def test_20_basic(self):
"test basic encrypt/identify/verify functionality"
handlers = [hash.md5_crypt, hash.des_crypt, hash.bsdi_crypt]
cc = CryptContext(handlers, policy=None)
#run through handlers
for crypt in handlers:
h = cc.encrypt("test", scheme=crypt.name)
self.assertEqual(cc.identify(h), crypt.name)
self.assertEqual(cc.identify(h, resolve=True), crypt)
self.assertTrue(cc.verify('test', h))
self.assertTrue(not cc.verify('notest', h))
#test default
h = cc.encrypt("test")
self.assertEqual(cc.identify(h), "md5_crypt")
#test genhash
h = cc.genhash('secret', cc.genconfig())
self.assertEqual(cc.identify(h), 'md5_crypt')
h = cc.genhash('secret', cc.genconfig(), scheme='md5_crypt')
self.assertEqual(cc.identify(h), 'md5_crypt')
self.assertRaises(ValueError, cc.genhash, 'secret', cc.genconfig(), scheme="des_crypt")
def test_10_genconfig_settings(self):
"test genconfig() honors policy settings"
cc = CryptContext(policy=None, **self.sample_policy_1)
# hash specific settings
self.assertEqual(
cc.genconfig(scheme="nthash"),
'$NT$00000000000000000000000000000000',
)
self.assertEqual(
cc.genconfig(scheme="nthash", ident="3"),
'$3$$00000000000000000000000000000000',
)
# min rounds
self.assertEqual(
cc.genconfig(rounds=1999, salt="nacl"),
'$5$rounds=2000$nacl$',
)
self.assertEqual(
cc.genconfig(rounds=2001, salt="nacl"),
'$5$rounds=2001$nacl$'
)
#max rounds
self.assertEqual(
cc.genconfig(rounds=2999, salt="nacl"),
'$5$rounds=2999$nacl$',
)
self.assertEqual(
cc.genconfig(rounds=3001, salt="nacl"),
'$5$rounds=3000$nacl$'
)
#default rounds - specified
self.assertEqual(
cc.genconfig(scheme="bsdi_crypt", salt="nacl"),
'_N...nacl',
)
#default rounds - fall back to max rounds
self.assertEqual(
cc.genconfig(salt="nacl"),
'$5$rounds=3000$nacl$',
)
#default rounds - out of bounds
cc2 = CryptContext(policy=cc.policy.replace(
bsdi_crypt__default_rounds=35))
self.assertEqual(
cc2.genconfig(scheme="bsdi_crypt", salt="nacl"),
'_S...nacl',
)
# default+vary rounds
# this runs enough times the min and max *should* be hit,
# though there's a faint chance it will randomly fail.
from passlib.hash import bsdi_crypt as bc
cc3 = CryptContext(policy=cc.policy.replace(
bsdi_crypt__vary_rounds = 3))
seen = set()
for i in xrange(3*2*50):
h = cc3.genconfig("bsdi_crypt", salt="nacl")
r = bc.from_string(h).rounds
seen.add(r)
self.assertTrue(min(seen)==22)
self.assertTrue(max(seen)==28)
# default+vary % rounds
# this runs enough times the min and max *should* be hit,
# though there's a faint chance it will randomly fail.
from passlib.hash import sha256_crypt as sc
cc4 = CryptContext(policy=cc.policy.replace(
all__vary_rounds = "1%"))
seen = set()
for i in xrange(30*50):
h = cc4.genconfig(salt="nacl")
r = sc.from_string(h).rounds
seen.add(r)
self.assertTrue(min(seen)==2970)
self.assertTrue(max(seen)==3000) #NOTE: would be 3030, but clipped by max_rounds
