def test_other_backends(self): """compare output to other backends""" # only run once, since test is symetric. # maybe this means it should go somewhere else? if self._already_tested_others: raise self.skipTest("already run under %r backend test" % self._already_tested_others) self._already_tested_others = self.backend rng = self.getRandom() # get available backends orig = scrypt_mod.backend available = set(name for name in scrypt_mod.backend_values if scrypt_mod._has_backend(name)) scrypt_mod._set_backend(orig) available.discard(self.backend) if not available: raise self.skipTest("no other backends found") warnings.filterwarnings( "ignore", "(?i)using builtin scrypt backend", category=exc.PasslibSecurityWarning, ) # generate some random options, and cross-check output for _ in range(10): # NOTE: keeping values low due to builtin test secret = getrandbytes(rng, rng.randint(0, 64)) salt = getrandbytes(rng, rng.randint(0, 64)) n = 1 << rng.randint(1, 10) r = rng.randint(1, 8) p = rng.randint(1, 3) ks = rng.randint(1, 64) previous = None backends = set() for name in available: scrypt_mod._set_backend(name) self.assertNotIn(scrypt_mod._scrypt, backends) backends.add(scrypt_mod._scrypt) result = hexstr(scrypt_mod.scrypt(secret, salt, n, r, p, ks)) self.assertEqual(len(result), 2 * ks) if previous is not None: self.assertEqual( result, previous, msg="%r output differs from others %r: %r" % (name, available, [secret, salt, n, r, p, ks]), )
def test_other_backends(self): """compare output to other backends""" # only run once, since test is symetric. # maybe this means it should go somewhere else? if self._already_tested_others: raise self.skipTest("already run under %r backend test" % self._already_tested_others) self._already_tested_others = self.backend rng = self.getRandom() # get available backends orig = scrypt_mod.backend available = set(name for name in scrypt_mod.backend_values if scrypt_mod._has_backend(name)) scrypt_mod._set_backend(orig) available.discard(self.backend) if not available: raise self.skipTest("no other backends found") warnings.filterwarnings("ignore", "(?i)using builtin scrypt backend", category=exc.PasslibSecurityWarning) # generate some random options, and cross-check output for _ in range(10): # NOTE: keeping values low due to builtin test secret = getrandbytes(rng, rng.randint(0, 64)) salt = getrandbytes(rng, rng.randint(0, 64)) n = 1 << rng.randint(1, 10) r = rng.randint(1, 8) p = rng.randint(1, 3) ks = rng.randint(1, 64) previous = None backends = set() for name in available: scrypt_mod._set_backend(name) self.assertNotIn(scrypt_mod._scrypt, backends) backends.add(scrypt_mod._scrypt) result = hexstr(scrypt_mod.scrypt(secret, salt, n, r, p, ks)) self.assertEqual(len(result), 2*ks) if previous is not None: self.assertEqual(result, previous, msg="%r output differs from others %r: %r" % (name, available, [secret, salt, n, r, p, ks]))
def random_string(length, allowed_chars=None): """ Generate a random string with given length consisting of the given characters. Note: this is now just a little wrapper around passlib's randomness code. :param length: length of the string :param allowed_chars: string with allowed characters or None to indicate all 256 byte values should be used :returns: random string """ if allowed_chars is None: s = getrandbytes(rng, length) else: s = getrandstr(rng, allowed_chars, length) return s
def test_codec(self): """test encode_bytes/decode_bytes against random data""" engine = self.engine from passlib.utils import getrandbytes, getrandstr rng = self.getRandom() saw_zero = False for i in irange(500): # # test raw -> encode() -> decode() -> raw # # generate some random bytes size = rng.randint(1 if saw_zero else 0, 12) if not size: saw_zero = True enc_size = (4*size+2)//3 raw = getrandbytes(rng, size) # encode them, check invariants encoded = engine.encode_bytes(raw) self.assertEqual(len(encoded), enc_size) # make sure decode returns original result = engine.decode_bytes(encoded) self.assertEqual(result, raw) # # test encoded -> decode() -> encode() -> encoded # # generate some random encoded data if size % 4 == 1: size += rng.choice([-1,1,2]) raw_size = 3*size//4 encoded = getrandstr(rng, engine.bytemap, size) # decode them, check invariants raw = engine.decode_bytes(encoded) self.assertEqual(len(raw), raw_size, "encoded %d:" % size) # make sure encode returns original (barring padding bits) result = engine.encode_bytes(raw) if size % 4: self.assertEqual(result[:-1], encoded[:-1]) else: self.assertEqual(result, encoded)
def test_02_shrink(self): "test shrink_des_key()" from passlib.utils.des import expand_des_key, shrink_des_key, INT_64_MASK from passlib.utils import random, getrandbytes # make sure reverse works for some random keys # uses bytes, ints are tested under # 01 for i in range(20): key1 = getrandbytes(random, 7) key2 = expand_des_key(key1) key3 = shrink_des_key(key2) self.assertEqual(key3, key1) # type checks self.assertRaises(TypeError, shrink_des_key, 1.0) # too large self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1) self.assertRaises(ValueError, shrink_des_key, b("\x00") * 9) # too small self.assertRaises(ValueError, shrink_des_key, -1) self.assertRaises(ValueError, shrink_des_key, b("\x00") * 7)
def test_02_shrink(self): """shrink_des_key()""" from passlib.crypto.des import expand_des_key, shrink_des_key, INT_64_MASK rng = self.getRandom() # make sure reverse works for some random keys # uses bytes, ints are tested under # 01 for i in range(20): key1 = getrandbytes(rng, 7) key2 = expand_des_key(key1) key3 = shrink_des_key(key2) self.assertEqual(key3, key1) # type checks self.assertRaises(TypeError, shrink_des_key, 1.0) # too large self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1) self.assertRaises(ValueError, shrink_des_key, b"\x00" * 9) # too small self.assertRaises(ValueError, shrink_des_key, -1) self.assertRaises(ValueError, shrink_des_key, b"\x00" * 7)
def generate_salt(cls, salt_size=None, strict=False): """helper method for norm_salt(); generates a new random salt string. :param salt_size: optional salt size, falls back to :attr:`default_salt_size`. :param strict: if too-large salt should throw error, or merely be trimmed. """ if salt_size is None: salt_size = cls.default_salt_size else: mn = cls.min_salt_size if mn and salt_size < mn: raise ValueError("%s salt string must be at least %d characters" % (cls.name, mn)) mx = cls.max_salt_size if mx and salt_size > mx: if strict: raise ValueError("%s salt string must be at most %d characters" % (cls.name, mx)) salt_size = mx if cls._salt_is_bytes: if cls.salt_chars != ALL_BYTE_VALUES: raise NotImplementedError("raw salts w/ only certain bytes not supported") return getrandbytes(rng, salt_size) else: return getrandstr(rng, cls.default_salt_chars, salt_size)
def test_02_shrink(self): "test shrink_des_key()" from passlib.utils.des import expand_des_key, shrink_des_key, \ INT_64_MASK from passlib.utils import random, getrandbytes # make sure reverse works for some random keys # uses bytes, ints are tested under # 01 for i in range(20): key1 = getrandbytes(random, 7) key2 = expand_des_key(key1) key3 = shrink_des_key(key2) self.assertEqual(key3, key1) # type checks self.assertRaises(TypeError, shrink_des_key, 1.0) # too large self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1) self.assertRaises(ValueError, shrink_des_key, b("\x00") * 9) # too small self.assertRaises(ValueError, shrink_des_key, -1) self.assertRaises(ValueError, shrink_des_key, b("\x00") * 7)
def f(*a, **k): return getrandbytes(rng, *a, **k)
def getUuid(): return uuid.UUID(bytes=getrandbytes(rng, 16))
def f(*a, **k): return utils.getrandbytes(utils.rng, *a, **k)
def f(*a,**k): return getrandbytes(rng, *a, **k)
def genKey(): rawKey = getrandbytes(rng, 10) hexKey = "".join("{:02x}".format(byte) for byte in rawKey) return hexKey
def f(*a,**k): return utils.getrandbytes(utils.rng, *a, **k)