def test_parser():
    """
  Tests PasswordHashParser implementation.
  """
    PWD_LENGTH = 64
    password = misc_utils.generate_random_string(PWD_LENGTH)
    wrong_password = misc_utils.generate_random_string(PWD_LENGTH)
    assert password != wrong_password

    # Test pbkdf2_sha256(md5(password)).
    md5_salt = auth_utils.generate_salt()
    pbkdf2_sha256_salt = auth_utils.generate_salt()
    pbkdf2_sha256_rounds = 100000

    password_hash = auth_utils.hash_password(password, md5_salt, None, 'md5')
    password_hash = auth_utils.hash_password(password_hash, pbkdf2_sha256_salt,
                                             pbkdf2_sha256_rounds,
                                             'pbkdf2_sha256')

    hash_string = "$md5|pbkdf2_sha256$|{}${}|{}${}".format(
        pbkdf2_sha256_rounds, md5_salt, pbkdf2_sha256_salt, password_hash)

    parser = auth_utils.PasswordHashParser()
    parser.parse(hash_string)

    assert parser.verify_password(password) == True
    assert parser.verify_password(wrong_password) == False
    assert str(parser) == hash_string
Ejemplo n.º 2
0
def test_parser():
  """
  Tests PasswordHashParser implementation.
  """
  PWD_LENGTH = 64

  password = misc_utils.generate_random_string(PWD_LENGTH)
  wrong_password = misc_utils.generate_random_string(PWD_LENGTH)
  assert password != wrong_password

  # Test pbkdf2_sha256(md5(password)).
  md5_salt = auth_utils.generate_salt()
  pbkdf2_sha256_salt = auth_utils.generate_salt()
  pbkdf2_sha256_rounds = 100000

  password_hash = auth_utils.hash_password(password, md5_salt, None, 'md5')
  password_hash = auth_utils.hash_password(password_hash,
      pbkdf2_sha256_salt, pbkdf2_sha256_rounds, 'pbkdf2_sha256')

  hash_string = "$md5|pbkdf2_sha256$|{}${}|{}${}".format(
      pbkdf2_sha256_rounds,
      md5_salt,
      pbkdf2_sha256_salt,
      password_hash)

  parser = auth_utils.PasswordHashParser()
  parser.parse(hash_string)

  assert parser.verify_password(password) == True
  assert parser.verify_password(wrong_password) == False
  assert str(parser) == hash_string
def test_hash_password():
    """
  Tests each hash algorithm implemented by hash_password().
  """
    PWD_LENGTH = 64
    password = misc_utils.generate_random_string(PWD_LENGTH)
    salt = auth_utils.generate_salt()

    # PBKDF2_SHA256
    rounds = 100000
    expected_result = binascii.hexlify(
        hashlib.pbkdf2_hmac('sha256', password, salt, rounds))
    result = auth_utils.hash_password(password, salt, rounds, 'pbkdf2_sha256')
    assert result == expected_result

    # MD5
    expected_result = hashlib.md5(salt + password).hexdigest()
    result = auth_utils.hash_password(password, salt, None, 'md5')
    assert result == expected_result
Ejemplo n.º 4
0
def test_hash_password():
  """
  Tests each hash algorithm implemented by hash_password().
  """
  PWD_LENGTH = 64
  password = misc_utils.generate_random_string(PWD_LENGTH)
  salt = auth_utils.generate_salt()

  # PBKDF2_SHA256
  rounds = 100000
  expected_result = binascii.hexlify(
      hashlib.pbkdf2_hmac('sha256', password, salt, rounds))
  result = auth_utils.hash_password(password, salt, rounds, 'pbkdf2_sha256')
  assert result == expected_result

  # MD5
  expected_result = hashlib.md5(salt + password).hexdigest()
  result = auth_utils.hash_password(password, salt, None, 'md5')
  assert result == expected_result
Ejemplo n.º 5
0
This is useful for creating test data.

Example usage:
  python hash_password.py examplepassword
"""

import argparse

from ruddock import auth_utils
from ruddock import constants

parser = argparse.ArgumentParser(
    description="Prints a formatted hash of the password.")
parser.add_argument("password")

if __name__ == "__main__":
  args = parser.parse_args()
  salt = auth_utils.generate_salt()
  password_hash = auth_utils.hash_password(
      args.password,
      salt,
      constants.HASH_ROUNDS,
      constants.PWD_HASH_ALGORITHM)
  # Use the parser to format the hash.
  parser = auth_utils.PasswordHashParser(
      algorithms=[constants.PWD_HASH_ALGORITHM],
      rounds=[constants.HASH_ROUNDS],
      salts=[salt],
      password_hash=password_hash)
  print str(parser)
Ejemplo n.º 6
0
"""Hashes a password and formats the hash in our internal format.

This is useful for creating test data.

Example usage:
  python hash_password.py examplepassword
"""

import argparse

from ruddock import auth_utils
from ruddock import constants

parser = argparse.ArgumentParser(
    description="Prints a formatted hash of the password.")
parser.add_argument("password")

if __name__ == "__main__":
    args = parser.parse_args()
    salt = auth_utils.generate_salt()
    password_hash = auth_utils.hash_password(args.password, salt,
                                             constants.HASH_ROUNDS,
                                             constants.PWD_HASH_ALGORITHM)
    # Use the parser to format the hash.
    parser = auth_utils.PasswordHashParser(
        algorithms=[constants.PWD_HASH_ALGORITHM],
        rounds=[constants.HASH_ROUNDS],
        salts=[salt],
        password_hash=password_hash)
    print str(parser)