def test_02_from_string(self): """test CryptPolicy.from_string() constructor""" # test "\n" linesep policy = CryptPolicy.from_string(self.sample_config_1s) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test "\r\n" linesep policy = CryptPolicy.from_string( self.sample_config_1s.replace("\n", "\r\n")) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test with unicode data = to_unicode(self.sample_config_1s) policy = CryptPolicy.from_string(data) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test with non-ascii-compatible encoding uc2 = to_bytes(self.sample_config_1s, "utf-16", source_encoding="utf-8") policy = CryptPolicy.from_string(uc2, encoding="utf-16") self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test category specific options policy = CryptPolicy.from_string(self.sample_config_4s) self.assertEqual(policy.to_dict(), self.sample_config_4pd)
def test_20_iter_config(self): """test iter_config() method""" p5 = CryptPolicy(**self.sample_config_5pd) self.assertEqual(dict(p5.iter_config()), self.sample_config_5pd) self.assertEqual(dict(p5.iter_config(resolve=True)), self.sample_config_5prd) self.assertEqual(dict(p5.iter_config(ini=True)), self.sample_config_5pid)
def test_10_has_schemes(self): """test has_schemes() method""" p1 = CryptPolicy(**self.sample_config_1pd) self.assertTrue(p1.has_schemes()) p3 = CryptPolicy(**self.sample_config_3pd) self.assertTrue(not p3.has_schemes())
def test_11_iter_handlers(self): """test iter_handlers() method""" p1 = CryptPolicy(**self.sample_config_1pd) s = self.sample_config_1prd['schemes'] self.assertEqual(list(p1.iter_handlers()), s) p3 = CryptPolicy(**self.sample_config_3pd) self.assertEqual(list(p3.iter_handlers()), [])
def test_22_to_string(self): """test to_string() method""" pa = CryptPolicy(**self.sample_config_5pd) s = pa.to_string() # NOTE: can't compare string directly, ordering etc may not match pb = CryptPolicy.from_string(s) self.assertEqual(pb.to_dict(), self.sample_config_5pd) s = pa.to_string(encoding="latin-1") self.assertIsInstance(s, bytes)
def test_15_min_verify_time(self): """test get_min_verify_time() method""" # silence deprecation warnings for min verify time warnings.filterwarnings("ignore", category=DeprecationWarning) pa = CryptPolicy() self.assertEqual(pa.get_min_verify_time(), 0) self.assertEqual(pa.get_min_verify_time('admin'), 0) pb = pa.replace(min_verify_time=.1) self.assertEqual(pb.get_min_verify_time(), 0) self.assertEqual(pb.get_min_verify_time('admin'), 0)
def test_12_get_handler(self): """test get_handler() method""" p1 = CryptPolicy(**self.sample_config_1pd) # check by name self.assertIs(p1.get_handler("bsdi_crypt"), hash.bsdi_crypt) # check by missing name self.assertIs(p1.get_handler("sha256_crypt"), None) self.assertRaises(KeyError, p1.get_handler, "sha256_crypt", required=True) # check default self.assertIs(p1.get_handler(), hash.md5_crypt)
def test_13_get_options(self): """test get_options() method""" p12 = CryptPolicy(**self.sample_config_12pd) self.assertEqual( p12.get_options("bsdi_crypt"), dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds=0.1, min_rounds=29000, max_rounds=35000, default_rounds=31000, )) self.assertEqual( p12.get_options("sha512_crypt"), dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds=0.1, min_rounds=45000, max_rounds=50000, )) p4 = CryptPolicy.from_string(self.sample_config_4s) self.assertEqual( p4.get_options("sha512_crypt"), dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds=0.1, max_rounds=20000, )) self.assertEqual( p4.get_options("sha512_crypt", "user"), dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds=0.1, max_rounds=20000, )) self.assertEqual( p4.get_options("sha512_crypt", "admin"), dict( # NOTE: not maintaining backwards compat for rendering to "5%" vary_rounds=0.05, max_rounds=40000, ))
def test_05_replace(self): """test CryptPolicy.replace() constructor""" p1 = CryptPolicy(**self.sample_config_1pd) # check overlaying sample 2 p2 = p1.replace(**self.sample_config_2pd) self.assertEqual(p2.to_dict(), self.sample_config_12pd) # check repeating overlay makes no change p2b = p2.replace(**self.sample_config_2pd) self.assertEqual(p2b.to_dict(), self.sample_config_12pd) # check overlaying sample 3 p3 = p2.replace(self.sample_config_3pd) self.assertEqual(p3.to_dict(), self.sample_config_123pd)
def test_04_from_sources(self): """test CryptPolicy.from_sources() constructor""" # pass it empty list self.assertRaises(ValueError, CryptPolicy.from_sources, []) # pass it one-element list policy = CryptPolicy.from_sources([self.sample_config_1s]) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # pass multiple sources policy = CryptPolicy.from_sources([ self.sample_config_1s_path, self.sample_config_2s, self.sample_config_3pd, ]) self.assertEqual(policy.to_dict(), self.sample_config_123pd)
def test_04_from_sources(self): """test CryptPolicy.from_sources() constructor""" # pass it empty list self.assertRaises(ValueError, CryptPolicy.from_sources, []) # pass it one-element list policy = CryptPolicy.from_sources([self.sample_config_1s]) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # pass multiple sources policy = CryptPolicy.from_sources( [ self.sample_config_1s_path, self.sample_config_2s, self.sample_config_3pd, ]) self.assertEqual(policy.to_dict(), self.sample_config_123pd)
def test_01_from_path(self): """test CryptPolicy.from_path() constructor with encodings""" path = self.mktemp() # test "\n" linesep set_file(path, self.sample_config_1s) policy = CryptPolicy.from_path(path) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test "\r\n" linesep set_file(path, self.sample_config_1s.replace("\n","\r\n")) policy = CryptPolicy.from_path(path) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test with custom encoding uc2 = to_bytes(self.sample_config_1s, "utf-16", source_encoding="utf-8") set_file(path, uc2) policy = CryptPolicy.from_path(path, encoding="utf-16") self.assertEqual(policy.to_dict(), self.sample_config_1pd)
def test_01_from_path_simple(self): """test CryptPolicy.from_path() constructor""" # NOTE: this is separate so it can also run under GAE # test preset stored in existing file path = self.sample_config_1s_path policy = CryptPolicy.from_path(path) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test if path missing self.assertRaises(EnvironmentError, CryptPolicy.from_path, path + 'xxx')
def test_15_min_verify_time(self): """test get_min_verify_time() method""" # silence deprecation warnings for min verify time warnings.filterwarnings("ignore", category=DeprecationWarning) pa = CryptPolicy() self.assertEqual(pa.get_min_verify_time(), 0) self.assertEqual(pa.get_min_verify_time('admin'), 0) pb = pa.replace(min_verify_time=.1) self.assertEqual(pb.get_min_verify_time(), .1) self.assertEqual(pb.get_min_verify_time('admin'), .1) pc = pa.replace(admin__context__min_verify_time=.2) self.assertEqual(pc.get_min_verify_time(), 0) self.assertEqual(pc.get_min_verify_time('admin'), .2) pd = pb.replace(admin__context__min_verify_time=.2) self.assertEqual(pd.get_min_verify_time(), .1) self.assertEqual(pd.get_min_verify_time('admin'), .2)
def test_03_from_source(self): """test CryptPolicy.from_source() constructor""" # pass it a path policy = CryptPolicy.from_source(self.sample_config_1s_path) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # pass it a string policy = CryptPolicy.from_source(self.sample_config_1s) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # pass it a dict (NOTE: make a copy to detect in-place modifications) policy = CryptPolicy.from_source(self.sample_config_1pd.copy()) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # pass it existing policy p2 = CryptPolicy.from_source(policy) self.assertIs(policy, p2) # pass it something wrong self.assertRaises(TypeError, CryptPolicy.from_source, 1) self.assertRaises(TypeError, CryptPolicy.from_source, [])
def test_00_constructor(self): """test CryptPolicy() constructor""" policy = CryptPolicy(**self.sample_config_1pd) self.assertEqual(policy.to_dict(), self.sample_config_1pd) policy = CryptPolicy(self.sample_config_1pd) self.assertEqual(policy.to_dict(), self.sample_config_1pd) self.assertRaises(TypeError, CryptPolicy, {}, {}) self.assertRaises(TypeError, CryptPolicy, {}, dummy=1) # check key with too many separators is rejected self.assertRaises(TypeError, CryptPolicy, schemes = [ "des_crypt", "md5_crypt", "bsdi_crypt", "sha512_crypt"], bad__key__bsdi_crypt__max_rounds = 30000, ) # check nameless handler rejected class nameless(uh.StaticHandler): name = None self.assertRaises(ValueError, CryptPolicy, schemes=[nameless]) # check scheme must be name or crypt handler self.assertRaises(TypeError, CryptPolicy, schemes=[uh.StaticHandler]) # check name conflicts are rejected class dummy_1(uh.StaticHandler): name = 'dummy_1' self.assertRaises(KeyError, CryptPolicy, schemes=[dummy_1, dummy_1]) # with unknown deprecated value self.assertRaises(KeyError, CryptPolicy, schemes=['des_crypt'], deprecated=['md5_crypt']) # with unknown default value self.assertRaises(KeyError, CryptPolicy, schemes=['des_crypt'], default='md5_crypt')
def test_13_get_options(self): """test get_options() method""" p12 = CryptPolicy(**self.sample_config_12pd) self.assertEqual(p12.get_options("bsdi_crypt"),dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds = 0.1, min_rounds = 29000, max_rounds = 35000, default_rounds = 31000, )) self.assertEqual(p12.get_options("sha512_crypt"),dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds = 0.1, min_rounds = 45000, max_rounds = 50000, )) p4 = CryptPolicy.from_string(self.sample_config_4s) self.assertEqual(p4.get_options("sha512_crypt"), dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds=0.1, max_rounds=20000, )) self.assertEqual(p4.get_options("sha512_crypt", "user"), dict( # NOTE: not maintaining backwards compat for rendering to "10%" vary_rounds=0.1, max_rounds=20000, )) self.assertEqual(p4.get_options("sha512_crypt", "admin"), dict( # NOTE: not maintaining backwards compat for rendering to "5%" vary_rounds=0.05, max_rounds=40000, ))
def test_02_from_string(self): """test CryptPolicy.from_string() constructor""" # test "\n" linesep policy = CryptPolicy.from_string(self.sample_config_1s) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test "\r\n" linesep policy = CryptPolicy.from_string( self.sample_config_1s.replace("\n","\r\n")) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test with unicode data = to_unicode(self.sample_config_1s) policy = CryptPolicy.from_string(data) self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test with non-ascii-compatible encoding uc2 = to_bytes(self.sample_config_1s, "utf-16", source_encoding="utf-8") policy = CryptPolicy.from_string(uc2, encoding="utf-16") self.assertEqual(policy.to_dict(), self.sample_config_1pd) # test category specific options policy = CryptPolicy.from_string(self.sample_config_4s) self.assertEqual(policy.to_dict(), self.sample_config_4pd)
def test_02_no_handlers(self): """test no handlers""" # check constructor... cc = CryptContext() self.assertRaises(KeyError, cc.identify, 'hash', required=True) self.assertRaises(KeyError, cc.hash, 'secret') self.assertRaises(KeyError, cc.verify, 'secret', 'hash') # check updating policy after the fact... cc = CryptContext(['md5_crypt']) p = CryptPolicy(schemes=[]) cc.policy = p self.assertRaises(KeyError, cc.identify, 'hash', required=True) self.assertRaises(KeyError, cc.hash, 'secret') self.assertRaises(KeyError, cc.verify, 'secret', 'hash')
def test_00_constructor(self): """test CryptPolicy() constructor""" policy = CryptPolicy(**self.sample_config_1pd) self.assertEqual(policy.to_dict(), self.sample_config_1pd) policy = CryptPolicy(self.sample_config_1pd) self.assertEqual(policy.to_dict(), self.sample_config_1pd) self.assertRaises(TypeError, CryptPolicy, {}, {}) self.assertRaises(TypeError, CryptPolicy, {}, dummy=1) # check key with too many separators is rejected self.assertRaises( TypeError, CryptPolicy, schemes=["des_crypt", "md5_crypt", "bsdi_crypt", "sha512_crypt"], bad__key__bsdi_crypt__max_rounds=30000, ) # check nameless handler rejected class nameless(uh.StaticHandler): name = None self.assertRaises(ValueError, CryptPolicy, schemes=[nameless]) # check scheme must be name or crypt handler self.assertRaises(TypeError, CryptPolicy, schemes=[uh.StaticHandler]) # check name conflicts are rejected class dummy_1(uh.StaticHandler): name = 'dummy_1' self.assertRaises(KeyError, CryptPolicy, schemes=[dummy_1, dummy_1]) # with unknown deprecated value self.assertRaises(KeyError, CryptPolicy, schemes=['des_crypt'], deprecated=['md5_crypt']) # with unknown default value self.assertRaises(KeyError, CryptPolicy, schemes=['des_crypt'], default='md5_crypt')
def create_policy(flag=False): self.assertTrue(flag) return CryptPolicy(schemes=iter(["dummy_2", "des_crypt"]), deprecated=["des_crypt"])
def test_21_to_dict(self): """test to_dict() method""" p5 = CryptPolicy(**self.sample_config_5pd) self.assertEqual(p5.to_dict(), self.sample_config_5pd) self.assertEqual(p5.to_dict(resolve=True), self.sample_config_5prd)
def test_14_handler_is_deprecated(self): """test handler_is_deprecated() method""" pa = CryptPolicy(**self.sample_config_1pd) pb = CryptPolicy(**self.sample_config_5pd) self.assertFalse(pa.handler_is_deprecated("des_crypt")) self.assertFalse(pa.handler_is_deprecated(hash.bsdi_crypt)) self.assertFalse(pa.handler_is_deprecated("sha512_crypt")) self.assertTrue(pb.handler_is_deprecated("des_crypt")) self.assertFalse(pb.handler_is_deprecated(hash.bsdi_crypt)) self.assertFalse(pb.handler_is_deprecated("sha512_crypt")) # check categories as well self.assertTrue(pb.handler_is_deprecated("des_crypt", "user")) self.assertFalse(pb.handler_is_deprecated("bsdi_crypt", "user")) self.assertTrue(pb.handler_is_deprecated("des_crypt", "admin")) self.assertTrue(pb.handler_is_deprecated("bsdi_crypt", "admin")) # check deprecation is overridden per category pc = CryptPolicy( schemes=["md5_crypt", "des_crypt"], deprecated=["md5_crypt"], user__context__deprecated=["des_crypt"], ) self.assertTrue(pc.handler_is_deprecated("md5_crypt")) self.assertFalse(pc.handler_is_deprecated("des_crypt")) self.assertFalse(pc.handler_is_deprecated("md5_crypt", "user")) self.assertTrue(pc.handler_is_deprecated("des_crypt", "user"))