def test_other_backends(self):
"""compare output to other backends"""
# only run once, since test is symetric.
# maybe this means it should go somewhere else?
if self._already_tested_others:
raise self.skipTest("already run under %r backend test" %
self._already_tested_others)
self._already_tested_others = self.backend
rng = self.getRandom()
# get available backends
orig = scrypt_mod.backend
available = set(name for name in scrypt_mod.backend_values
if scrypt_mod._has_backend(name))
scrypt_mod._set_backend(orig)
available.discard(self.backend)
if not available:
raise self.skipTest("no other backends found")
warnings.filterwarnings(
"ignore",
"(?i)using builtin scrypt backend",
category=exc.PasslibSecurityWarning,
)
# generate some random options, and cross-check output
for _ in range(10):
# NOTE: keeping values low due to builtin test
secret = getrandbytes(rng, rng.randint(0, 64))
salt = getrandbytes(rng, rng.randint(0, 64))
n = 1 << rng.randint(1, 10)
r = rng.randint(1, 8)
p = rng.randint(1, 3)
ks = rng.randint(1, 64)
previous = None
backends = set()
for name in available:
scrypt_mod._set_backend(name)
self.assertNotIn(scrypt_mod._scrypt, backends)
backends.add(scrypt_mod._scrypt)
result = hexstr(scrypt_mod.scrypt(secret, salt, n, r, p, ks))
self.assertEqual(len(result), 2 * ks)
if previous is not None:
self.assertEqual(
result,
previous,
msg="%r output differs from others %r: %r" %
(name, available, [secret, salt, n, r, p, ks]),
)
def test_other_backends(self):
"""compare output to other backends"""
# only run once, since test is symetric.
# maybe this means it should go somewhere else?
if self._already_tested_others:
raise self.skipTest("already run under %r backend test" % self._already_tested_others)
self._already_tested_others = self.backend
rng = self.getRandom()
# get available backends
orig = scrypt_mod.backend
available = set(name for name in scrypt_mod.backend_values
if scrypt_mod._has_backend(name))
scrypt_mod._set_backend(orig)
available.discard(self.backend)
if not available:
raise self.skipTest("no other backends found")
warnings.filterwarnings("ignore", "(?i)using builtin scrypt backend",
category=exc.PasslibSecurityWarning)
# generate some random options, and cross-check output
for _ in range(10):
# NOTE: keeping values low due to builtin test
secret = getrandbytes(rng, rng.randint(0, 64))
salt = getrandbytes(rng, rng.randint(0, 64))
n = 1 << rng.randint(1, 10)
r = rng.randint(1, 8)
p = rng.randint(1, 3)
ks = rng.randint(1, 64)
previous = None
backends = set()
for name in available:
scrypt_mod._set_backend(name)
self.assertNotIn(scrypt_mod._scrypt, backends)
backends.add(scrypt_mod._scrypt)
result = hexstr(scrypt_mod.scrypt(secret, salt, n, r, p, ks))
self.assertEqual(len(result), 2*ks)
if previous is not None:
self.assertEqual(result, previous,
msg="%r output differs from others %r: %r" %
(name, available, [secret, salt, n, r, p, ks]))
def random_string(length, allowed_chars=None):
"""
Generate a random string with given length consisting of the given characters.
Note: this is now just a little wrapper around passlib's randomness code.
:param length: length of the string
:param allowed_chars: string with allowed characters or None
to indicate all 256 byte values should be used
:returns: random string
"""
if allowed_chars is None:
s = getrandbytes(rng, length)
else:
s = getrandstr(rng, allowed_chars, length)
return s
def random_string(length, allowed_chars=None):
"""
Generate a random string with given length consisting of the given characters.
Note: this is now just a little wrapper around passlib's randomness code.
:param length: length of the string
:param allowed_chars: string with allowed characters or None
to indicate all 256 byte values should be used
:returns: random string
"""
if allowed_chars is None:
s = getrandbytes(rng, length)
else:
s = getrandstr(rng, allowed_chars, length)
return s
def test_codec(self):
"""test encode_bytes/decode_bytes against random data"""
engine = self.engine
from passlib.utils import getrandbytes, getrandstr
rng = self.getRandom()
saw_zero = False
for i in irange(500):
#
# test raw -> encode() -> decode() -> raw
#
# generate some random bytes
size = rng.randint(1 if saw_zero else 0, 12)
if not size:
saw_zero = True
enc_size = (4*size+2)//3
raw = getrandbytes(rng, size)
# encode them, check invariants
encoded = engine.encode_bytes(raw)
self.assertEqual(len(encoded), enc_size)
# make sure decode returns original
result = engine.decode_bytes(encoded)
self.assertEqual(result, raw)
#
# test encoded -> decode() -> encode() -> encoded
#
# generate some random encoded data
if size % 4 == 1:
size += rng.choice([-1,1,2])
raw_size = 3*size//4
encoded = getrandstr(rng, engine.bytemap, size)
# decode them, check invariants
raw = engine.decode_bytes(encoded)
self.assertEqual(len(raw), raw_size, "encoded %d:" % size)
# make sure encode returns original (barring padding bits)
result = engine.encode_bytes(raw)
if size % 4:
self.assertEqual(result[:-1], encoded[:-1])
else:
self.assertEqual(result, encoded)
def test_codec(self):
"""test encode_bytes/decode_bytes against random data"""
engine = self.engine
from passlib.utils import getrandbytes, getrandstr
rng = self.getRandom()
saw_zero = False
for i in irange(500):
#
# test raw -> encode() -> decode() -> raw
#
# generate some random bytes
size = rng.randint(1 if saw_zero else 0, 12)
if not size:
saw_zero = True
enc_size = (4*size+2)//3
raw = getrandbytes(rng, size)
# encode them, check invariants
encoded = engine.encode_bytes(raw)
self.assertEqual(len(encoded), enc_size)
# make sure decode returns original
result = engine.decode_bytes(encoded)
self.assertEqual(result, raw)
#
# test encoded -> decode() -> encode() -> encoded
#
# generate some random encoded data
if size % 4 == 1:
size += rng.choice([-1,1,2])
raw_size = 3*size//4
encoded = getrandstr(rng, engine.bytemap, size)
# decode them, check invariants
raw = engine.decode_bytes(encoded)
self.assertEqual(len(raw), raw_size, "encoded %d:" % size)
# make sure encode returns original (barring padding bits)
result = engine.encode_bytes(raw)
if size % 4:
self.assertEqual(result[:-1], encoded[:-1])
else:
self.assertEqual(result, encoded)
def test_02_shrink(self):
"test shrink_des_key()"
from passlib.utils.des import expand_des_key, shrink_des_key, INT_64_MASK
from passlib.utils import random, getrandbytes
# make sure reverse works for some random keys
# uses bytes, ints are tested under # 01
for i in range(20):
key1 = getrandbytes(random, 7)
key2 = expand_des_key(key1)
key3 = shrink_des_key(key2)
self.assertEqual(key3, key1)
# type checks
self.assertRaises(TypeError, shrink_des_key, 1.0)
# too large
self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 9)
# too small
self.assertRaises(ValueError, shrink_des_key, -1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 7)
def test_02_shrink(self):
"""shrink_des_key()"""
from passlib.crypto.des import expand_des_key, shrink_des_key, INT_64_MASK
rng = self.getRandom()
# make sure reverse works for some random keys
# uses bytes, ints are tested under # 01
for i in range(20):
key1 = getrandbytes(rng, 7)
key2 = expand_des_key(key1)
key3 = shrink_des_key(key2)
self.assertEqual(key3, key1)
# type checks
self.assertRaises(TypeError, shrink_des_key, 1.0)
# too large
self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1)
self.assertRaises(ValueError, shrink_des_key, b"\x00" * 9)
# too small
self.assertRaises(ValueError, shrink_des_key, -1)
self.assertRaises(ValueError, shrink_des_key, b"\x00" * 7)
def generate_salt(cls, salt_size=None, strict=False):
"""helper method for norm_salt(); generates a new random salt string.
:param salt_size: optional salt size, falls back to :attr:`default_salt_size`.
:param strict: if too-large salt should throw error, or merely be trimmed.
"""
if salt_size is None:
salt_size = cls.default_salt_size
else:
mn = cls.min_salt_size
if mn and salt_size < mn:
raise ValueError("%s salt string must be at least %d characters" % (cls.name, mn))
mx = cls.max_salt_size
if mx and salt_size > mx:
if strict:
raise ValueError("%s salt string must be at most %d characters" % (cls.name, mx))
salt_size = mx
if cls._salt_is_bytes:
if cls.salt_chars != ALL_BYTE_VALUES:
raise NotImplementedError("raw salts w/ only certain bytes not supported")
return getrandbytes(rng, salt_size)
else:
return getrandstr(rng, cls.default_salt_chars, salt_size)
def test_02_shrink(self):
"test shrink_des_key()"
from passlib.utils.des import expand_des_key, shrink_des_key, \
INT_64_MASK
from passlib.utils import random, getrandbytes
# make sure reverse works for some random keys
# uses bytes, ints are tested under # 01
for i in range(20):
key1 = getrandbytes(random, 7)
key2 = expand_des_key(key1)
key3 = shrink_des_key(key2)
self.assertEqual(key3, key1)
# type checks
self.assertRaises(TypeError, shrink_des_key, 1.0)
# too large
self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 9)
# too small
self.assertRaises(ValueError, shrink_des_key, -1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 7)
def f(*a, **k):
return getrandbytes(rng, *a, **k)
def getUuid():
return uuid.UUID(bytes=getrandbytes(rng, 16))
def f(*a, **k):
return utils.getrandbytes(utils.rng, *a, **k)
def f(*a,**k):
return getrandbytes(rng, *a, **k)
def genKey():
rawKey = getrandbytes(rng, 10)
hexKey = "".join("{:02x}".format(byte) for byte in rawKey)
return hexKey
def f(*a,**k):
return utils.getrandbytes(utils.rng, *a, **k)
