From 1163f863069eb233b73ab9d66b95186609d21a0d Mon Sep 17 00:00:00 2001
From: Christian Flothmann <christian.flothmann@qossmic.com>
Date: Sat, 13 Apr 2024 09:04:03 +0200
Subject: [PATCH] skip test assertions that are no longer valid with PHP >=
 8.2.18/8.3.5

---
 Tests/Hasher/NativePasswordHasherTest.php | 6 +++++-
 Tests/Hasher/SodiumPasswordHasherTest.php | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/Tests/Hasher/NativePasswordHasherTest.php b/Tests/Hasher/NativePasswordHasherTest.php
index 5dc3019..4cf708b 100644
--- a/Tests/Hasher/NativePasswordHasherTest.php
+++ b/Tests/Hasher/NativePasswordHasherTest.php
@@ -103,7 +103,11 @@ public function testBcryptWithNulByte()
         $hasher = new NativePasswordHasher(null, null, 4, \PASSWORD_BCRYPT);
         $plainPassword = "a\0b";
 
-        $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        if (\PHP_VERSION_ID < 80218 || \PHP_VERSION_ID >= 80300 && \PHP_VERSION_ID < 80305) {
+            // password_hash() does not accept passwords containing NUL bytes since PHP 8.2.18 and 8.3.5
+            $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        }
+
         $this->assertTrue($hasher->verify($hasher->hash($plainPassword), $plainPassword));
     }
 
diff --git a/Tests/Hasher/SodiumPasswordHasherTest.php b/Tests/Hasher/SodiumPasswordHasherTest.php
index 3dc97c7..101c09f 100644
--- a/Tests/Hasher/SodiumPasswordHasherTest.php
+++ b/Tests/Hasher/SodiumPasswordHasherTest.php
@@ -78,7 +78,11 @@ public function testBcryptWithNulByte()
         $hasher = new SodiumPasswordHasher(null, null);
         $plainPassword = "a\0b";
 
-        $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        if (\PHP_VERSION_ID < 80218 || \PHP_VERSION_ID >= 80300 && \PHP_VERSION_ID < 80305) {
+            // password_hash() does not accept passwords containing NUL bytes since PHP 8.2.18 and 8.3.5
+            $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        }
+
         $this->assertTrue($hasher->verify((new NativePasswordHasher(null, null, 4, \PASSWORD_BCRYPT))->hash($plainPassword), $plainPassword));
     }