Include tests to test pwqcheck

Zaiba-S · solardiz · commit e8f86b09a9f7 · 2025-11-14T04:37:29.000+01:00
Signed-off-by: Zaiba Sanglikar &lt;zaiba.sanglikar@toshiba-tsip.com&gt;
diff --git a/tests/test-pwqcheck-basic.sh b/tests/test-pwqcheck-basic.sh
@@ -0,0 +1,76 @@
+#!/bin/bash
+#
+# Copyright (c) 2025 by Zaiba Sanglikar.  See LICENSE.
+#
+#
+
+if [ -t 1 ]; then
+# Colors for better visibility
+	GREEN='\033[0;32m'
+	RED='\033[0;31m'
+	NC='\033[0m'
+else
+	GREEN=''
+	RED=''
+	NC=''
+fi
+
+# Test function for basic password checks
+test_basic_password() {
+	local password="$1"
+	local expected="$2"
+	local description="$3"
+
+	PWQCHECK_BIN="$(dirname "$0")/../pwqcheck"
+
+	echo -n "Testing $description: "
+	result=$(echo "$password" | "$PWQCHECK_BIN" -1 2>&1)
+	exit_code=$?
+
+	if [ "$expected" = "pass" -a "$exit_code" -eq 0 ] || \
+	   [ "$expected" = "fail" -a "$exit_code" -ne 0 ]; then
+		echo -e "${GREEN}PASS${NC}"
+		echo "  Password tested: '$password'"
+		echo "  Result: $result"
+		echo
+		return 0
+	else
+		echo -e "${RED}FAIL${NC}"
+		echo "Password tested: $password"
+		echo "Expected: $expected"
+		echo "Got: $result"
+		echo
+		return 1
+	fi
+}
+
+echo "Running Basic Password Validation Tests..."
+
+# Test Suite 1: Strong Passwords
+echo -e "\nTesting Strong Passwords:"
+test_basic_password "P@ssw0rd123!" "pass" "Standard strong password"
+test_basic_password "Tr0ub4dor&3" "pass" "Complex password"
+test_basic_password "iStayInloreAtHomeb7&street111" "pass" "Long passphrase"
+test_basic_password "H3llo@W0rld2024" "pass" "Strong password with year"
+
+# Test Suite 2: Common Weak Patterns
+echo -e "\nTesting Weak Patterns:"
+test_basic_password "password123" "fail" "Common password with numbers"
+test_basic_password "qwerty" "fail" "Keyboard pattern"
+test_basic_password "admin123" "fail" "Common admin password"
+test_basic_password "letmein" "fail" "Common weak password"
+
+# Test Suite 3: Mixed Complexity
+echo -e "\nTesting Mixed Complexity:"
+test_basic_password "MyP@ssw0rd" "pass" "Mixed case with symbols and numbers"
+test_basic_password "Str0ng!P@ssphrase" "pass" "Strong with multiple special chars"
+test_basic_password "C0mpl3x1ty!" "pass" "Complex but reasonable length"
+
+# Test Suite 4: Edge Cases
+echo -e "\nTesting Edge Cases:"
+test_basic_password " " "fail" "Single space"
+test_basic_password "" "fail" "Empty password"
+test_basic_password "$(printf 'a%.0s' {1..71})" "fail" "Very long password"
+test_basic_password "ljy8zk9aBJ3hA3TXAAMAQe61ytFohJM4SuPFbA4L1xDqV2JDE1n8BCnLN96evcJMWyTkr9y3" "pass" "Max length password"
+test_basic_password "ljy8zk9aBJ3hA3TXAAMAQe61ytFohJM4SuPFbA4L1xDqV2JDE1n8BCnLN96evcJMWyTkr9y312345" "fail" "Max length exceed password"
+echo -e "\nAll basic password validation tests completed!"
diff --git a/tests/test-pwqcheck-length.sh b/tests/test-pwqcheck-length.sh
@@ -0,0 +1,80 @@
+#!/bin/bash
+#
+# Copyright (c) 2025 by Zaiba Sanglikar.  See LICENSE.
+#
+#
+
+if [ -t 1 ]; then
+# Colors for better visibility
+	GREEN='\033[0;32m'
+	RED='\033[0;31m'
+	NC='\033[0m'
+else
+	GREEN=''
+	RED=''
+	NC=''
+fi
+
+# Test helper function with improved output handling
+test_password() {
+	local password="$1"
+	local min_params="$2"
+	local expected="$3"
+	local test_name="$4"
+
+    printf "Testing %-40s" "$test_name:"
+
+	PWQCHECK_BIN="$(dirname "$0")/../pwqcheck"
+
+	output=$(echo "$password" | "$PWQCHECK_BIN" -1 "min=$min_params" 2>&1)
+	status=$?
+
+	if [ "$expected" = "pass" -a $status -eq 0 ] || \
+	   [ "$expected" = "fail" -a $status -ne 0 ]; then
+		echo -e "${GREEN}PASS${NC}"
+		echo "  Password tested: '$password'"
+		echo "  Result: $output"
+		echo
+	else
+		echo -e "${RED}FAIL${NC}"
+		echo "  Password tested: '$password'"
+		echo "  Expected: $expected"
+		echo "  Got: $output"
+		echo "  Exit status: $status"
+		echo
+		return 1
+	fi
+}
+
+# Main test suite
+main() {
+	echo "=== Password Length Tests ==="
+	echo
+
+	# Test 1: Default minimum lengths
+	test_password "short" "24,12,8,7,6" "fail" "Short password"
+	test_password "ThisIsAVeryLongPasswordThatShouldPass123!" "24,12,8,7,6" "pass" "Long complex password"
+
+	# Test 2: Custom minimum lengths
+	test_password "pass123" "6,6,6,6,6" "pass" "Password with relaxed mins"
+	test_password "a" "6,6,6,6,6" "fail" "Single character password"
+
+	# Test 3: Different complexity levels
+	test_password "BearD&Tach" "8,8,8,8,8" "pass" "Simple but long password"
+	test_password "P@ssw0rd!" "8,8,8,8,8" "pass" "Complex password"
+
+	# Test 4: Edge cases
+	test_password "YakMeas1" "8,8,8,8,8" "pass" "Exactly minimum length"
+	test_password "7chars" "8,8,8,8,8" "fail" "Below minimum length"
+
+	# Test 5: Different complexity classes
+	echo "Testing complexity classes..."
+	test_password "FigRatMatBatSatWatPatCat" "24,12,8,7,6" "pass" "N0: 24-char basic password"
+	test_password "Complex12Pass" "24,12,8,7,6" "pass" "N1: 12-char mixed password"
+	test_password "P@ss8chr" "24,12,8,7,6" "pass" "N2: 8-char complex password"
+	test_password "P@s7chr" "24,12,8,7,6" "pass" "N3: 7-char complex password"
+	test_password "B!rd5#K" "24,12,8,7,6" "pass" "N4: 6-char highly complex password"
+}
+
+# Run the tests
+main
diff --git a/tests/test-pwqcheck-multi.sh b/tests/test-pwqcheck-multi.sh
@@ -0,0 +1,124 @@
+#!/bin/bash
+#
+# Copyright (c) 2025 by Zaiba Sanglikar.  See LICENSE.
+#
+#
+
+if [ -t 1 ]; then
+# Colors for better visibility
+	GREEN='\033[0;32m'
+	RED='\033[0;31m'
+	NC='\033[0m'
+else
+	GREEN=''
+	RED=''
+	NC=''
+fi
+
+# Function to test multiple passwords
+test_multiple_passwords() {
+	local test_name="$1"
+	local passwords="$2"
+	local expected_results="$3"
+
+	echo -e "\nRunning Test: ${test_name}"
+	echo "------------------------"
+
+	# Create a temporary file for test output
+	local temp_output
+	temp_output=$(mktemp)
+
+	PWQCHECK_BIN="$(dirname "$0")/../pwqcheck"
+
+	# Run pwqcheck with multiple passwords
+	echo -e "$passwords" | "$PWQCHECK_BIN" --multi -1 > "$temp_output" 2>&1
+
+	# Compare results
+	local actual_results
+	actual_results=$(cat "$temp_output")
+	if echo "$actual_results" | grep -q "$expected_results"; then
+		echo -e "${GREEN}PASS${NC}"
+		echo "Test output matches expected results"
+	else
+		echo -e "${RED}FAIL${NC}"
+		echo "Expected:"
+		echo "$expected_results"
+		echo "Got:"
+		cat "$temp_output"
+	fi
+
+	rm -f "$temp_output"
+}
+
+echo "Running Multiple Password Tests..."
+
+# Test 1: Mix of valid and invalid passwords
+test_multiple_passwords "Mixed Passwords" \
+"StrongP@ss123!
+weak
+Tr0ub4dor&3
+password123
+C0mpl3x1ty!" \
+"OK: StrongP@ss123!
+Bad passphrase
+OK: Tr0ub4dor&3
+Bad passphrase
+OK: C0mpl3x1ty!"
+
+# Test 2: All valid passwords
+test_multiple_passwords "All Valid Passwords" \
+"P@ssw0rd123!
+Tr0ub4dor&3
+C0mpl3x1ty!
+H3llo@W0rld" \
+"OK: P@ssw0rd123!
+OK: Tr0ub4dor&3
+OK: C0mpl3x1ty!
+OK: H3llo@W0rld"
+
+# Test 3: All invalid passwords
+test_multiple_passwords "All Invalid Passwords" \
+"password123
+qwerty
+admin
+letmein" \
+"Bad passphrase
+Bad passphrase
+Bad passphrase
+Bad passphrase"
+
+# Test 4: Empty lines and special characters
+test_multiple_passwords "Special Cases" \
+"StrongP@ss123!
+P@ssw0rd!
+Tr0ub4dor&3" \
+"OK: StrongP@ss123!
+Bad passphrase
+OK: P@ssw0rd!
+Bad passphrase
+OK: Tr0ub4dor&3"
+
+# Test 5: With custom parameters
+test_multiple_passwords "Custom Parameters" \
+"short
+medium12345
+VeryLongP@ssword123!" \
+"Bad passphrase
+OK: medium12345
+OK: VeryLongP@ssword123!"
+
+echo -e "\nAll multiple password tests completed!"
+
+# Test 6: Large number of passwords
+echo -e "\nTesting large batch of passwords..."
+{
+    for i in {1..50}; do
+        if [ $((i % 2)) -eq 0 ]; then
+            echo "StrongP@ss${i}!"
+        else
+            echo "weak${i}"
+        fi
+    done
+} | "$PWQCHECK_BIN"  --multi -1
+
+echo "Large batch test completed!"
diff --git a/tests/test-pwqcheck-similarity.sh b/tests/test-pwqcheck-similarity.sh
@@ -0,0 +1,104 @@
+#!/bin/bash
+#
+# Copyright (c) 2025 by Zaiba Sanglikar.  See LICENSE.
+#
+#
+
+if [ -t 1 ]; then
+# Colors for better visibility
+	GREEN='\033[0;32m'
+	RED='\033[0;31m'
+	NC='\033[0m'
+else
+	GREEN=''
+	RED=''
+	NC=''
+fi
+
+
+# Function to run pwqcheck with two passwords
+test_passwords() {
+	local new_pass="$1"
+	local old_pass="$2"
+	local expected_result="$3"
+	local test_name="$4"
+
+	PWQCHECK_BIN="$(dirname "$0")/../pwqcheck"
+
+	# Run pwqcheck with both passwords and --similar=deny option
+	result=$(printf "%s\n%s" "$new_pass" "$old_pass" |  "$PWQCHECK_BIN"  -2 similar=deny 2>&1)
+	exit_code=$?
+
+	# Check if the result matches expected
+	if [ $exit_code -eq "$expected_result" ]; then
+		echo -e "${GREEN}✓ PASS:${NC} $test_name"
+	else
+		echo -e "${RED}✗ FAIL:${NC} $test_name"
+		echo "  Expected exit code: $expected_result, Got: $exit_code"
+		echo "  Output: $result"
+	fi
+
+}
+
+#add a function to test when similar passwords are permitted
+test_passwords_permit() {
+
+	local new_pass="$1"
+	local old_pass="$2"
+	local expected_result="$3"
+	local test_name="$4"
+
+	# Run pwqcheck with both passwords and --similar=permit option
+	result=$(printf "%s\n%s" "$new_pass" "$old_pass" | "$PWQCHECK_BIN"  -2  similar=permit 2>&1)
+	exit_code=$?
+
+	# Check if the result matches expected
+	if [ $exit_code -eq "$expected_result" ]; then
+		echo -e "${GREEN}✓ PASS:${NC} $test_name"
+		((TESTS_PASSED++))
+	else
+		echo -e "${RED}✗ FAIL:${NC} $test_name"
+		echo "  Expected exit code: $expected_result, Got: $exit_code"
+		echo "  Output: $result"
+	fi
+}
+
+# Main testing section
+echo "Running pwqcheck similarity tests with --similar=deny..."
+echo "===================================================="
+
+# Test 1: Identical passwords (should fail with deny)
+test_passwords "ComplexPass123!" "ComplexPass123!" 1 \
+    "Identical passwords should be rejected when similarity is denied"
+
+# Test 2: Case variation (should fail with deny)
+test_passwords "ComplexPass123!" "complexpass123!" 1 \
+    "Case variations should be rejected when similarity is denied"
+
+# Test 3: Number substitution (should fail with deny)
+test_passwords "P@ssw0rd123!" "Password123!" 1 \
+    "Common number substitutions should be rejected when similarity is denied"
+
+# Test 4: Different passwords (should pass even with deny)
+test_passwords "ComplexPass123!" "TotallyDifferent456@" 0 \
+    "Different passwords should be accepted even when similarity is denied"
+
+echo
+echo "Running pwqcheck similarity tests with --similar=permit..."
+echo "====================================================="
+
+# Test 5: Identical passwords (should pass with permit)
+test_passwords_permit "VeryComplexPass#789" "VeryComplexPass#789!" 0 \
+    "Identical passwords should be accepted when similarity is permitted"
+
+# Test 6: Case variation (should pass with permit)
+test_passwords_permit "ComplexPass123!" "complexpass123!" 0 \
+    "Case variations should be accepted when similarity is permitted"
+
+# Test 7: Number substitution (should pass with permit)
+test_passwords_permit "P@ssw0rd123!" "Password123!" 0 \
+    "Common number substitutions should be accepted when similarity is permitted"
+
+# Test 8: Different passwords (should pass with permit)
+test_passwords_permit "ComplexPass123!" "TotallyDifferent456@" 0 \
+    "Different passwords should be accepted when similarity is permitted"
