Ejemplo n.º 1
0
 def test_createChallenge_base64(self):
     """createChallenge() return value should be urlsafe base64-encoded."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     challenge = c.createChallenge('w00t')
     decoded = urlsafe_b64decode(challenge)
     self.assertTrue(decoded)
Ejemplo n.º 2
0
 def test_check(self):
     """A correct answer and valid challenge should return True."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     self.assertEquals(c.check(challenge, c.answer, c.secretKey, c.hmacKey),
                       True)
Ejemplo n.º 3
0
    def getCaptchaImage(self, request):
        """Get a random CAPTCHA image from our **captchaDir**.

        Creates a :class:`~bridgedb.captcha.GimpCaptcha`, and calls its
        :meth:`~bridgedb.captcha.GimpCaptcha.get` method to return a random
        CAPTCHA and challenge string.

        :type request: :api:`twisted.web.http.Request`
        :param request: A client's initial request for some other resource
            which is protected by this one (i.e. protected by a CAPTCHA).
        :returns: A 2-tuple of ``(image, challenge)``, where::
            - ``image`` is a string holding a binary, JPEG-encoded image.
            - ``challenge`` is a unique string associated with the request.
        """
        # Create a new HMAC key, specific to requests from this client:
        clientIP = self.getClientIP(request)
        clientHMACKey = crypto.getHMAC(self.hmacKey, clientIP)
        capt = captcha.GimpCaptcha(self.publicKey, self.secretKey,
                                   clientHMACKey, self.captchaDir)
        try:
            capt.get()
        except captcha.GimpCaptchaError as error:
            logging.error(error)
        except Exception as error:  # pragma: no cover
            logging.error("Unhandled error while retrieving Gimp captcha!")
            logging.exception(error)

        return (capt.image, capt.challenge)
Ejemplo n.º 4
0
 def test_init(self):
     """Test that __init__ correctly initialised all the values."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     self.assertIsNone(c.answer)
     self.assertIsNone(c.image)
     self.assertIsNone(c.challenge)
Ejemplo n.º 5
0
 def test_get_emptyCacheDir(self):
     """An empty cacheDir should raise GimpCaptchaError."""
     os.makedirs(self.badCacheDir)
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.badCacheDir)
     self.assertRaises(captcha.GimpCaptchaError, c.get)
     shutil.rmtree(self.badCacheDir)
Ejemplo n.º 6
0
 def test_check_blankAnswer(self):
     """A blank answer and valid challenge should return False."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     self.assertEquals(c.check(challenge, None, c.secretKey, c.hmacKey),
                       False)
Ejemplo n.º 7
0
 def test_get(self):
     """GimpCaptcha.get() should return image and challenge strings."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     self.assertIsInstance(image, basestring)
     self.assertIsInstance(challenge, basestring)
Ejemplo n.º 8
0
 def test_check_badHMACkey(self):
     """A challenge with a bad HMAC key should return False."""
     hmacKeyBad = crypto.getKey('test_gimpCaptcha_badHMACkey')
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     self.assertEquals(
         c.check(challenge, c.answer, c.secretKey, hmacKeyBad), False)
Ejemplo n.º 9
0
 def test_check_missingAnswerbytes(self):
     """Partial encrypted answers in challenges should return False."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     challengeBadOrig = challenge[:20] + challenge[30:]
     self.assertEquals(
         c.check(challengeBadOrig, c.answer, c.secretKey, c.hmacKey), False)
Ejemplo n.º 10
0
 def test_check_missingHMACbytes(self):
     """A challenge that is missing part of the HMAC should return False."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     challengeBadHMAC = challenge[:10] + challenge[20:]
     self.assertEquals(
         c.check(challengeBadHMAC, c.answer, c.secretKey, c.hmacKey), False)
Ejemplo n.º 11
0
 def test_check_encoding_unicode(self):
     """A correct answer in utf-8 lowercase should return True."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     solution = unicode(c.answer)
     self.assertEquals(c.check(challenge, solution, c.secretKey, c.hmacKey),
                       True)
Ejemplo n.º 12
0
 def test_check_caseInsensitive_uppercase(self):
     """A correct answer in uppercase characters should return True."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     solution = c.answer.upper()
     self.assertEquals(c.check(challenge, solution, c.secretKey, c.hmacKey),
                       True)
Ejemplo n.º 13
0
 def test_check_nonBase64(self):
     """Valid answer and challenge with invalid base64 returns False."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     image, challenge = c.get()
     challengeBadB64 = challenge.rstrip('==') + "\x42\x42\x42"
     self.assertEquals(c.check(challenge, c.answer, c.secretKey, c.hmacKey),
                       True)
     self.assertEquals(
         c.check(challengeBadB64, c.answer, c.secretKey, c.hmacKey), False)
Ejemplo n.º 14
0
 def test_createChallenge_hmacValid(self):
     """The HMAC in createChallenge() return value should be valid."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     challenge = c.createChallenge('ShouldHaveAValidHMAC')
     decoded = urlsafe_b64decode(challenge)
     hmac = decoded[:20]
     orig = decoded[20:]
     correctHMAC = crypto.getHMAC(self.hmacKey, orig)
     self.assertEquals(hmac, correctHMAC)
Ejemplo n.º 15
0
    def test_get_unreadableCaptchaFile(self):
        """An unreadable CAPTCHA file should raise GimpCaptchaError."""
        os.makedirs(self.badCacheDir)
        badFile = os.path.join(self.badCacheDir, 'uNr34dA81e.jpg')
        with open(badFile, 'w') as fh:
            fh.write(' ')
            fh.flush()
        os.chmod(badFile, 0266)

        c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                                self.badCacheDir)
        # This should hit the second `except:` clause in get():
        self.assertRaises(captcha.GimpCaptchaError, c.get)
        shutil.rmtree(self.badCacheDir)
Ejemplo n.º 16
0
    def test_createChallenge_decryptedAnswerMatches(self):
        """The HMAC in createChallenge() return value should be valid."""
        c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                                self.cacheDir)
        challenge = c.createChallenge('ThisAnswerShouldDecryptToThis')
        decoded = urlsafe_b64decode(challenge)
        hmac = decoded[:20]
        orig = decoded[20:]
        correctHMAC = crypto.getHMAC(self.hmacKey, orig)
        self.assertEqual(hmac, correctHMAC)

        decrypted = self.sekrit.decrypt(orig)
        timestamp = int(decrypted[:12].lstrip('0'))
        # The timestamp should be within 30 seconds of right now.
        self.assertApproximates(timestamp, int(time.time()), 30)
        self.assertEqual('ThisAnswerShouldDecryptToThis', decrypted[12:])
Ejemplo n.º 17
0
 def test_createChallenge(self):
     """createChallenge() should return the encrypted CAPTCHA answer."""
     c = captcha.GimpCaptcha(self.publik, self.sekrit, self.hmacKey,
                             self.cacheDir)
     challenge = c.createChallenge('w00t')
     self.assertIsInstance(challenge, basestring)