def test_pre_hashing(): grant_submit() pre_hashed_data = {} for k,v in test_data.items(): if k in models.PII_FIELDS: v = hmac.new(cryptography._get_public_salt(), msg=cryptography._string_or_bust(v), digestmod=hashlib.sha256).hexdigest() pre_hashed_data[k] = v submission_data = {} submission_data.update(pre_hashed_data) submission_data["pre_hashed"] = True # Submit through developer 1 dev1 = models.Developer.query(models.Developer.consumer_key == "valid_key1").get() consumer1 = oauth.Consumer(key=dev1.consumer_key, secret=dev1.consumer_secret) req = create_request(consumer1, "http://localhost/api/v1/submit/user", "POST", urlencode(submission_data)) response = testapp.post("/api/v1/submit/user", req.to_postdata()) assert response.status_int == 200 assert response.json["user_id"] == u"1" assert response.json["is_new"] assert models.IntakeUser.query().count() == 1 intake_user = models.IntakeUser.query().get() check_intakeuser(intake_user, pre_hashed_data, dev1.key, dev1.org, pre_hashed=True)
def test_hashing(): for test_value in ("This is a test value to hash", u"Now a uni\u0107ode string", 1231, datetime.date.today()): if isinstance(test_value, unicode): test_value = test_value.encode("utf-8") else: test_value = str(test_value) public_hash = hmac.new(cryptography._get_public_salt(), msg=test_value, digestmod=hashlib.sha256).hexdigest() internal_hash = hmac.new(cryptography._get_salt(), msg=public_hash, digestmod=hashlib.sha256).hexdigest() assert internal_hash == cryptography.hash_value(test_value, pre_hashed=False) internal_hash = hmac.new(cryptography._get_salt(), msg=test_value, digestmod=hashlib.sha256).hexdigest() assert internal_hash == cryptography.hash_value(test_value, pre_hashed=True)