a fWcms@s.dZddlmZddlZeeZddlZddlZddl m Z ddl m Z m Z ddlmZmZmZddlmZmZddlmZmZdd lmZGd d d eZed Zed ZedZGdddedZedZ GdddeZ!e!d Z"e!d Z#e!dZ$Gddde!dZ%e!dZ&dS)z?passlib.tests.test_handlers - tests for passlib hash algorithms)with_statementNhash)IDENT_2IDENT_2X) repeat_stringto_bytesis_safe_crypt_input)irangePY3) HandlerCase TEST_MODE) UPASS_TABLEcseZdZdZejZdZdZddddddd d d d d dddddddddddfddddfddddfddddfddddd e d!fe d"fgZ e d#rd$Z d%Z e d&e d'fd&e d'fd(e d)fd(e d*fd+e d)fd+e d,fd-e d)fd-e d)fd.e d)fd.e d)fg d/e d0fgZd1d2gZgd3Zgd4Zfd5d6Zfd7d8Zd9d:Zejd;Zdd?Zd@dAZGdBdCdCejZgdDZdEdFZdGdHZZS)I _bcrypt_testzbase for BCrypt test casesT)zU*U*U*U*z<$2a$05$c92SVSfjeiCD6F2nAD6y0uBpJDjdRkt0EgeC4/31Rf2LUZbDRDE.O)zU*U***Uz<$2a$05$WY62Xk2TXZ7EvVDQ5fmjNu7b0GEzSzUXUh2cllxJwhtOeMtWV3Ujq)zU*U***U*z<$2a$05$Fa0iKV3E2SYVUlMknirWU.CFYGvJ67UwVKI1E2FP6XeLiZGcH3MJi)z*U*U*U*Uz<$2a$05$.WRrXibc1zPgIdRXYfv.4uu6TD1KWf0VnHzq/0imhUhuxSxCyeBs2)z<$2a$05$Otz9agnajgrAe0.kFVF9V.tzaStZ2s1s4ZWi/LY4sw2k/MTVFj/IO)zU*Uz<$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW)zU*U*z<$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK)zU*U*Uz<$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a)rz<$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy)zb0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789chars after 72 are ignoredz<$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui)z<$2a$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq)s345z<$2a$05$/OK.fbVrR/bpIqNJ5ianF.nRht2l/HRhr6zmCp9vYUvvsqynflf9e)sabz<$2a$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS)skchars after 72 are ignored as usualz<$2a$05$/OK.fbVrR/bpIqNJ5ianF.swQOIzjOiJ9GHEPuhEkvqrUyvWhEMx6)sHUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUz<$2a$05$/OK.fbVrR/bpIqNJ5ianF.R9xrDjiycxMbQE2bp.vgqlYpW5wx2yy)sHUUUUUUUUUUUUUUUUUUUUUUUUz<$2a$05$/OK.fbVrR/bpIqNJ5ianF.9tQZzcJfm3uj2NvJ/n5xkhpqLrMpWCe)rz<$2y$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq)sёz<$2y$05$6bNw2HLQYeqHYyBfLMsv/OUcZd0LKP39b87nBw3.S2tVZSqiQX6euA01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789Nz<$2a$04$R1lJ2gkNaoPGdafE.H.16.1MKHPvmKwryeulRe225LKProWYwt9Oii)rz<$2a$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s.)az<$2a$10$k87L/MF28Q673VKh8/cPi.SUl7MU/rWuSiIDDFayrKk/1tBsSQu4u)abcz<$2a$10$WvvTPHKwdBJ3uk0Z37EMR.hLA2W6N9AEBhEgrAOljy2Ae5MtaSIUi)Zabcdefghijklmnopqrstuvwxyzz<$2a$10$fVH8e28OQRj9tqiDXs1e1uxpsjN0c7II7YPKXua2NAKYvM6iQk7dq)z"~!@#$%^&*() ~!@#$%^&*()PNBFRDz<$2a$10$LgfYWkbzEvQ4JakH7rOvHe0y8pHKF9OaFgwUZ2q7W2FFZmZzJYlfSz<$2a$05$Z17AXnnlpzddNUvnC6cZNOSwMA/8oNiKnHTHTwLlBijfucQQlHjaGz<$2b$05$Z17AXnnlpzddNUvnC6cZNOSwMA/8oNiKnHTHTwLlBijfucQQlHjaGfullz$2$05$......................z$2a$05$......................rZJ2ihDv8vVf7QZ9BsaRrKyqs2tkn55YqrzXuQjdH.wPVNUZ/bOfstdW/FqB8QSjteZev6gDwpVye3oMCUpLY85aTpfBNHD0GaZEabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcz2kIdfSj/4/R/Q6n847VTvc68BXiRYZCZHabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcZIabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabcxz$2a$04$uM6csdM8R9SXTex/gbTayez<$2a$04$uM6csdM8R9SXTex/gbTayezuvzFEufYGd2uB6of7qScLjQ4GwcD4Gz<$2f$12$EXRkfkdmXnagzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9qz<$2`$12$EXRkfkdmXnagzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9q)z<$2a$12$EXRkfkdmXn!gzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9qz<$2x$12$EXRkfkdmXnagzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9qz;$2a$6$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s.))zfreedbsd|openbsd|netbsdT)darwinF)ZlinuxN)ZsolarisNcsrtdrT|jdkrTd}tj|}|r:|tjj||n|tjj|dtj|<tt | t dddS)NrbuiltinPASSLIB_BUILTIN_BCRYPTtrueignore3.*backend is vulnerable to the bsd wraparound bug.*) r backendosenvironget addCleanup __setitem__ __delitem__superrsetUpwarningsfilterwarningsselfkeyZorig __class__F/usr/lib/python3.9/site-packages/passlib/tests/test_handlers_bcrypt.pyr&s  z_bcrypt_test.setUpcs*|jdkr|ddtt||dSNrrounds)r setdefaultr%rpopulate_settingsr*kwdsr,r.r/r4s  z_bcrypt_test.populate_settingscCsBddlm}m}m}ddlm}||}|d|dp:d|S)z4check if OS crypt is expected to support given identr)bcryptrIDENT_2Y) safe_crypttestz04$5BJqKfqMQvV7nS.yUguNcur)passlib.handlers.bcryptr7rr8 passlib.utilsr9Z from_string startswith)r*rr7rr8r9identr.r.r/crypt_supports_variants  z#_bcrypt_test.crypt_supports_variant)fuzz_verifier_bcryptfuzz_verifier_pybcryptfuzz_verifier_bcryptorcsxddlmmmm}mm}ddlm}m z ddl Wnt yPYdS0|r\dSfdd}|S)Nr)rIDENT_2AIDENT_2Brr8_detect_pybcrypt) to_native_strrcs|jj}|r*|dd}nN|rT|dd}|rxt|d}n$|rxjdkrx|dd}|}z|||kWStytd||fYn0dS)r7r2NHz3.0.0z$bcrypt rejected hash: %r (secret=%r))FuzzHashGeneratorpassword_encodingr=r __version__hashpw ValueErrorsecretrrrCrDr8r7r*rr.r/ check_bcrypts    z7_bcrypt_test.fuzz_verifier_bcrypt..check_bcrypt) r;rrCrDrr8rEr<rFrr7 ImportError)r*rrErFrQr.rPr/r@s   z!_bcrypt_test.fuzz_verifier_bcryptcsnddlm}mmm}mm}ddlm| dd}|s@dSddlm |j fdd}|S) Nr)rrCrDrr8_PyBcryptBackendrFpybcryptF) _pybcryptcs|jj}t|dkr&|dd}|frD|dd}zRr"|||kWdWS1sv0Yn|||kWSWn tytd|fYn0dS)rUNr2zpy-bcrypt rejected hash: %r)rIrJlenr=rLrMrNrCrDr8Z bcrypt_modlockr*rFr.r/check_pybcrypts  2 z;_bcrypt_test.fuzz_verifier_pybcrypt..check_pybcrypt) r;rrCrDrr8rSr<rFZ_load_backend_mixinrVZ _calc_lock)r*rrrSZloadedr[r.rYr/rAs    z#_bcrypt_test.fuzz_verifier_pybcryptcsfddlmmmmddlmzddlmWnt yHYdS0fdd}|S)Nr)rrCr8rDrT)Enginecsj|jj}|fr.|dd}n(|rV|dd}|rVt|d}d|||kS)bcryptorr2NrGrHF)rIrJr=rZhash_keyrNr\rrCrDr8r*rFr.r/check_bcryptors  z;_bcrypt_test.fuzz_verifier_bcryptor..check_bcryptor) r;rrCr8rDr<rFZbcryptor.enginer\rR)r*r_r.r^r/rBs   z#_bcrypt_test.fuzz_verifier_bcryptorcs$eZdZfddZddZZS)z_bcrypt_test.FuzzHashGeneratorcsttj|}|d}|d}|d}|d}|tkrB|d=n>|tkr|rtt|t t|t|kr| \|d<|d<|S)NrOothersettingsr>) r%rrIgenerater!rrrrrXZrandom_password_pair)r*ZoptsrOr`rar>r,r.r/rb+s *z'_bcrypt_test.FuzzHashGenerator.generatecCs|ddddSNZ randintgaussr*r.r.r/ random_rounds>sz,_bcrypt_test.FuzzHashGenerator.random_rounds)__name__ __module__ __qualname__rbrj __classcell__r.r.r,r/rI)s rI))r:z<$2a$04$oaQbBqq8JnSM1NHRPQGXORY4Vw3bdHKLIXTecPDRAcJ98cz1ilveOz<$2a$04$oaQbBqq8JnSM1NHRPQGXOOY4Vw3bdHKLIXTecPDRAcJ98cz1ilveO)r:<$2a$04$yjDgE74RJkeqC0/1NheSScrvKeu9IbKDpcQf/Ox3qsrRS/Kw42qIS<$2a$04$yjDgE74RJkeqC0/1NheSSOrvKeu9IbKDpcQf/Ox3qsrRS/Kw42qIS)r:z<$2a$04$yjDgE74RJkeqC0/1NheSSOrvKeu9IbKDpcQf/Ox3qsrRS/Kw42qIVrpc sTdj}d}fdd}tdD]}||q(tdD]}||j|jddqBd |g |jd d d d }Wdn1s0Y|dj }|D]\}}} |g$| ||| Wdn1s0Yg$| || | Wdn1s60Y|g" | ||Wdn1sv0Yg" | || Wdn1s0Y|g"| || Wdn1s0Yg"| | | Wdq1s20Yq| dddS)z2test passlib correctly handles bcrypt padding bitsrz.*incorrectly set padding bitscsB|drt|dks$Jd|f|ddvd|fdS)N)z$2a$z$2b$zunexpectedly malformed hash: %rz.Oeuz'unused bits incorrectly set in hash: %r)r=rX assertTruerrir.r/ check_paddingls z:_bcrypt_test.test_90_bcrypt_padding..check_paddingrfrGr1Zbobzsalt too largez.....................A.rdT)saltr1ZrelaxedNz<$2b$05$.....................................................z$md5$abc)Zrequire_TEST_MODEhandlerr Z genconfigusingZ min_roundsrZassertWarningList assertEqualknown_incorrect_paddingZgenhashrrverifyZnormhash) r*r7Z corr_descrsirZsamplespwdZbadZgoodr.rir/test_90_bcrypt_padding^s4    . 2 42 22 4z#_bcrypt_test.test_90_bcrypt_paddingcCs:|jjdd}d}d}||||||dS)z$needs_update corrects bcrypt paddingr2rtrorpN)rvrwrrZ needs_updateZ assertFalse)r*r7ZBAD1ZGOOD1r.r.r/test_needs_update_w_paddings z(_bcrypt_test.test_needs_update_w_padding) rkrlrm__doc__rr7rvreduce_default_roundsfuzz_salts_need_bcrypt_repairrknown_correct_hashesr ZCONFIG_2ZCONFIG_Aextendknown_correct_configsZknown_unidentified_hashesknown_malformed_hashesZplatform_crypt_supportr&r4r?r Zfuzz_verifiersr@rArBrIryr}r~rnr.r.r,r/rs  W               !:rr7rUr]c@s eZdZddejDZdZdS)bcrypt_os_crypt_testcCsg|]}t|dr|qS)r)r ).0rowr.r.r/ s zbcrypt_os_crypt_test.FN)rkrlrmrrhas_os_crypt_fallbackr.r.r.r/rsrZos_cryptrcseZdZdZejZdZdZdZ dde dfe ddfde d fe d d d fe d d d dfe d d ddfdde dfe ddfe d d dfe d d d dfe d d ddfgZ ddgZgdZfddZfddZddZd d!ZGd"d#d#ejZd$d%Zd&d'ZZS)(_bcrypt_sha256_testz!base for BCrypt-SHA256 test casesTN)rzJ$bcrypt-sha256$2a,5$E/e/2AOhqM5W/KJTFQzLce$F6dYSxOdAEoJZO2eoHUZWZljW/e0TXO)passwordJ$bcrypt-sha256$2a,5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzJ$bcrypt-sha256$2a,5$.US1fQ4TQS.ZTz/uJ5Kyn.$QNdPDOTKKT5/sovNz1iWg26quOU4Pjezutf-8)rzJ$bcrypt-sha256$2b,5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzJ$bcrypt-sha256$2b,5$.US1fQ4TQS.ZTz/uJ5Kyn.$QNdPDOTKKT5/sovNz1iWg26quOU4PjeZabc123rHzJ$bcrypt-sha256$2b,5$X1g1nh3g0v4h6970O68cxe$r/hyEtqJ0teqPEmfTLoZ83ciAI1Q74.ZqwrzJ$bcrypt-sha256$2b,5$X1g1nh3g0v4h6970O68cxe$021KLEif6epjot5yoxk0m8I0929ohEaZxyzzJ$bcrypt-sha256$2b,5$X1g1nh3g0v4h6970O68cxe$7.1kgpHduMGEjvM3fX6e/QCvfn6OKja)rzR$bcrypt-sha256$v=2,t=2b,r=5$E/e/2AOhqM5W/KJTFQzLce$WFPIZKtDDTriqWwlmRFfHiOTeheAZWe)rR$bcrypt-sha256$v=2,t=2b,r=5$5Hg1DKFqPE8C2aflZ5vVoe$wOK1VFFtS8IGTrGa7.h5fs0u84qyPbSzR$bcrypt-sha256$v=2,t=2b,r=5$.US1fQ4TQS.ZTz/uJ5Kyn.$pzzgp40k8reM1CuQb03PvE0IDPQSdV6zR$bcrypt-sha256$v=2,t=2b,r=5$X1g1nh3g0v4h6970O68cxe$zu1cloESVFIOsUIo7fCEgkdHaI9SSuezR$bcrypt-sha256$v=2,t=2b,r=5$X1g1nh3g0v4h6970O68cxe$CBF9csfEdW68xv3DwE6xSULXMtqEFP.zR$bcrypt-sha256$v=2,t=2b,r=5$X1g1nh3g0v4h6970O68cxe$zC/1UDUG2ofEXB6Onr2vvyFzfhEOS3S)z*$bcrypt-sha256$2a,5$5Hg1DKFqPE8C2aflZ5vVoerr)z2$bcrypt-sha256$v=2,t=2b,r=5$5Hg1DKFqPE8C2aflZ5vVoerr) zJ$bcrypt-sha256$2a,5$5Hg1DKF!PE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzJ$bcrypt-sha256$2c,5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzJ$bcrypt-sha256$2x,5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzK$bcrypt-sha256$2a,05$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuz+$bcrypt-sha256$2a,5$5Hg1DKFqPE8C2aflZ5vVoe$zR$bcrypt-sha256$v=2,t=2b,r=5$5Hg1DKF!PE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzR$bcrypt-sha256$v=1,t=2b,r=5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzR$bcrypt-sha256$v=3,t=2b,r=5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzR$bcrypt-sha256$v=2,t=2c,r=5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzR$bcrypt-sha256$v=2,t=2a,r=5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzR$bcrypt-sha256$v=2,t=2x,r=5$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuzS$bcrypt-sha256$v=2,t=2b,r=05$5Hg1DKFqPE8C2aflZ5vVoe$12BjNE0p7axMg55.Y/mHsYiVuFBDQyuz3$bcrypt-sha256$v=2,t=2b,r=5$5Hg1DKFqPE8C2aflZ5vVoe$csrtdrT|jdkrTd}tj|}|r:|tjj||n|tjj|dtj|<tt | t dddS)NrrrZenabledrr) r rrr r!r"r#r$r%rr&r'r(r)r,r.r/r&@s  z_bcrypt_sha256_test.setUpcs*|jdkr|ddtt||dSr0)rr3r%rr4r5r,r.r/r4Ms  z%_bcrypt_sha256_test.populate_settingscCs|ddS)Nzmultiple idents not supported)ZskipTestrir.r.r/require_many_identsWsz'_bcrypt_sha256_test.require_many_identscCs&|j}|dd|jt|ddddS)NT) use_defaultsz$2y$)r>r)rv assertRaisesrM)r*rvr.r.r/test_30_HasOneIdentZs z'_bcrypt_sha256_test.test_30_HasOneIdentc@seZdZddZddZdS)z%_bcrypt_sha256_test.FuzzHashGeneratorcCs|ddddSrcrhrir.r.r/rjfsz3_bcrypt_sha256_test.FuzzHashGenerator.random_roundscCsdS)N2br.rir.r.r/ random_identjsz2_bcrypt_sha256_test.FuzzHashGenerator.random_identN)rkrlrmrjrr.r.r.r/rIdsrIcCsd|j}||jd|jdd}||jd|jt|jdd|jddd}|jt|jdddS)Nrg)versioniZ2a)rr>)r>)rvrxrrwrrM)r*rvsubclsr.r.r/test_using_versionqs z&_bcrypt_sha256_test.test_using_versionc Csddlm}ddlm}ddlm}d}d}|d|d|d}||d}||d |d |d d  |}||d | | |d|||j d |d d  |}|||dS)z6 test digest calc v2 matches bcrypt() r)r7) compile_hmac) b64encodeZnyKYxTAvjmy6lMDYMl11Uur:Zsha256asciiz,J5TlyIDm+IcSWmKiDJm+MeICndBkFVPn4kKdJW8f+xY=r )r>rur1zM0wE0Ov/9LXoQFCe.jRHu3MSHPF54Taz$2b$12$N) Z passlib.hashr7Zpasslib.crypto.digestrZpasslib.utils.binaryrencodedecoderxZ_calc_checksumrrrzrv) r*r7rrrurOZ temp_digestZ bcrypt_digestresultr.r.r/test_calc_digest_v2s     z'_bcrypt_sha256_test.test_calc_digest_v2)rkrlrmrrZ bcrypt_sha256rvrZforbidden_charactersrrrrrrrr&r4rrr rIrrrnr.r.r,r/rsn     A 4   rc@seZdZeddZdZdS)bcrypt_sha256_os_crypt_testcCstS)N)r_get_safe_crypt_handler_backend)clsr.r.r/rsz;bcrypt_sha256_os_crypt_test._get_safe_crypt_handler_backendFN)rkrlrm classmethodrrr.r.r.r/rs r)'rZ __future__rZloggingZ getLoggerrklogrr'Zpasslibrr;rrr<rrr Zpasslib.utils.compatr r Zpasslib.tests.utilsr r Zpasslib.tests.test_handlersrrZcreate_backend_caseZbcrypt_bcrypt_testZbcrypt_pybcrypt_testZbcrypt_bcryptor_testrZbcrypt_builtin_testrZbcrypt_sha256_bcrypt_testZbcrypt_sha256_pybcrypt_testZbcrypt_sha256_bcryptor_testrZbcrypt_sha256_builtin_testr.r.r.r/s4       d