def test_safe_os_crypt(self):
"test safe_os_crypt() wrapper"
if not safe_os_crypt:
raise self.skipTest("stdlib crypt module not available")
#NOTE: this is assuming EVERY crypt will support des_crypt.
# if this fails on some platform, this test will need modifying.
#test normal case
ok, hash = safe_os_crypt(u'test', u'aa')
self.assertTrue(ok)
self.assertIsInstance(hash, unicode)
self.assertEqual(hash, u'aaqPiZY5xR5l.')
#test hash-as-bytes
self.assertRaises(TypeError, safe_os_crypt, u'test', b('aa'))
#test password as ascii
ret = safe_os_crypt(b('test'), u'aa')
self.assertEqual(ret, (True, u'aaqPiZY5xR5l.'))
#test unicode password w/ high char
ret = safe_os_crypt(u'test\u1234', u'aa')
self.assertEqual(ret, (True, u'aahWwbrUsKZk.'))
#test utf-8 password w/ high char
ret = safe_os_crypt(b('test\xe1\x88\xb4'), u'aa')
self.assertEqual(ret, (True, u'aahWwbrUsKZk.'))
#test latin-1 password
ret = safe_os_crypt(b('test\xff'), u'aa')
# Py2k #
self.assertEqual(ret, (True, u'aaOx.5nbTU/.M'))
def test_safe_os_crypt(self):
"test safe_os_crypt() wrapper"
if not safe_os_crypt:
raise self.skipTest("stdlib crypt module not available")
#NOTE: this is assuming EVERY crypt will support des_crypt.
# if this fails on some platform, this test will need modifying.
#test normal case
ok, hash = safe_os_crypt(u'test', u'aa')
self.assertTrue(ok)
self.assertIsInstance(hash, unicode)
self.assertEqual(hash, u'aaqPiZY5xR5l.')
#test hash-as-bytes
self.assertRaises(TypeError, safe_os_crypt, u'test', b('aa'))
#test password as ascii
ret = safe_os_crypt(b('test'), u'aa')
self.assertEqual(ret, (True, u'aaqPiZY5xR5l.'))
#test unicode password w/ high char
ret = safe_os_crypt(u'test\u1234', u'aa')
self.assertEqual(ret, (True, u'aahWwbrUsKZk.'))
#test utf-8 password w/ high char
ret = safe_os_crypt(b('test\xe1\x88\xb4'), u'aa')
self.assertEqual(ret, (True, u'aahWwbrUsKZk.'))
#test latin-1 password
ret = safe_os_crypt(b('test\xff'), u'aa')
# Py2k #
self.assertEqual(ret, (True, u'aaOx.5nbTU/.M'))
def _calc_checksum_os_crypt(self, secret):
ok, hash = safe_os_crypt(secret, self.to_string(native=False))
if ok:
return hash[-31:]
else:
#NOTE: not checking backends since this is lowest priority,
# so they probably aren't available either
raise ValueError("encoded password can't be handled by os_crypt"
" (recommend installing pybcrypt or bcryptor)")
def _calc_checksum_os_crypt(self, secret):
ok, result = safe_os_crypt(secret, self.to_string(native=False))
if ok:
#NOTE: avoiding full parsing routine via from_string().checksum,
# and just extracting the bit we need.
assert result.startswith(u"$6$")
chk = result[-86:]
assert u'$' not in chk
return chk
else:
return self._calc_checksum_builtin(secret)
def _calc_checksum_os_crypt(self, secret):
ok, result = safe_os_crypt(secret, self.to_string(native=False))
if ok:
#NOTE: avoiding full parsing routine via from_string().checksum,
# and just extracting the bit we need.
assert result.startswith(u"$6$")
chk = result[-86:]
assert u'$' not in chk
return chk
else:
return self._calc_checksum_builtin(secret)
def _calc_checksum_os_crypt(self, secret):
#os_crypt() would raise less useful error
null = u'\x00' if isinstance(secret, unicode) else b('\x00')
if null in secret:
raise ValueError("null char in secret")
#NOTE: safe_os_crypt encodes unicode secret -> utf8
#no official policy since des-crypt predates unicode
ok, hash = safe_os_crypt(secret, self.salt)
if ok:
return hash[2:]
else:
return self._calc_checksum_builtin(secret)
def _has_backend_os_crypt(cls):
h = u'abgOeLfPimXQo'
return bool(safe_os_crypt and safe_os_crypt(u"test",h)[1]==h)
def _has_backend_os_crypt(cls):
h = u"$5$rounds=1000$test$QmQADEXMG8POI5WDsaeho0P36yK3Tcrgboabng6bkb/"
return bool(safe_os_crypt and safe_os_crypt(u"test",h)[1]==h)
def _calc_checksum_os_crypt(self, secret):
ok, hash = safe_os_crypt(secret, self.ident + self.salt)
if ok:
return hash[-22:]
else:
return self._calc_checksum_builtin(secret)
def _has_backend_os_crypt(cls):
h = u'$1$test$pi/xDtU5WFVRqYS6BMU8X/'
return bool(safe_os_crypt and safe_os_crypt(u"test",h)[1]==h)
def _calc_checksum_os_crypt(self, secret):
ok, hash = safe_os_crypt(secret, self.ident + self.salt)
if ok:
return hash[-22:]
else:
return self._calc_checksum_builtin(secret)
def _has_backend_os_crypt(cls):
h = u'$1$test$pi/xDtU5WFVRqYS6BMU8X/'
return bool(safe_os_crypt and safe_os_crypt(u"test", h)[1] == h)
def _has_backend_os_crypt(cls):
h = u"$6$rounds=1000$test$2M/Lx6MtobqjLjobw0Wmo4Q5OFx5nVLJvmgseatA6oMnyWeBdRDx4DU.1H3eGmse6pgsOgDisWBGI5c7TZauS0"
return bool(safe_os_crypt and safe_os_crypt(u"test",h)[1]==h)
def _has_backend_os_crypt(cls):
h = u"$6$rounds=1000$test$2M/Lx6MtobqjLjobw0Wmo4Q5OFx5nVLJvmgseatA6oMnyWeBdRDx4DU.1H3eGmse6pgsOgDisWBGI5c7TZauS0"
return bool(safe_os_crypt and safe_os_crypt(u"test", h)[1] == h)
def _has_backend_os_crypt(cls):
h = u'_/...lLDAxARksGCHin.'
return bool(safe_os_crypt and safe_os_crypt(u"test",h)[1]==h)
def _has_backend_os_crypt(cls):
h1 = u'$2$04$......................1O4gOrCYaqBG3o/4LnT2ykQUt1wbyju'
h2 = u'$2a$04$......................qiOQjkB8hxU8OzRhS.GhRMa4VUnkPty'
return bool(safe_os_crypt and safe_os_crypt(u"test",h1)[1]==h1 and
safe_os_crypt(u"test", h2)[1]==h2)
def _has_backend_os_crypt(cls):
h = u'$sha1$1$Wq3GL2Vp$C8U25GvfHS8qGHimExLaiSFlGkAe'
return bool(safe_os_crypt and safe_os_crypt(u"test",h)[1]==h)
def _calc_checksum_os_crypt(self, secret):
ok, hash = safe_os_crypt(secret, self.to_string(native=False))
if ok:
return hash[9:]
else:
return self._calc_checksum_builtin(secret)
def _has_backend_os_crypt(cls):
h = u"$5$rounds=1000$test$QmQADEXMG8POI5WDsaeho0P36yK3Tcrgboabng6bkb/"
return bool(safe_os_crypt and safe_os_crypt(u"test", h)[1] == h)
