7 my $default = "bcrypt";
9 my $root = RT::User->new(RT->SystemUser);
13 my $old = $root->__Value("Password");
14 like($old, qr/^\!$default\!/, "Stored as salted $default");
15 ok($root->IsPassword("password"));
16 is($root->__Value("Password"), $old, "Unchanged after password check");
18 # bcrypt (smaller number of rounds)
19 my $rounds = RT->Config->Get("BcryptCost");
20 my $salt = Crypt::Eksblowfish::Bcrypt::en_base64("a"x16);
21 $root->_Set( Field => "Password", Value => RT::User->_GeneratePassword_bcrypt("smaller", 6, $salt) );
22 like($root->__Value("Password"), qr/^\!$default\!06\!/, "Stored with a smaller number of rounds");
23 ok($root->IsPassword("smaller"), "Smaller number of bcrypt rounds works");
24 like($root->__Value("Password"), qr/^\!$default\!$rounds\!/, "And is now upgraded to $rounds rounds");
26 # Salted SHA-512, one round
27 $root->_Set( Field => "Password", Value => RT::User->_GeneratePassword_sha512("other", "salt") );
28 ok($root->IsPassword("other"), "SHA-512 password works");
29 like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default");
32 $root->_Set( Field => "Password", Value => crypt("something", "salt"));
33 ok($root->IsPassword("something"), "crypt()ed password works");
34 like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default");
37 $root->_Set( Field => "Password", Value => Digest::MD5::md5_hex("changed"));
38 ok($root->IsPassword("changed"), "Unsalted MD5 hex works");
39 like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default");
42 $root->_Set( Field => "Password", Value => Digest::MD5::md5_base64("new"));
43 ok($root->IsPassword("new"), "Unsalted MD5 base64 works");
44 like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default");
46 # Salted truncated SHA-256
47 my $trunc = MIME::Base64::encode_base64(
48 "salt" . substr(Digest::SHA::sha256("salt".Digest::MD5::md5("secret")),0,26),
51 $root->_Set( Field => "Password", Value => $trunc);
52 ok($root->IsPassword("secret"), "Unsalted MD5 base64 works");
53 like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default");
55 # Non-ASCII salted truncated SHA-256
56 my $non_ascii_trunc = MIME::Base64::encode_base64(
57 "salt" . substr(Digest::SHA::sha256("salt".Digest::MD5::md5("áěšý")),0,26),
60 $root->_Set( Field => "Password", Value => $non_ascii_trunc);
61 ok($root->IsPassword(Encode::decode("UTF-8", "áěšý")), "Unsalted MD5 base64 works");
62 like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default");