public function SecureSiteScriptDigestMD5UnitTest::testSecureSiteScriptDigestMD5AuthReplay in Secure Site 7.2
Same name and namespace in other branches
- 6.2 securesite.test \SecureSiteScriptDigestMD5UnitTest::testSecureSiteScriptDigestMD5AuthReplay()
Check response to replay attack with auth quality of protection.
File
- ./
securesite.test, line 354 - Tests for Secure Site module.
Class
- SecureSiteScriptDigestMD5UnitTest
- Unit tests for digest_md5.php.
Code
public function testSecureSiteScriptDigestMD5AuthReplay() {
$ha1 = md5($this->user->name . ':' . $this->challenge['realm'] . ':' . $this->user->pass_raw);
$cnonce = uniqid();
$response = md5($ha1 . ':' . $this->challenge['nonce'] . ":00000001:{$cnonce}:auth:" . md5('GET:/'));
$this->auth[] = 'nonce="' . $this->challenge['nonce'] . '"';
$this->auth[] = 'cnonce="' . $cnonce . '"';
$this->auth[] = 'nc=00000001';
$this->auth[] = 'response="' . $response . '"';
$command = $this->digest_md5 . ' data=' . escapeshellarg(implode(', ', $this->auth)) . ' method=GET';
exec($command);
module_load_include('inc', 'securesite');
$authentication = _securesite_parse_directives(exec($command, $output, $status));
$this
->assertTrue($status == 4 && isset($authentication['realm']) && isset($authentication['nonce']), t('Checking response to replay attack with %qop quality of protection.', array(
'%qop' => 'auth',
)));
}