| import sys |
| import unittest |
| |
| |
| try: |
| import crypt |
| IMPORT_ERROR = None |
| except ImportError as ex: |
| if sys.platform != 'win32': |
| raise unittest.SkipTest(str(ex)) |
| crypt = None |
| IMPORT_ERROR = str(ex) |
| |
| |
| @unittest.skipUnless(sys.platform == 'win32', 'This should only run on windows') |
| @unittest.skipIf(crypt, 'import succeeded') |
| class TestWhyCryptDidNotImport(unittest.TestCase): |
| |
| def test_import_failure_message(self): |
| self.assertIn('not supported', IMPORT_ERROR) |
| |
| |
| @unittest.skipUnless(crypt, 'crypt module is required') |
| class CryptTestCase(unittest.TestCase): |
| |
| def test_crypt(self): |
| cr = crypt.crypt('mypassword') |
| cr2 = crypt.crypt('mypassword', cr) |
| self.assertEqual(cr2, cr) |
| cr = crypt.crypt('mypassword', 'ab') |
| if cr is not None: |
| cr2 = crypt.crypt('mypassword', cr) |
| self.assertEqual(cr2, cr) |
| |
| def test_salt(self): |
| self.assertEqual(len(crypt._saltchars), 64) |
| for method in crypt.methods: |
| salt = crypt.mksalt(method) |
| self.assertIn(len(salt) - method.salt_chars, {0, 1, 3, 4, 6, 7}) |
| if method.ident: |
| self.assertIn(method.ident, salt[:len(salt)-method.salt_chars]) |
| |
| def test_saltedcrypt(self): |
| for method in crypt.methods: |
| cr = crypt.crypt('assword', method) |
| self.assertEqual(len(cr), method.total_size) |
| cr2 = crypt.crypt('assword', cr) |
| self.assertEqual(cr2, cr) |
| cr = crypt.crypt('assword', crypt.mksalt(method)) |
| self.assertEqual(len(cr), method.total_size) |
| |
| def test_methods(self): |
| self.assertTrue(len(crypt.methods) >= 1) |
| if sys.platform.startswith('openbsd'): |
| self.assertEqual(crypt.methods, [crypt.METHOD_BLOWFISH]) |
| else: |
| self.assertEqual(crypt.methods[-1], crypt.METHOD_CRYPT) |
| |
| @unittest.skipUnless( |
| crypt |
| and ( |
| crypt.METHOD_SHA256 in crypt.methods or crypt.METHOD_SHA512 in crypt.methods |
| ), |
| 'requires support of SHA-2', |
| ) |
| def test_sha2_rounds(self): |
| for method in (crypt.METHOD_SHA256, crypt.METHOD_SHA512): |
| for rounds in 1000, 10_000, 100_000: |
| salt = crypt.mksalt(method, rounds=rounds) |
| self.assertIn('$rounds=%d$' % rounds, salt) |
| self.assertEqual(len(salt) - method.salt_chars, |
| 11 + len(str(rounds))) |
| cr = crypt.crypt('mypassword', salt) |
| self.assertTrue(cr) |
| cr2 = crypt.crypt('mypassword', cr) |
| self.assertEqual(cr2, cr) |
| |
| @unittest.skipUnless( |
| crypt and crypt.METHOD_BLOWFISH in crypt.methods, 'requires support of Blowfish' |
| ) |
| def test_blowfish_rounds(self): |
| for log_rounds in range(4, 11): |
| salt = crypt.mksalt(crypt.METHOD_BLOWFISH, rounds=1 << log_rounds) |
| self.assertIn('$%02d$' % log_rounds, salt) |
| self.assertIn(len(salt) - crypt.METHOD_BLOWFISH.salt_chars, {6, 7}) |
| cr = crypt.crypt('mypassword', salt) |
| self.assertTrue(cr) |
| cr2 = crypt.crypt('mypassword', cr) |
| self.assertEqual(cr2, cr) |
| |
| def test_invalid_rounds(self): |
| for method in (crypt.METHOD_SHA256, crypt.METHOD_SHA512, |
| crypt.METHOD_BLOWFISH): |
| with self.assertRaises(TypeError): |
| crypt.mksalt(method, rounds='4096') |
| with self.assertRaises(TypeError): |
| crypt.mksalt(method, rounds=4096.0) |
| for rounds in (0, 1, -1, 1<<999): |
| with self.assertRaises(ValueError): |
| crypt.mksalt(method, rounds=rounds) |
| with self.assertRaises(ValueError): |
| crypt.mksalt(crypt.METHOD_BLOWFISH, rounds=1000) |
| for method in (crypt.METHOD_CRYPT, crypt.METHOD_MD5): |
| with self.assertRaisesRegex(ValueError, 'support'): |
| crypt.mksalt(method, rounds=4096) |
| |
| |
| if __name__ == "__main__": |
| unittest.main() |
