def test_20_basic(self): "test basic encrypt/identify/verify functionality" handlers = [hash.md5_crypt, hash.des_crypt, hash.bsdi_crypt] cc = CryptContext(handlers, policy=None) #run through handlers for crypt in handlers: h = cc.encrypt("test", scheme=crypt.name) self.assertEqual(cc.identify(h), crypt.name) self.assertEqual(cc.identify(h, resolve=True), crypt) self.assertTrue(cc.verify('test', h)) self.assertTrue(not cc.verify('notest', h)) #test default h = cc.encrypt("test") self.assertEqual(cc.identify(h), "md5_crypt") #test genhash h = cc.genhash('secret', cc.genconfig()) self.assertEqual(cc.identify(h), 'md5_crypt') h = cc.genhash('secret', cc.genconfig(), scheme='md5_crypt') self.assertEqual(cc.identify(h), 'md5_crypt') self.assertRaises(ValueError, cc.genhash, 'secret', cc.genconfig(), scheme="des_crypt")
def test_10_genconfig_settings(self): "test genconfig() honors policy settings" cc = CryptContext(policy=None, **self.sample_policy_1) # hash specific settings self.assertEqual( cc.genconfig(scheme="nthash"), '$NT$00000000000000000000000000000000', ) self.assertEqual( cc.genconfig(scheme="nthash", ident="3"), '$3$$00000000000000000000000000000000', ) # min rounds self.assertEqual( cc.genconfig(rounds=1999, salt="nacl"), '$5$rounds=2000$nacl$', ) self.assertEqual( cc.genconfig(rounds=2001, salt="nacl"), '$5$rounds=2001$nacl$' ) #max rounds self.assertEqual( cc.genconfig(rounds=2999, salt="nacl"), '$5$rounds=2999$nacl$', ) self.assertEqual( cc.genconfig(rounds=3001, salt="nacl"), '$5$rounds=3000$nacl$' ) #default rounds - specified self.assertEqual( cc.genconfig(scheme="bsdi_crypt", salt="nacl"), '_N...nacl', ) #default rounds - fall back to max rounds self.assertEqual( cc.genconfig(salt="nacl"), '$5$rounds=3000$nacl$', ) #default rounds - out of bounds cc2 = CryptContext(policy=cc.policy.replace( bsdi_crypt__default_rounds=35)) self.assertEqual( cc2.genconfig(scheme="bsdi_crypt", salt="nacl"), '_S...nacl', ) # default+vary rounds # this runs enough times the min and max *should* be hit, # though there's a faint chance it will randomly fail. from passlib.hash import bsdi_crypt as bc cc3 = CryptContext(policy=cc.policy.replace( bsdi_crypt__vary_rounds = 3)) seen = set() for i in xrange(3*2*50): h = cc3.genconfig("bsdi_crypt", salt="nacl") r = bc.from_string(h).rounds seen.add(r) self.assertTrue(min(seen)==22) self.assertTrue(max(seen)==28) # default+vary % rounds # this runs enough times the min and max *should* be hit, # though there's a faint chance it will randomly fail. from passlib.hash import sha256_crypt as sc cc4 = CryptContext(policy=cc.policy.replace( all__vary_rounds = "1%")) seen = set() for i in xrange(30*50): h = cc4.genconfig(salt="nacl") r = sc.from_string(h).rounds seen.add(r) self.assertTrue(min(seen)==2970) self.assertTrue(max(seen)==3000) #NOTE: would be 3030, but clipped by max_rounds