 1);
+
+        //then
+        TestCase::assertEquals('rDV9sgdDsztoCQlvRCb1lF2wxNg=', $hashPassword);
+    }
+}

tests/PhpWord/Writer/Word2007/Part/SettingsTest.php

@@ -79,25 +79,6 @@ public function testDocumentProtectionWithPassword()
         $this->assertEquals('10', $doc->getElement($path, $file)->getAttribute('w:cryptSpinCount'));
     }
 
-    /**
-     * Test document protection with password only
-     */
-    public function testDocumentProtectionWithPasswordOnly()
-    {
-        $phpWord = new PhpWord();
-        $phpWord->getSettings()->getDocumentProtection()->setEditing('readOnly');
-        $phpWord->getSettings()->getDocumentProtection()->setPassword('testÄö@€!$&');
-
-        $doc = TestHelperDOCX::getDocument($phpWord);
-
-        $file = 'word/settings.xml';
-
-        $path = '/w:settings/w:documentProtection';
-        $this->assertTrue($doc->elementExists($path, $file));
-        $this->assertEquals('4', $doc->getElement($path, $file)->getAttribute('w:cryptAlgorithmSid'));
-        $this->assertEquals('100000', $doc->getElement($path, $file)->getAttribute('w:cryptSpinCount'));
-    }
-
     /**
      * Test compatibility
      */