-
Notifications
You must be signed in to change notification settings - Fork 0
/
tests.py
161 lines (140 loc) · 7.24 KB
/
tests.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#!/usr/bin/env python
"""
Usage:
tests.py
tests.py --find <seed> <rerolls> [<count>]
"""
from docopt import docopt
import unittest
import sys
import bcrypt
import alg
import binascii
import hmac
import hashlib
class TestHashPassAlg(unittest.TestCase):
def setUp(self):
self.intermediates = [
"$2y$10$w1dpoPu1duVEV4rnZPAkLe8kxqbSe4xmE4jVqL4IcwVLWluqZNI3G",
"$2y$10$w1dpoPu1duVEV4rnZPAkLea0PzJXKXtAHtHZ60MWk6pk1GH1uKpSe",
]
def test_make_intermediate(self):
self.assertEqual(alg.make_intermediate("1234"),
"$2y$10$w1dpoPu1duVEV4rnZPAkLe8kxqbSe4xmE4jVqL4IcwVLWluqZNI3G")
self.assertEqual(alg.make_intermediate("super secret"),
"$2y$10$w1dpoPu1duVEV4rnZPAkLea0PzJXKXtAHtHZ60MWk6pk1GH1uKpSe")
self.assertEqual(alg.make_intermediate("blowfish"),
"$2y$10$w1dpoPu1duVEV4rnZPAkLefQ9jBvhg/MM6m/oTFbWLBq0R0bhwiVW")
def test_make_intermediate_too_long(self):
with self.assertRaises(Exception):
alg.make_intermediate("x" * 73)
def test_is_good_pass(self):
self.assertTrue(alg.is_good_pass("a4#aaaaaaaaaaaaaaaaa"))
self.assertTrue(alg.is_good_pass("oooo6o#ooaaaaaaaaaaa"))
self.assertFalse(alg.is_good_pass(""))
self.assertFalse(alg.is_good_pass("oeuoeuOOO2343"))
def test_make_storeable(self):
secret = "abcdef"
stored = alg.make_storeable(secret)
self.assertTrue(bcrypt.hashpw(secret, stored) == stored)
def test_check_stored(self):
# Test with an 11 round bcrypt.
secret = "blowfish"
stored = "$2y$11$Gzhmkebfiz2OapRqu/zWSOH2Wa9uAsbb4Vd5q3iKBILsMRX8MBpQa"
self.assertTrue(alg.check_stored(secret, stored))
self.assertFalse(alg.check_stored(secret[:-1], stored))
def test_bytes_to_pw_chars(self):
self.assertEqual(alg._bytes_to_pw_chars([0, 0, 0]), "aaaa")
self.assertEqual(alg._bytes_to_pw_chars([255, 255, 255]), "????")
self.assertEqual(alg._bytes_to_pw_chars([4,32,196]), "bcde")
def test_hmac(self):
secret = binascii.a2b_hex("4a656665")
data = binascii.a2b_hex("7768617420646f2079612077616e7420666f72206e6f7468696e673f")
expected = binascii.a2b_hex("5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843")
out = hmac.new(key=secret, msg=data, digestmod=hashlib.sha256).digest()
self.assertEqual(expected, out)
def test_hash(self):
expected_hex = "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
hashres = alg._new_hash("Jefe", "what do ya want for nothing?")
self.assertEqual(binascii.a2b_hex(expected_hex), hashres)
def _test_site(self, rerolls, intermediate, slug, result):
"""Test one site password, ignores the reroll parameter."""
self.assertEqual(result, alg.make_site_password(intermediate, slug, old=False))
def test_make_site_password(self):
# 0 rerolls.
self._test_site(0, self.intermediates[0], "rhythm0", "V=tT8TuMj4YRa3=6}K(J")
self._test_site(0, self.intermediates[1], "rhythm0", "@v*Y@?))NAHA+H)8@K(B")
# 1 reroll.
self._test_site(1, self.intermediates[0], "rhythm1", "Y)@5Q{KSVtLs{zyYpC8U")
self._test_site(1, self.intermediates[1], "rhythm5", "6ufX@obn4KAoeJWWn*(z")
def test_make_site_password_more(self):
# Higher reroll counts.
self._test_site(2, self.intermediates[0], "rhythm151", "qcNq}+?KtdXL8*bawUda")
self._test_site(3, self.intermediates[0], "rhythm354", "sRnjUBA36zV#MDAA=gMc")
self._test_site(4, self.intermediates[0], "rhythm2435", "mdp5@sUT}9bBhjgE6RE7")
self._test_site(5, self.intermediates[0], "rhythm30362", "?wn7SQytbo@v*+Q*sm#3")
self._test_site(6, self.intermediates[0], "rhythm353402", "k@4J*sQ}YpY)bFNw53Fz")
class TestHashPassAlgOld(unittest.TestCase):
def _test_site(self, rerolls, master, slug, result):
"""Test one site password, ignores the reroll parameter."""
self.assertEqual(result,
alg.make_site_password(master, slug, old=True))
def test_make_site_password(self):
# reroll 0 times
self.assertEqual("P4{tRc6X3q}5)bCw}su=",
alg.make_site_password("a", "b", old=True))
self.assertEqual("4D*y7}fP646v3rdWEMz6",
alg.make_site_password("batterystapler", "sportsball", old=True))
# reroll 1 time
self.assertEqual("C}Kzk*)6(CbR}sM5PxuK",
alg.make_site_password("a", "sportsball", old=True))
# bcrypted input
self.assertEqual("M9PC77h*GmdN@?(hfxcY",
alg.make_site_password(
"$2b$13$X5A4.IjQghzyTGwc0wgRrecUMeNiIgapq6zxM07dr3UDDdHUYWLTC",
"xyz", old=True))
def test_make_site_password_more(self):
self._test_site(0, "wwsx6kolKO", "Ckf2oCe18I", "jzebYcmJ}+8b5rye{9Dn")
self._test_site(0, "ld55r6WDwQ", "GC5S79GqSO", "6xMrd#LETG{HX7R=4T#m")
self._test_site(0, "efc2IqOijl", "aPu9wXGvAP", "uU9mbYPb7cewS?@9d*9B")
self._test_site(1, "B3u9mDOEeS", "nEi2IWIV0w", "bL?Y9#+{)CB#o5AX}SVf")
self._test_site(1, "JP8EUAzBnR", "zrSqXm2mGG", "LpgTEhsU9Bg*kt3YY9ca")
self._test_site(1, "FpJSv3ihkH", "TgaTRyIkDe", "9GwcXw?c8zU4}kaFvyzT")
self._test_site(2, "vFWLes9UiF", "PuVVQfm2po", "T3eq+=#c(mqvvyTkjUxh")
self._test_site(2, "rl7XJ8BAGN", "5RMHUhtPwC", "ksTEMD@SQda3y8j@raxn")
self._test_site(2, "p6SMCnGvk7", "CNY4p2xRzE", "w(4nDC6N9#Mz#Qk=rRTo")
self._test_site(3, "PXDeRAprND", "PWk8Z4l11M", "TKV64o#AuNw6g)3hNEf@")
self._test_site(3, "cpp4BigYOS", "iQ0b5dpaK7", "WkC=365S7kLPe6=}UTGw")
self._test_site(3, "lALmhk7BUd", "KVSVshAKnT", "jF6UnKgp94e)j6mnuB@#")
self._test_site(4, "fPmAEDLRb5", "jvnsGGw6sJ", "NfS44cMKPr)3LJJjs@7q")
self._test_site(4, "O4MhHSyaKo", "5Jf9O2SK0E", "8Hv+k=k)ox5BurM8jou7")
self._test_site(4, "EnVAR9wmHZ", "IRztX5yKim", "7Q=SKQ3a{=pHk4UH)N6g")
self._test_site(5, "Dqwz1XXJjf", "1b5Uaj47jx", "TS9KtB)RWcPoRd#GY@@x")
self._test_site(5, "L7UnQr4EgO", "necPJcqE6e", "3?JsK#brB=SNRcrhDX#=")
self._test_site(6, "nVoKbxmzuA", "lmOMsSXZ5A", "{Q=}Aew(u8U)+*unehdM")
self._test_site(5, "iSqlhru8op", "gJiWkK4JcO", "8wTU=am6g{=3BfoL}fuY")
self._test_site(6, "d9bqrOq7mN", "0ZSK8Ij1RT", "CgK9{jp=8vVgt=8)fJgU")
self._test_site(7, "S1R1yyV1i0", "ZKyePZecAO", "o}JgLvJv*4cmw{rcAXBo")
if __name__ == "__main__":
arguments = docopt(__doc__, version="1.0")
if arguments["--find"]:
intermediates = [
"$2y$10$w1dpoPu1duVEV4rnZPAkLe8kxqbSe4xmE4jVqL4IcwVLWluqZNI3G",
"$2y$10$w1dpoPu1duVEV4rnZPAkLea0PzJXKXtAHtHZ60MWk6pk1GH1uKpSe",]
intermediate = intermediates[0]
print "intermediate", intermediate
seed = arguments["<seed>"]
rerolls = int(arguments["<rerolls>"])
count = int(arguments["<count>"] or 1)
found = 0
for i in xrange(10000000):
if found >= count:
sys.exit(0)
slug = seed + str(i)
(generation, counter, result) = alg.make_site_password_new(
intermediate, slug, out_extra=True)
if counter == rerolls:
print rerolls, slug, result
found += 1
else:
unittest.main()