def assert_hash(expected, secret, algorithm, **settings): if encrypt.PASSLIB_AVAILABLE: assert encrypt.passlib_or_crypt(secret, algorithm, **settings) == expected assert encrypt.PasslibHash(algorithm).hash(secret, **settings) == expected else: assert encrypt.passlib_or_crypt(secret, algorithm, **settings) == expected with pytest.raises(AnsibleError) as excinfo: encrypt.PasslibHash(algorithm).hash(secret, **settings) assert excinfo.value.args[0] == "passlib must be installed and usable to hash with '%s'" % algorithm
def assert_hash(expected, secret, algorithm, **settings): assert encrypt.CryptHash(algorithm).hash(secret, **settings) == expected if encrypt.PASSLIB_AVAILABLE: assert encrypt.passlib_or_crypt(secret, algorithm, **settings) == expected assert encrypt.PasslibHash(algorithm).hash(secret, **settings) == expected else: with pytest.raises(AnsibleFilterError): encrypt.PasslibHash(algorithm).hash(secret, **settings)
def test_encrypt_default_rounds(): assert_hash("$1$12345678$tRy4cXc3kmcfRZVj4iFXr/", secret="123", algorithm="md5_crypt", salt="12345678") assert_hash("$5$12345678$uAZsE3BenI2G.nA8DpTl.9Dc8JiqacI53pEqRr5ppT7", secret="123", algorithm="sha256_crypt", salt="12345678") assert_hash("$6$12345678$LcV9LQiaPekQxZ.OfkMADjFdSO2k9zfbDQrHPVcYjSLqSdjLYpsgqviYvTEP/R41yPmhH3CCeEDqVhW1VHr3L.", secret="123", algorithm="sha512_crypt", salt="12345678") assert encrypt.PasslibHash("md5_crypt").hash("123")
def test_encrypt_default_rounds(): assert_hash("$1$12345678$tRy4cXc3kmcfRZVj4iFXr/", secret="123", algorithm="md5_crypt", salt="12345678") assert_hash("$5$rounds=535000$12345678$uy3TurUPaY71aioJi58HvUY8jkbhSQU8HepbyaNngv.", secret="123", algorithm="sha256_crypt", salt="12345678") assert_hash("$6$rounds=656000$12345678$InMy49UwxyCh2pGJU1NpOhVSElDDzKeyuC6n6E9O34BCUGVNYADnI.rcA3m.Vro9BiZpYmjEoNhpREqQcbvQ80", secret="123", algorithm="sha512_crypt", salt="12345678") assert encrypt.PasslibHash("md5_crypt").hash("123")
def test_passlib_bcrypt_salt(recwarn): passlib_exc = pytest.importorskip("passlib.exc") secret = 'foo' salt = '1234567890123456789012' repaired_salt = '123456789012345678901u' expected = '$2b$12$123456789012345678901uMv44x.2qmQeefEGb3bcIRc1mLuO7bqa' p = encrypt.PasslibHash('bcrypt') result = p.hash(secret, salt=salt) passlib_warnings = [w.message for w in recwarn if isinstance(w.message, passlib_exc.PasslibHashWarning)] assert len(passlib_warnings) == 0 assert result == expected recwarn.clear() result = p.hash(secret, salt=repaired_salt) assert result == expected