def test_crypt_errors(self):
with self.assertRaises(TypeError) as e:
crypt('test', 1)
self.assertEqual(str(e.exception), "salt must be a string")
with self.assertRaises(TypeError) as e:
crypt(123, 'salt')
self.assertEqual(str(e.exception), "word must be a string or unicode")
salt = '$p5k2$sha1$0$H0NX9mT/$ih6FhDyRXAaEN4UXk50pNsZP/nU='
with self.assertRaises(ValueError) as e:
crypt('test', salt)
self.assertEqual(str(e.exception), "Invalid salt")
salt = '$p5k2$md5$3e8$H0NX9mT/$ih6FhDyRXAaEN4UXk50pNsZP/nU='
with self.assertRaises(ValueError) as e:
crypt('test', salt)
self.assertEqual(
str(e.exception),
"Digest algorithm=md5 not supported!"
)
with self.assertRaises(ValueError) as e:
crypt('test', '$$$')
self.assertEqual(str(e.exception), "Illegal character '$' in salt")
def test_encrypt(self):
result = encrypt('test')
self.assertEqual(result, self.u(crypt('test', result)))
self.assertNotEqual(result, self.u(crypt('test', result,
secret_key='123')))
# salt_length is consumed but not used!
result = encrypt('test', salt_length=100)
self.assertEqual(result, self.u(crypt('test', result)))
# any other params are consumed to avoid errors
self.assertTrue(encrypt('test', iterations=100))
def test_encrypt(self):
result = encrypt('test')
self.assertEqual(result, self.u(crypt('test', result)))
self.assertNotEqual(result,
self.u(crypt('test', result, secret_key='123')))
# salt_length is consumed but not used!
result = encrypt('test', salt_length=100)
self.assertEqual(result, self.u(crypt('test', result)))
# any other params are consumed to avoid errors
self.assertTrue(encrypt('test', iterations=100))
def test_secret_key(self):
result = crypt('test', secret_key='123')
# algo and iteration count and salt are taken from the result hash
# but without providing a secret key, the hash should be different
# from what we expecting!
self.assertNotEqual(result, crypt('test', result))
# providing wrong secret key also should lead to wrong hash
self.assertNotEqual(result, crypt('test', result, secret_key='111'))
# hash match
self.assertEqual(result, crypt('test', result, secret_key='123'))
def test_secret_key(self):
result = crypt('test', secret_key='123')
# algo and iteration count and salt are taken from the result hash
# but without providing a secret key, the hash should be different
# from what we expecting!
self.assertNotEqual(result, crypt('test', result))
# providing wrong secret key also should lead to wrong hash
self.assertNotEqual(result, crypt('test', result, secret_key='111'))
# hash match
self.assertEqual(result, crypt('test', result, secret_key='123'))
def test_crypt_errors(self):
with self.assertRaises(TypeError) as e:
crypt('test', 1)
self.assertEqual(str(e.exception), "salt must be a string")
with self.assertRaises(TypeError) as e:
crypt(123, 'salt')
self.assertEqual(str(e.exception), "word must be a string or unicode")
salt = '$p5k2$sha1$0$H0NX9mT/$ih6FhDyRXAaEN4UXk50pNsZP/nU='
with self.assertRaises(ValueError) as e:
crypt('test', salt)
self.assertEqual(str(e.exception), "Invalid salt")
salt = '$p5k2$md5$3e8$H0NX9mT/$ih6FhDyRXAaEN4UXk50pNsZP/nU='
with self.assertRaises(ValueError) as e:
crypt('test', salt)
self.assertEqual(str(e.exception),
"Digest algorithm=md5 not supported!")
with self.assertRaises(ValueError) as e:
crypt('test', '$$$')
self.assertEqual(str(e.exception), "Illegal character '$' in salt")
def test_verify(self):
result0 = crypt('test')
result1 = crypt('test', secret_key='123')
self.assertFalse(verify(result0, 'test', '123'))
self.assertTrue(verify(result1, 'test', '123'))
def test_crypt(self):
result = crypt("secret", iterations=4096, digestmodule=sha512)
self.assertEqual(result[:6], "$p5k2$")
result = crypt("secret", "XXXXXXXX", 4096, sha512)
expected = '$p5k2$sha512$1000$XXXXXXXX$'
self.assertEqual(expected, result[:27])
# 400 iterations
result = crypt("secret", "XXXXXXXX", 400, sha512)
expected = '$p5k2$sha512$190$XXXXXXXX$'
self.assertEqual(expected, result[:26])
# 400 iterations (keyword argument)
result = crypt("spam", "FRsH3HJB", iterations=400, digestmodule=sha512)
expected = '$p5k2$sha512$190$FRsH3HJB$'
self.assertEqual(expected, result[:26])
# 1000 iterations
result = crypt("spam", "H0NX9mT/", iterations=1000,
digestmodule=sha512)
expected = '$p5k2$sha512$3e8$H0NX9mT/$'
self.assertEqual(expected, result[:26])
# 1000 iterations (iterations count taken from salt parameter)
expected = '$p5k2$sha1$3e8$H0NX9mT/$ih6FhDyRXAaEN4UXk50pNsZP/nU='
result = crypt("spam", expected, digestmodule=sha1)
self.assertEqual(expected, result)
# Feed the result back in; both hashes should match, as the algo and
# iteration count are taken from the expected hash
expected = crypt("spam")
result = crypt("spam", expected)
self.assertEqual(expected, result)
# ...and this one shouldn't match
expected = crypt("password")
result = crypt("passwd", expected)
self.assertNotEqual(expected, result)
#
# SHA256
#
result = crypt("spam", "XXXXXXXX", iterations=1000,
digestmodule=sha256)
expected = '$p5k2$sha256$3e8$XXXXXXXX$'
self.assertEqual(expected, result[:26])
# Feed the result back in; both hashes should match, as the algo and
# iteration count are taken from the expected hash
expected = crypt("spam", digestmodule=sha256)
result = crypt("spam", expected)
self.assertEqual(expected, result)
# ...and this one shouldn't match
expected = crypt("password", digestmodule=sha256)
result = crypt("passwd", expected)
self.assertNotEqual(expected, result)
#
# SHA512
#
result = crypt("spam", "XXXXXXXX", iterations=1000,
digestmodule=sha512)
expected = '$p5k2$sha512$3e8$XXXXXXXX$'
self.assertEqual(expected, result[:26])
# Feed the result back in; both hashes should match, as the algo and
# iteration count are taken from the expected hash
expected = crypt("spam", digestmodule=sha512)
result = crypt("spam", expected)
self.assertEqual(expected, result)
# ...and this one shouldn't match
expected = crypt("password", digestmodule=sha512)
result = crypt("passwd", expected)
self.assertNotEqual(expected, result)
#
# crypt() test vectors
#
# crypt 1
result = crypt("cloadm", "exec", iterations=400, digestmodule=sha1)
expected = '$p5k2$sha1$190$exec$jkxkBaZJp.nvBg4WV7BW96972fE='
self.assertEqual(expected, result)
# crypt 2
result = crypt("gnu", '$p5k2$sha1$c$u9HvcT4d$.....')
expected = '$p5k2$sha1$c$u9HvcT4d$iDgHukD37rW7UgWCS24lnNRjO3c='
self.assertEqual(expected, result)
# crypt 3
result = crypt("dcl", "tUsch7fU", iterations=13, digestmodule=sha1)
expected = "$p5k2$sha1$d$tUsch7fU$.8H47sUSBmz0PDHbKfXHkjDDboo="
self.assertEqual(expected, result)
# crypt 3, SHA256
result = crypt("dcl", "tUsch7fU", iterations=13, digestmodule=sha256)
expected = "$p5k2$sha256$d$tUsch7fU$A1I2wQdnQb28U7UD4aaxwuFL5IFj" + \
".AWLngbwVLHOkVo="
self.assertEqual(expected, result)
# crypt3, SHA512
result = crypt("dcl", "tUsch7fU", iterations=13, digestmodule=sha512)
e = "$p5k2$sha512$d$tUsch7fU$GM78GODhPDWxODRnH4/L9lGnTqMgms" + \
"YJEROltbxUVquPm1P9qmbRkQM1KuFOf6QEBXX20eMGwYRmDrFLHDyn6Q=="
self.assertEqual(e, result)
# crypt 4 (unicode)
t_msg = b'\xce\x99\xcf\x89\xce\xb1\xce\xbd\xce\xbd\xce\xb7\xcf\x82'
result = crypt(
t_msg.decode('utf-8'),
'$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8='
)
expected = '$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8='
self.assertEqual(expected, result)
# crypt 5 (UTF-8 bytes)
result = crypt(
b'\xce\x99\xcf\x89\xce\xb1\xce\xbd\xce\xbd\xce\xb7\xcf\x82',
'$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8='
)
expected = '$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8='
self.assertEqual(expected, result)
def test_verify(self):
result0 = crypt('test')
result1 = crypt('test', secret_key='123')
self.assertFalse(verify(result0, 'test', '123'))
self.assertTrue(verify(result1, 'test', '123'))
def test_crypt(self):
result = crypt("secret", iterations=4096, digestmodule=sha512)
self.assertEqual(result[:6], "$p5k2$")
result = crypt("secret", "XXXXXXXX", 4096, sha512)
expected = '$p5k2$sha512$1000$XXXXXXXX$'
self.assertEqual(expected, result[:27])
# 400 iterations
result = crypt("secret", "XXXXXXXX", 400, sha512)
expected = '$p5k2$sha512$190$XXXXXXXX$'
self.assertEqual(expected, result[:26])
# 400 iterations (keyword argument)
result = crypt("spam", "FRsH3HJB", iterations=400, digestmodule=sha512)
expected = '$p5k2$sha512$190$FRsH3HJB$'
self.assertEqual(expected, result[:26])
# 1000 iterations
result = crypt("spam",
"H0NX9mT/",
iterations=1000,
digestmodule=sha512)
expected = '$p5k2$sha512$3e8$H0NX9mT/$'
self.assertEqual(expected, result[:26])
# 1000 iterations (iterations count taken from salt parameter)
expected = '$p5k2$sha1$3e8$H0NX9mT/$ih6FhDyRXAaEN4UXk50pNsZP/nU='
result = crypt("spam", expected, digestmodule=sha1)
self.assertEqual(expected, result)
# Feed the result back in; both hashes should match, as the algo and
# iteration count are taken from the expected hash
expected = crypt("spam")
result = crypt("spam", expected)
self.assertEqual(expected, result)
# ...and this one shouldn't match
expected = crypt("password")
result = crypt("passwd", expected)
self.assertNotEqual(expected, result)
#
# SHA256
#
result = crypt("spam",
"XXXXXXXX",
iterations=1000,
digestmodule=sha256)
expected = '$p5k2$sha256$3e8$XXXXXXXX$'
self.assertEqual(expected, result[:26])
# Feed the result back in; both hashes should match, as the algo and
# iteration count are taken from the expected hash
expected = crypt("spam", digestmodule=sha256)
result = crypt("spam", expected)
self.assertEqual(expected, result)
# ...and this one shouldn't match
expected = crypt("password", digestmodule=sha256)
result = crypt("passwd", expected)
self.assertNotEqual(expected, result)
#
# SHA512
#
result = crypt("spam",
"XXXXXXXX",
iterations=1000,
digestmodule=sha512)
expected = '$p5k2$sha512$3e8$XXXXXXXX$'
self.assertEqual(expected, result[:26])
# Feed the result back in; both hashes should match, as the algo and
# iteration count are taken from the expected hash
expected = crypt("spam", digestmodule=sha512)
result = crypt("spam", expected)
self.assertEqual(expected, result)
# ...and this one shouldn't match
expected = crypt("password", digestmodule=sha512)
result = crypt("passwd", expected)
self.assertNotEqual(expected, result)
#
# crypt() test vectors
#
# crypt 1
result = crypt("cloadm", "exec", iterations=400, digestmodule=sha1)
expected = '$p5k2$sha1$190$exec$jkxkBaZJp.nvBg4WV7BW96972fE='
self.assertEqual(expected, result)
# crypt 2
result = crypt("gnu", '$p5k2$sha1$c$u9HvcT4d$.....')
expected = '$p5k2$sha1$c$u9HvcT4d$iDgHukD37rW7UgWCS24lnNRjO3c='
self.assertEqual(expected, result)
# crypt 3
result = crypt("dcl", "tUsch7fU", iterations=13, digestmodule=sha1)
expected = "$p5k2$sha1$d$tUsch7fU$.8H47sUSBmz0PDHbKfXHkjDDboo="
self.assertEqual(expected, result)
# crypt 3, SHA256
result = crypt("dcl", "tUsch7fU", iterations=13, digestmodule=sha256)
expected = "$p5k2$sha256$d$tUsch7fU$A1I2wQdnQb28U7UD4aaxwuFL5IFj" + \
".AWLngbwVLHOkVo="
self.assertEqual(expected, result)
# crypt3, SHA512
result = crypt("dcl", "tUsch7fU", iterations=13, digestmodule=sha512)
e = "$p5k2$sha512$d$tUsch7fU$GM78GODhPDWxODRnH4/L9lGnTqMgms" + \
"YJEROltbxUVquPm1P9qmbRkQM1KuFOf6QEBXX20eMGwYRmDrFLHDyn6Q=="
self.assertEqual(e, result)
# crypt 4 (unicode)
t_msg = b'\xce\x99\xcf\x89\xce\xb1\xce\xbd\xce\xbd\xce\xb7\xcf\x82'
result = crypt(t_msg.decode('utf-8'),
'$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8=')
expected = '$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8='
self.assertEqual(expected, result)
# crypt 5 (UTF-8 bytes)
result = crypt(
b'\xce\x99\xcf\x89\xce\xb1\xce\xbd\xce\xbd\xce\xb7\xcf\x82',
'$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8=')
expected = '$p5k2$sha1$3e8$KosHgqNo$jJ.gcxXLu6COVzAlz5SRvAqZTd8='
self.assertEqual(expected, result)