def assert_hash(expected, secret, algorithm, **settings): if encrypt.PASSLIB_AVAILABLE: assert encrypt.passlib_or_crypt(secret, algorithm, **settings) == expected assert encrypt.PasslibHash(algorithm).hash(secret, **settings) == expected else: assert encrypt.passlib_or_crypt(secret, algorithm, **settings) == expected with pytest.raises(AnsibleError) as excinfo: encrypt.PasslibHash(algorithm).hash(secret, **settings) assert excinfo.value.args[0] == "passlib must be installed and usable to hash with '%s'" % algorithm
def get_encrypted_password(password, hashtype='sha512', salt=None, salt_size=None, rounds=None, ident=None): passlib_mapping = { 'md5': 'md5_crypt', 'blowfish': 'bcrypt', 'sha256': 'sha256_crypt', 'sha512': 'sha512_crypt', } hashtype = passlib_mapping.get(hashtype, hashtype) try: return passlib_or_crypt(password, hashtype, salt=salt, salt_size=salt_size, rounds=rounds, ident=ident) except AnsibleError as e: reraise(AnsibleFilterError, AnsibleFilterError(to_native(e), orig_exc=e), sys.exc_info()[2])
def type5_pw(password, salt=None): if not isinstance(password, string_types): raise AnsibleFilterError( "type5_pw password input should be a string, but was given a input of %s" % (type(password).__name__) ) salt_chars = "".join( (to_text(string.ascii_letters), to_text(string.digits), "./") ) if salt is not None and not isinstance(salt, string_types): raise AnsibleFilterError( "type5_pw salt input should be a string, but was given a input of %s" % (type(salt).__name__) ) elif not salt: salt = random_password(length=4, chars=salt_chars) elif not set(salt) <= set(salt_chars): raise AnsibleFilterError( "type5_pw salt used inproper characters, must be one of %s" % (salt_chars) ) encrypted_password = passlib_or_crypt(password, "md5_crypt", salt=salt) return encrypted_password
def assert_hash(expected, secret, algorithm, **settings): assert encrypt.CryptHash(algorithm).hash(secret, **settings) == expected if encrypt.PASSLIB_AVAILABLE: assert encrypt.passlib_or_crypt(secret, algorithm, **settings) == expected assert encrypt.PasslibHash(algorithm).hash(secret, **settings) == expected else: with pytest.raises(AnsibleFilterError): encrypt.PasslibHash(algorithm).hash(secret, **settings)