Home Explore Help
Sign In
Grey_Hat_Cybersecurity
/
Simple_RSA_Tool
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 69b6bf7368
Branches Tags
Simple_RSA_T...
/
Cryptodome
/
SelfTest
/
Protocol
/
test_KDF.py

test_KDF.py 34 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733 
  1. # -*- coding: utf-8 -*-
    2. 

  2. #
    3. 

  3. #  SelfTest/Protocol/test_KDF.py: Self-test for key derivation functions
    4. 

  4. #
    5. 

  5. # ===================================================================
    6. 

  6. # The contents of this file are dedicated to the public domain.  To
    7. 

  7. # the extent that dedication to the public domain is not available,
    8. 

  8. # everyone is granted a worldwide, perpetual, royalty-free,
    9. 

  9. # non-exclusive license to exercise all rights associated with the
    10. 

  10. # contents of this file for any purpose whatsoever.
    11. 

  11. # No rights are reserved.
    12. 

  12. #
    13. 

  13. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
    14. 

  14. # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
    15. 

  15. # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
    16. 

  16. # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
    17. 

  17. # BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
    18. 

  18. # ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
    19. 

  19. # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
    20. 

  20. # SOFTWARE.
    21. 

  21. # ===================================================================
    22. 

  22. 

  23. import unittest
    24. 

  24. from binascii import unhexlify
    25. 

  25. 

  26. from Cryptodome.Util.py3compat import b, bchr
    27. 

  27. 

  28. from Cryptodome.SelfTest.st_common import list_test_cases
    29. 

  29. from Cryptodome.SelfTest.loader import load_test_vectors_wycheproof
    30. 

  30. from Cryptodome.Hash import SHA1, HMAC, SHA256, MD5, SHA224, SHA384, SHA512
    31. 

  31. from Cryptodome.Cipher import AES, DES3
    32. 

  32. 

  33. from Cryptodome.Protocol.KDF import (PBKDF1, PBKDF2, _S2V, HKDF, scrypt,
    34. 

  34.                                  bcrypt, bcrypt_check)
    35. 

  35. 

  36. from Cryptodome.Protocol.KDF import _bcrypt_decode
    37. 

  37. 

  38. 

  39. def t2b(t):
    40. 

  40.     if t is None:
    41. 

  41.         return None
    42. 

  42.     t2 = t.replace(" ", "").replace("\n", "")
    43. 

  43.     return unhexlify(b(t2))
    44. 

  44. 

  45. 

  46. class TestVector(object):
    47. 

  47.     pass
    48. 

  48. 

  49. 

  50. class PBKDF1_Tests(unittest.TestCase):
    51. 

  51. 

  52.     # List of tuples with test data.
    53. 

  53.     # Each tuple is made up by:
    54. 

  54.     #       Item #0: a pass phrase
    55. 

  55.     #       Item #1: salt (8 bytes encoded in hex)
    56. 

  56.     #       Item #2: output key length
    57. 

  57.     #       Item #3: iterations to use
    58. 

  58.     #       Item #4: expected result (encoded in hex)
    59. 

  59.     _testData = (
    60. 

  60.             # From http://www.di-mgt.com.au/cryptoKDFs.html#examplespbkdf
    61. 

  61.             ("password", "78578E5A5D63CB06", 16, 1000, "DC19847E05C64D2FAF10EBFB4A3D2A20"),
    62. 

  62.     )
    63. 

  63. 

  64.     def test1(self):
    65. 

  65.         v = self._testData[0]
    66. 

  66.         res = PBKDF1(v[0], t2b(v[1]), v[2], v[3], SHA1)
    67. 

  67.         self.assertEqual(res, t2b(v[4]))
    68. 

  68. 

  69. 

  70. class PBKDF2_Tests(unittest.TestCase):
    71. 

  71. 

  72.     # List of tuples with test data.
    73. 

  73.     # Each tuple is made up by:
    74. 

  74.     #       Item #0: a pass phrase
    75. 

  75.     #       Item #1: salt (encoded in hex)
    76. 

  76.     #       Item #2: output key length
    77. 

  77.     #       Item #3: iterations to use
    78. 

  78.     #       Item #4: hash module
    79. 

  79.     #       Item #5: expected result (encoded in hex)
    80. 

  80.     _testData = (
    81. 

  81.             # From http://www.di-mgt.com.au/cryptoKDFs.html#examplespbkdf
    82. 

  82.             ("password","78578E5A5D63CB06",24,2048,     SHA1, "BFDE6BE94DF7E11DD409BCE20A0255EC327CB936FFE93643"),
    83. 

  83.             # From RFC 6050
    84. 

  84.             ("password","73616c74", 20, 1,              SHA1, "0c60c80f961f0e71f3a9b524af6012062fe037a6"),
    85. 

  85.             ("password","73616c74", 20, 2,              SHA1, "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"),
    86. 

  86.             ("password","73616c74", 20, 4096,           SHA1, "4b007901b765489abead49d926f721d065a429c1"),
    87. 

  87.             ("passwordPASSWORDpassword","73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74",
    88. 

  88.                                     25, 4096,           SHA1, "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"),
    89. 

  89.             ( 'pass\x00word',"7361006c74",16,4096,      SHA1, "56fa6aa75548099dcc37d7f03425e0c3"),
    90. 

  90.             # From draft-josefsson-scrypt-kdf-01, Chapter 10
    91. 

  91.             ( 'passwd', '73616c74', 64, 1,              SHA256, "55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783"),
    92. 

  92.             ( 'Password', '4e61436c', 64, 80000,        SHA256, "4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d"),
    93. 

  93.         )
    94. 

  94. 

  95.     def test1(self):
    96. 

  96.         # Test only for HMAC-SHA1 as PRF
    97. 

  97. 

  98.         def prf_SHA1(p,s):
    99. 

  99.             return HMAC.new(p,s,SHA1).digest()
    100. 

  100. 

  101.         def prf_SHA256(p,s):
    102. 

  102.             return HMAC.new(p,s,SHA256).digest()
    103. 

  103. 

  104.         for i in range(len(self._testData)):
    105. 

  105.             v = self._testData[i]
    106. 

  106.             password = v[0]
    107. 

  107.             salt = t2b(v[1])
    108. 

  108.             out_len = v[2]
    109. 

  109.             iters = v[3]
    110. 

  110.             hash_mod = v[4]
    111. 

  111.             expected = t2b(v[5])
    112. 

  112. 

  113.             if hash_mod is SHA1:
    114. 

  114.                 res = PBKDF2(password, salt, out_len, iters)
    115. 

  115.                 self.assertEqual(res, expected)
    116. 

  116. 

  117.                 res = PBKDF2(password, salt, out_len, iters, prf_SHA1)
    118. 

  118.                 self.assertEqual(res, expected)
    119. 

  119.             else:
    120. 

  120.                 res = PBKDF2(password, salt, out_len, iters, prf_SHA256)
    121. 

  121.                 self.assertEqual(res, expected)
    122. 

  122. 

  123.     def test2(self):
    124. 

  124.         # Verify that prf and hmac_hash_module are mutual exclusive
    125. 

  125.         def prf_SHA1(p,s):
    126. 

  126.             return HMAC.new(p,s,SHA1).digest()
    127. 

  127. 

  128.         self.assertRaises(ValueError, PBKDF2, b("xxx"), b("yyy"), 16, 100,
    129. 

  129.                           prf=prf_SHA1, hmac_hash_module=SHA1)
    130. 

  130. 

  131.     def test3(self):
    132. 

  132.         # Verify that hmac_hash_module works like prf
    133. 

  133. 

  134.         password = b("xxx")
    135. 

  135.         salt = b("yyy")
    136. 

  136. 

  137.         for hashmod in (MD5, SHA1, SHA224, SHA256, SHA384, SHA512):
    138. 

  138. 

  139.             pr1 = PBKDF2(password, salt, 16, 100,
    140. 

  140.                          prf=lambda p, s: HMAC.new(p,s,hashmod).digest())
    141. 

  141.             pr2 = PBKDF2(password, salt, 16, 100, hmac_hash_module=hashmod)
    142. 

  142. 

  143.             self.assertEqual(pr1, pr2)
    144. 

  144. 

  145.     def test4(self):
    146. 

  146.         # Verify that PBKDF2 can take bytes or strings as password or salt
    147. 

  147.         k1 = PBKDF2("xxx", b("yyy"), 16, 10)
    148. 

  148.         k2 = PBKDF2(b("xxx"), b("yyy"), 16, 10)
    149. 

  149.         self.assertEqual(k1, k2)
    150. 

  150. 

  151.         k1 = PBKDF2(b("xxx"), "yyy", 16, 10)
    152. 

  152.         k2 = PBKDF2(b("xxx"), b("yyy"), 16, 10)
    153. 

  153.         self.assertEqual(k1, k2)
    154. 

  154. 

  155. 

  156. class S2V_Tests(unittest.TestCase):
    157. 

  157. 

  158.     # Sequence of test vectors.
    159. 

  159.     # Each test vector is made up by:
    160. 

  160.     #   Item #0: a tuple of strings
    161. 

  161.     #   Item #1: an AES key
    162. 

  162.     #   Item #2: the result
    163. 

  163.     #   Item #3: the cipher module S2V is based on
    164. 

  164.     # Everything is hex encoded
    165. 

  165.     _testData = [
    166. 

  166. 

  167.             # RFC5297, A.1
    168. 

  168.             (
    169. 

  169.              (  '101112131415161718191a1b1c1d1e1f2021222324252627',
    170. 

  170.                 '112233445566778899aabbccddee' ),
    171. 

  171.             'fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0',
    172. 

  172.             '85632d07c6e8f37f950acd320a2ecc93',
    173. 

  173.             AES
    174. 

  174.             ),
    175. 

  175. 

  176.             # RFC5297, A.2
    177. 

  177.             (
    178. 

  178.              (  '00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddcc'+
    179. 

  179.                 'bbaa99887766554433221100',
    180. 

  180.                 '102030405060708090a0',
    181. 

  181.                 '09f911029d74e35bd84156c5635688c0',
    182. 

  182.                 '7468697320697320736f6d6520706c61'+
    183. 

  183.                 '696e7465787420746f20656e63727970'+
    184. 

  184.                 '74207573696e67205349562d414553'),
    185. 

  185.             '7f7e7d7c7b7a79787776757473727170',
    186. 

  186.             '7bdb6e3b432667eb06f4d14bff2fbd0f',
    187. 

  187.             AES
    188. 

  188.             ),
    189. 

  189. 

  190.         ]
    191. 

  191. 

  192.     def test1(self):
    193. 

  193.         """Verify correctness of test vector"""
    194. 

  194.         for tv in self._testData:
    195. 

  195.             s2v = _S2V.new(t2b(tv[1]), tv[3])
    196. 

  196.             for s in tv[0]:
    197. 

  197.                 s2v.update(t2b(s))
    198. 

  198.             result = s2v.derive()
    199. 

  199.             self.assertEqual(result, t2b(tv[2]))
    200. 

  200. 

  201.     def test2(self):
    202. 

  202.         """Verify that no more than 127(AES) and 63(TDES)
    203. 

  203.         components are accepted."""
    204. 

  204.         key = bchr(0) * 8 + bchr(255) * 8
    205. 

  205.         for module in (AES, DES3):
    206. 

  206.             s2v = _S2V.new(key, module)
    207. 

  207.             max_comps = module.block_size*8-1
    208. 

  208.             for i in range(max_comps):
    209. 

  209.                 s2v.update(b("XX"))
    210. 

  210.             self.assertRaises(TypeError, s2v.update, b("YY"))
    211. 

  211. 

  212. 

  213. class HKDF_Tests(unittest.TestCase):
    214. 

  214. 

  215.     # Test vectors from RFC5869, Appendix A
    216. 

  216.     # Each tuple is made up by:
    217. 

  217.     #       Item #0: hash module
    218. 

  218.     #       Item #1: secret
    219. 

  219.     #       Item #2: salt
    220. 

  220.     #       Item #3: context
    221. 

  221.     #       Item #4: expected result
    222. 

  222.     _test_vector  = (
    223. 

  223.             (
    224. 

  224.                 SHA256,
    225. 

  225.                 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
    226. 

  226.                 "000102030405060708090a0b0c",
    227. 

  227.                 "f0f1f2f3f4f5f6f7f8f9",
    228. 

  228.                 42,
    229. 

  229.                 "3cb25f25faacd57a90434f64d0362f2a" +
    230. 

  230.                 "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" +
    231. 

  231.                 "34007208d5b887185865"
    232. 

  232.             ),
    233. 

  233.             (
    234. 

  234.                 SHA256,
    235. 

  235.                 "000102030405060708090a0b0c0d0e0f" +
    236. 

  236.                 "101112131415161718191a1b1c1d1e1f" +
    237. 

  237.                 "202122232425262728292a2b2c2d2e2f" +
    238. 

  238.                 "303132333435363738393a3b3c3d3e3f" +
    239. 

  239.                 "404142434445464748494a4b4c4d4e4f",
    240. 

  240.                 "606162636465666768696a6b6c6d6e6f" +
    241. 

  241.                 "707172737475767778797a7b7c7d7e7f" +
    242. 

  242.                 "808182838485868788898a8b8c8d8e8f" +
    243. 

  243.                 "909192939495969798999a9b9c9d9e9f" +
    244. 

  244.                 "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
    245. 

  245.                 "b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" +
    246. 

  246.                 "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf" +
    247. 

  247.                 "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf" +
    248. 

  248.                 "e0e1e2e3e4e5e6e7e8e9eaebecedeeef" +
    249. 

  249.                 "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
    250. 

  250.                 82,
    251. 

  251.                 "b11e398dc80327a1c8e7f78c596a4934" +
    252. 

  252.                 "4f012eda2d4efad8a050cc4c19afa97c" +
    253. 

  253.                 "59045a99cac7827271cb41c65e590e09" +
    254. 

  254.                 "da3275600c2f09b8367793a9aca3db71" +
    255. 

  255.                 "cc30c58179ec3e87c14c01d5c1f3434f" +
    256. 

  256.                 "1d87"
    257. 

  257.             ),
    258. 

  258.             (
    259. 

  259.                 SHA256,
    260. 

  260.                 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
    261. 

  261.                 None,
    262. 

  262.                 None,
    263. 

  263.                 42,
    264. 

  264.                 "8da4e775a563c18f715f802a063c5a31" +
    265. 

  265.                 "b8a11f5c5ee1879ec3454e5f3c738d2d" +
    266. 

  266.                 "9d201395faa4b61a96c8"
    267. 

  267.             ),
    268. 

  268.             (
    269. 

  269.                 SHA1,
    270. 

  270.                 "0b0b0b0b0b0b0b0b0b0b0b",
    271. 

  271.                 "000102030405060708090a0b0c",
    272. 

  272.                 "f0f1f2f3f4f5f6f7f8f9",
    273. 

  273.                 42,
    274. 

  274.                 "085a01ea1b10f36933068b56efa5ad81" +
    275. 

  275.                 "a4f14b822f5b091568a9cdd4f155fda2" +
    276. 

  276.                 "c22e422478d305f3f896"
    277. 

  277.             ),
    278. 

  278.             (
    279. 

  279.                 SHA1,
    280. 

  280.                 "000102030405060708090a0b0c0d0e0f" +
    281. 

  281.                 "101112131415161718191a1b1c1d1e1f" +
    282. 

  282.                 "202122232425262728292a2b2c2d2e2f" +
    283. 

  283.                 "303132333435363738393a3b3c3d3e3f" +
    284. 

  284.                 "404142434445464748494a4b4c4d4e4f",
    285. 

  285.                 "606162636465666768696a6b6c6d6e6f" +
    286. 

  286.                 "707172737475767778797a7b7c7d7e7f" +
    287. 

  287.                 "808182838485868788898a8b8c8d8e8f" +
    288. 

  288.                 "909192939495969798999a9b9c9d9e9f" +
    289. 

  289.                 "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
    290. 

  290.                 "b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" +
    291. 

  291.                 "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf" +
    292. 

  292.                 "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf" +
    293. 

  293.                 "e0e1e2e3e4e5e6e7e8e9eaebecedeeef" +
    294. 

  294.                 "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
    295. 

  295.                 82,
    296. 

  296.                 "0bd770a74d1160f7c9f12cd5912a06eb" +
    297. 

  297.                 "ff6adcae899d92191fe4305673ba2ffe" +
    298. 

  298.                 "8fa3f1a4e5ad79f3f334b3b202b2173c" +
    299. 

  299.                 "486ea37ce3d397ed034c7f9dfeb15c5e" +
    300. 

  300.                 "927336d0441f4c4300e2cff0d0900b52" +
    301. 

  301.                 "d3b4"
    302. 

  302.             ),
    303. 

  303.             (
    304. 

  304.                 SHA1,
    305. 

  305.                 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
    306. 

  306.                 "",
    307. 

  307.                 "",
    308. 

  308.                 42,
    309. 

  309.                 "0ac1af7002b3d761d1e55298da9d0506" +
    310. 

  310.                 "b9ae52057220a306e07b6b87e8df21d0" +
    311. 

  311.                 "ea00033de03984d34918"
    312. 

  312.             ),
    313. 

  313.             (
    314. 

  314.                 SHA1,
    315. 

  315.                 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
    316. 

  316.                 None,
    317. 

  317.                 "",
    318. 

  318.                 42,
    319. 

  319.                 "2c91117204d745f3500d636a62f64f0a" +
    320. 

  320.                 "b3bae548aa53d423b0d1f27ebba6f5e5" +
    321. 

  321.                 "673a081d70cce7acfc48"
    322. 

  322.             )
    323. 

  323.         )
    324. 

  324. 

  325.     def test1(self):
    326. 

  326.         for tv in self._test_vector:
    327. 

  327.             secret, salt, info, exp = [ t2b(tv[x]) for x in (1,2,3,5) ]
    328. 

  328.             key_len, hashmod = [ tv[x] for x in (4,0) ]
    329. 

  329. 

  330.             output = HKDF(secret, key_len, salt, hashmod, 1, info)
    331. 

  331.             self.assertEqual(output, exp)
    332. 

  332. 

  333.     def test2(self):
    334. 

  334.         ref = HKDF(b("XXXXXX"), 12, b("YYYY"), SHA1)
    335. 

  335. 

  336.         # Same output, but this time split over 2 keys
    337. 

  337.         key1, key2 = HKDF(b("XXXXXX"), 6, b("YYYY"), SHA1, 2)
    338. 

  338.         self.assertEqual((ref[:6], ref[6:]), (key1, key2))
    339. 

  339. 

  340.         # Same output, but this time split over 3 keys
    341. 

  341.         key1, key2, key3 = HKDF(b("XXXXXX"), 4, b("YYYY"), SHA1, 3)
    342. 

  342.         self.assertEqual((ref[:4], ref[4:8], ref[8:]), (key1, key2, key3))
    343. 

  343. 

  344. 

  345. class scrypt_Tests(unittest.TestCase):
    346. 

  346. 

  347.     # Test vectors taken from
    348. 

  348.     # https://tools.ietf.org/html/rfc7914
    349. 

  349.     # - password
    350. 

  350.     # - salt
    351. 

  351.     # - N
    352. 

  352.     # - r
    353. 

  353.     # - p
    354. 

  354.     data = (
    355. 

  355.                 (
    356. 

  356.                     "",
    357. 

  357.                     "",
    358. 

  358.                     16,     # 2K
    359. 

  359.                     1,
    360. 

  360.                     1,
    361. 

  361.                     """
    362. 

  362.                     77 d6 57 62 38 65 7b 20 3b 19 ca 42 c1 8a 04 97
    363. 

  363.                     f1 6b 48 44 e3 07 4a e8 df df fa 3f ed e2 14 42
    364. 

  364.                     fc d0 06 9d ed 09 48 f8 32 6a 75 3a 0f c8 1f 17
    365. 

  365.                     e8 d3 e0 fb 2e 0d 36 28 cf 35 e2 0c 38 d1 89 06
    366. 

  366.                     """
    367. 

  367.                 ),
    368. 

  368.                 (
    369. 

  369.                     "password",
    370. 

  370.                     "NaCl",
    371. 

  371.                     1024,   # 1M
    372. 

  372.                     8,
    373. 

  373.                     16,
    374. 

  374.                     """
    375. 

  375.                     fd ba be 1c 9d 34 72 00 78 56 e7 19 0d 01 e9 fe
    376. 

  376.                     7c 6a d7 cb c8 23 78 30 e7 73 76 63 4b 37 31 62
    377. 

  377.                     2e af 30 d9 2e 22 a3 88 6f f1 09 27 9d 98 30 da
    378. 

  378.                     c7 27 af b9 4a 83 ee 6d 83 60 cb df a2 cc 06 40
    379. 

  379.                     """
    380. 

  380.                 ),
    381. 

  381.                 (
    382. 

  382.                     "pleaseletmein",
    383. 

  383.                     "SodiumChloride",
    384. 

  384.                     16384,  # 16M
    385. 

  385.                     8,
    386. 

  386.                     1,
    387. 

  387.                     """
    388. 

  388.                     70 23 bd cb 3a fd 73 48 46 1c 06 cd 81 fd 38 eb
    389. 

  389.                     fd a8 fb ba 90 4f 8e 3e a9 b5 43 f6 54 5d a1 f2
    390. 

  390.                     d5 43 29 55 61 3f 0f cf 62 d4 97 05 24 2a 9a f9
    391. 

  391.                     e6 1e 85 dc 0d 65 1e 40 df cf 01 7b 45 57 58 87
    392. 

  392.                     """
    393. 

  393.                 ),
    394. 

  394.                 (
    395. 

  395.                     "pleaseletmein",
    396. 

  396.                     "SodiumChloride",
    397. 

  397.                     1048576, # 1G
    398. 

  398.                     8,
    399. 

  399.                     1,
    400. 

  400.                     """
    401. 

  401.                     21 01 cb 9b 6a 51 1a ae ad db be 09 cf 70 f8 81
    402. 

  402.                     ec 56 8d 57 4a 2f fd 4d ab e5 ee 98 20 ad aa 47
    403. 

  403.                     8e 56 fd 8f 4b a5 d0 9f fa 1c 6d 92 7c 40 f4 c3
    404. 

  404.                     37 30 40 49 e8 a9 52 fb cb f4 5c 6f a7 7a 41 a4
    405. 

  405.                     """
    406. 

  406.                 ),
    407. 

  407.             )
    408. 

  408. 

  409.     def setUp(self):
    410. 

  410.         new_test_vectors = []
    411. 

  411.         for tv in self.data:
    412. 

  412.             new_tv = TestVector()
    413. 

  413.             new_tv.P = b(tv[0])
    414. 

  414.             new_tv.S = b(tv[1])
    415. 

  415.             new_tv.N = tv[2]
    416. 

  416.             new_tv.r = tv[3]
    417. 

  417.             new_tv.p = tv[4]
    418. 

  418.             new_tv.output = t2b(tv[5])
    419. 

  419.             new_tv.dkLen = len(new_tv.output)
    420. 

  420.             new_test_vectors.append(new_tv)
    421. 

  421.         self.data = new_test_vectors
    422. 

  422. 

  423.     def test2(self):
    424. 

  424. 

  425.         for tv in self.data:
    426. 

  426.             try:
    427. 

  427.                 output = scrypt(tv.P, tv.S, tv.dkLen, tv.N, tv.r, tv.p)
    428. 

  428.             except ValueError as e:
    429. 

  429.                 if " 2 " in str(e) and tv.N >= 1048576:
    430. 

  430.                     import warnings
    431. 

  431.                     warnings.warn("Not enough memory to unit test scrypt() with N=1048576", RuntimeWarning)
    432. 

  432.                     continue
    433. 

  433.                 else:
    434. 

  434.                     raise e
    435. 

  435.             self.assertEqual(output, tv.output)
    436. 

  436. 

  437.     def test3(self):
    438. 

  438.         ref = scrypt(b("password"), b("salt"), 12, 16, 1, 1)
    439. 

  439. 

  440.         # Same output, but this time split over 2 keys
    441. 

  441.         key1, key2 = scrypt(b("password"), b("salt"), 6, 16, 1, 1, 2)
    442. 

  442.         self.assertEqual((ref[:6], ref[6:]), (key1, key2))
    443. 

  443. 

  444.         # Same output, but this time split over 3 keys
    445. 

  445.         key1, key2, key3 = scrypt(b("password"), b("salt"), 4, 16, 1, 1, 3)
    446. 

  446.         self.assertEqual((ref[:4], ref[4:8], ref[8:]), (key1, key2, key3))
    447. 

  447. 

  448. 

  449. class bcrypt_Tests(unittest.TestCase):
    450. 

  450. 

  451.     def test_negative_cases(self):
    452. 

  452.         self.assertRaises(ValueError, bcrypt, b"1" * 73, 10)
    453. 

  453.         self.assertRaises(ValueError, bcrypt, b"1" * 10, 3)
    454. 

  454.         self.assertRaises(ValueError, bcrypt, b"1" * 10, 32)
    455. 

  455.         self.assertRaises(ValueError, bcrypt, b"1" * 10, 4, salt=b"")
    456. 

  456.         self.assertRaises(ValueError, bcrypt, b"1" * 10, 4, salt=b"1")
    457. 

  457.         self.assertRaises(ValueError, bcrypt, b"1" * 10, 4, salt=b"1" * 17)
    458. 

  458.         self.assertRaises(ValueError, bcrypt, b"1\x00" * 10, 4)
    459. 

  459. 

  460.     def test_bytearray_mismatch(self):
    461. 

  461.         ref = bcrypt("pwd", 4)
    462. 

  462.         bcrypt_check("pwd", ref)
    463. 

  463.         bref = bytearray(ref)
    464. 

  464.         bcrypt_check("pwd", bref)
    465. 

  465. 

  466.         wrong = ref[:-1] + bchr(bref[-1] ^ 0x01)
    467. 

  467.         self.assertRaises(ValueError, bcrypt_check, "pwd", wrong)
    468. 

  468. 

  469.         wrong = b"x" + ref[1:]
    470. 

  470.         self.assertRaises(ValueError, bcrypt_check, "pwd", wrong)
    471. 

  471. 

  472.     # https://github.com/patrickfav/bcrypt/wiki/Published-Test-Vectors
    473. 

  473. 

  474.     def test_empty_password(self):
    475. 

  475.         # password, cost, salt, bcrypt hash
    476. 

  476.         tvs = [
    477. 

  477.             (b"", 4, b"zVHmKQtGGQob.b/Nc7l9NO", b"$2a$04$zVHmKQtGGQob.b/Nc7l9NO8UlrYcW05FiuCj/SxsFO/ZtiN9.mNzy"),
    478. 

  478.             (b"", 5, b"zVHmKQtGGQob.b/Nc7l9NO", b"$2a$05$zVHmKQtGGQob.b/Nc7l9NOWES.1hkVBgy5IWImh9DOjKNU8atY4Iy"),
    479. 

  479.             (b"", 6, b"zVHmKQtGGQob.b/Nc7l9NO", b"$2a$06$zVHmKQtGGQob.b/Nc7l9NOjOl7l4oz3WSh5fJ6414Uw8IXRAUoiaO"),
    480. 

  480.             (b"", 7, b"zVHmKQtGGQob.b/Nc7l9NO", b"$2a$07$zVHmKQtGGQob.b/Nc7l9NOBsj1dQpBA1HYNGpIETIByoNX9jc.hOi"),
    481. 

  481.             (b"", 8, b"zVHmKQtGGQob.b/Nc7l9NO", b"$2a$08$zVHmKQtGGQob.b/Nc7l9NOiLTUh/9MDpX86/DLyEzyiFjqjBFePgO"),
    482. 

  482.         ]
    483. 

  483. 

  484.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    485. 

  485.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    486. 

  486.             self.assertEqual(x, result)
    487. 

  487.             bcrypt_check(password, result)
    488. 

  488. 

  489.     def test_random_password_and_salt_short_pw(self):
    490. 

  490.         # password, cost, salt, bcrypt hash
    491. 

  491.         tvs = [
    492. 

  492.             (b"<.S.2K(Zq'", 4, b"VYAclAMpaXY/oqAo9yUpku", b"$2a$04$VYAclAMpaXY/oqAo9yUpkuWmoYywaPzyhu56HxXpVltnBIfmO9tgu"),
    493. 

  493.             (b"5.rApO%5jA", 5, b"kVNDrnYKvbNr5AIcxNzeIu", b"$2a$05$kVNDrnYKvbNr5AIcxNzeIuRcyIF5cZk6UrwHGxENbxP5dVv.WQM/G"),
    494. 

  494.             (b"oW++kSrQW^", 6, b"QLKkRMH9Am6irtPeSKN5sO", b"$2a$06$QLKkRMH9Am6irtPeSKN5sObJGr3j47cO6Pdf5JZ0AsJXuze0IbsNm"),
    495. 

  495.             (b"ggJ\\KbTnDG", 7, b"4H896R09bzjhapgCPS/LYu", b"$2a$07$4H896R09bzjhapgCPS/LYuMzAQluVgR5iu/ALF8L8Aln6lzzYXwbq"),
    496. 

  496.             (b"49b0:;VkH/", 8, b"hfvO2retKrSrx5f2RXikWe", b"$2a$08$hfvO2retKrSrx5f2RXikWeFWdtSesPlbj08t/uXxCeZoHRWDz/xFe"),
    497. 

  497.             (b">9N^5jc##'", 9, b"XZLvl7rMB3EvM0c1.JHivu", b"$2a$09$XZLvl7rMB3EvM0c1.JHivuIDPJWeNJPTVrpjZIEVRYYB/mF6cYgJK"),
    498. 

  498.             (b"\\$ch)s4WXp", 10, b"aIjpMOLK5qiS9zjhcHR5TO", b"$2a$10$aIjpMOLK5qiS9zjhcHR5TOU7v2NFDmcsBmSFDt5EHOgp/jeTF3O/q"),
    499. 

  499.             (b"RYoj\\_>2P7", 12, b"esIAHiQAJNNBrsr5V13l7.", b"$2a$12$esIAHiQAJNNBrsr5V13l7.RFWWJI2BZFtQlkFyiWXjou05GyuREZa"),
    500. 

  500.         ]
    501. 

  501. 

  502.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    503. 

  503.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    504. 

  504.             self.assertEqual(x, result)
    505. 

  505.             bcrypt_check(password, result)
    506. 

  506. 

  507.     def test_random_password_and_salt_long_pw(self):
    508. 

  508.         # password, cost, salt, bcrypt hash
    509. 

  509.         tvs = [
    510. 

  510.             (b"^Q&\"]A`%/A(BVGt>QaX0M-#<Q148&f", 4, b"vrRP5vQxyD4LrqiLd/oWRO", b"$2a$04$vrRP5vQxyD4LrqiLd/oWROgrrGINsw3gb4Ga5x2sn01jNmiLVECl6"),
    511. 

  511.             (b"nZa!rRf\\U;OL;R?>1ghq_+\":Y0CRmY", 5, b"YuQvhokOGVnevctykUYpKu", b"$2a$05$YuQvhokOGVnevctykUYpKutZD2pWeGGYn3auyLOasguMY3/0BbIyq"),
    512. 

  512.             (b"F%uN/j>[GuB7-jB'_Yj!Tnb7Y!u^6)", 6, b"5L3vpQ0tG9O7k5gQ8nAHAe", b"$2a$06$5L3vpQ0tG9O7k5gQ8nAHAe9xxQiOcOLh8LGcI0PLWhIznsDt.S.C6"),
    513. 

  513.             (b"Z>BobP32ub\"Cfe*Q<<WUq3rc=[GJr-", 7, b"hp8IdLueqE6qFh1zYycUZ.", b"$2a$07$hp8IdLueqE6qFh1zYycUZ.twmUH8eSTPQAEpdNXKMlwms9XfKqfea"),
    514. 

  514.             (b"Ik&8N['7*[1aCc1lOm8\\jWeD*H$eZM", 8, b"2ANDTYCB9m7vf0Prh7rSru", b"$2a$08$2ANDTYCB9m7vf0Prh7rSrupqpO3jJOkIz2oW/QHB4lCmK7qMytGV6"),
    515. 

  515.             (b"O)=%3[E$*q+>-q-=tRSjOBh8\\mLNW.", 9, b"nArqOfdCsD9kIbVnAixnwe", b"$2a$09$nArqOfdCsD9kIbVnAixnwe6s8QvyPYWtQBpEXKir2OJF9/oNBsEFe"),
    516. 

  516.             (b"/MH51`!BP&0tj3%YCA;Xk%e3S`o\\EI", 10, b"ePiAc.s.yoBi3B6p1iQUCe", b"$2a$10$ePiAc.s.yoBi3B6p1iQUCezn3mraLwpVJ5XGelVyYFKyp5FZn/y.u"),
    517. 

  517.             (b"ptAP\"mcg6oH.\";c0U2_oll.OKi<!ku", 12, b"aroG/pwwPj1tU5fl9a9pkO", b"$2a$12$aroG/pwwPj1tU5fl9a9pkO4rydAmkXRj/LqfHZOSnR6LGAZ.z.jwa"),
    518. 

  518.         ]
    519. 

  519. 

  520.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    521. 

  521.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    522. 

  522.             self.assertEqual(x, result)
    523. 

  523.             bcrypt_check(password, result)
    524. 

  524. 

  525.     def test_same_password_and_random_salt(self):
    526. 

  526.         # password, cost, salt, bcrypt hash
    527. 

  527.         tvs = [
    528. 

  528.             (b"Q/A:k3DP;X@=<0\"hg&9c", 4, b"wbgDTvLMtyjQlNK7fjqwyO", b"$2a$04$wbgDTvLMtyjQlNK7fjqwyOakBoACQuYh11.VsKNarF4xUIOBWgD6S"),
    529. 

  529.             (b"Q/A:k3DP;X@=<0\"hg&9c", 5, b"zbAaOmloOhxiKItjznRqru", b"$2a$05$zbAaOmloOhxiKItjznRqrunRqHlu3MAa7pMGv26Rr3WwyfGcwoRm6"),
    530. 

  530.             (b"Q/A:k3DP;X@=<0\"hg&9c", 6, b"aOK0bWUvLI0qLkc3ti5jyu", b"$2a$06$aOK0bWUvLI0qLkc3ti5jyuAIQoqRzuqoK09kQqQ6Ou/YKDhW50/qa"),
    531. 

  531.         ]
    532. 

  532. 

  533.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    534. 

  534.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    535. 

  535.             self.assertEqual(x, result)
    536. 

  536.             bcrypt_check(password, result)
    537. 

  537. 

  538.     def test_same_password_and_salt_increasing_cost_factor(self):
    539. 

  539.         # password, cost, salt, bcrypt hash
    540. 

  540.         tvs = [
    541. 

  541.             (b"o<&+X'F4AQ8H,LU,N`&r", 4, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$04$BK5u.QHk1Driey7bvnFTH.3smGwxd91PtoK2GxH5nZ7pcBsYX4lMq"),
    542. 

  542.             (b"o<&+X'F4AQ8H,LU,N`&r", 5, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$05$BK5u.QHk1Driey7bvnFTH.t5P.jZvFBMzDB1IY4PwkkRPOyVbEtFG"),
    543. 

  543.             (b"o<&+X'F4AQ8H,LU,N`&r", 6, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$06$BK5u.QHk1Driey7bvnFTH.6Ea1Z5db2p25CPXZbxb/3OyKQagg3pa"),
    544. 

  544.             (b"o<&+X'F4AQ8H,LU,N`&r", 7, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$07$BK5u.QHk1Driey7bvnFTH.sruuQi8Lhv/0LWKDvNp3AGFk7ltdkm6"),
    545. 

  545.             (b"o<&+X'F4AQ8H,LU,N`&r", 8, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$08$BK5u.QHk1Driey7bvnFTH.IE7KsaUzc4m7gzAMlyUPUeiYyACWe0q"),
    546. 

  546.             (b"o<&+X'F4AQ8H,LU,N`&r", 9, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$09$BK5u.QHk1Driey7bvnFTH.1v4Xj1dwkp44QNg0cVAoQt4FQMMrvnS"),
    547. 

  547.             (b"o<&+X'F4AQ8H,LU,N`&r", 10, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$10$BK5u.QHk1Driey7bvnFTH.ESINe9YntUMcVgFDfkC.Vbhc9vMhNX2"),
    548. 

  548.             (b"o<&+X'F4AQ8H,LU,N`&r", 12, b"BK5u.QHk1Driey7bvnFTH.", b"$2a$12$BK5u.QHk1Driey7bvnFTH.QM1/nnGe/f5cTzb6XTTi/vMzcAnycqG"),
    549. 

  549.         ]
    550. 

  550. 

  551.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    552. 

  552.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    553. 

  553.             self.assertEqual(x, result)
    554. 

  554.             bcrypt_check(password, result)
    555. 

  555. 

  556.     def test_long_passwords(self):
    557. 

  557.         # password, cost, salt, bcrypt hash
    558. 

  558.         tvs = [
    559. 

  559.             (b"g*3Q45=\"8NNgpT&mbMJ$Omfr.#ZeW?FP=CE$#roHd?97uL0F-]`?u73c\"\\[.\"*)qU34@VG",
    560. 

  560.              4, b"T2XJ5MOWvHQZRijl8LIKkO", b"$2a$04$T2XJ5MOWvHQZRijl8LIKkOQKIyX75KBfuLsuRYOJz5OjwBNF2lM8a"),
    561. 

  561.             (b"\\M+*8;&QE=Ll[>5?Ui\"^ai#iQH7ZFtNMfs3AROnIncE9\"BNNoEgO[[*Yk8;RQ(#S,;I+aT",
    562. 

  562.              5, b"wgkOlGNXIVE2fWkT3gyRoO", b"$2a$05$wgkOlGNXIVE2fWkT3gyRoOqWi4gbi1Wv2Q2Jx3xVs3apl1w.Wtj8C"),
    563. 

  563.             (b"M.E1=dt<.L0Q&p;94NfGm_Oo23+Kpl@M5?WIAL.[@/:'S)W96G8N^AWb7_smmC]>7#fGoB",
    564. 

  564.              6, b"W9zTCl35nEvUukhhFzkKMe", b"$2a$06$W9zTCl35nEvUukhhFzkKMekjT9/pj7M0lihRVEZrX3m8/SBNZRX7i"),
    565. 

  565.         ]
    566. 

  566. 

  567.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    568. 

  568.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    569. 

  569.             self.assertEqual(x, result)
    570. 

  570.             bcrypt_check(password, result)
    571. 

  571. 

  572.     def test_increasing_password_length(self):
    573. 

  573.         # password, cost, salt, bcrypt hash
    574. 

  574.         tvs = [
    575. 

  575.             (b"a", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.l4WvgHIVg17ZawDIrDM2IjlE64GDNQS"),
    576. 

  576.             (b"aa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.AyUxBk.ThHlsLvRTH7IqcG7yVHJ3SXq"),
    577. 

  577.             (b"aaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.BxOVac5xPB6XFdRc/ZrzM9FgZkqmvbW"),
    578. 

  578.             (b"aaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.Qbr209bpCtfl5hN7UQlG/L4xiD3AKau"),
    579. 

  579.             (b"aaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.oWszihPjDZI0ypReKsaDOW1jBl7oOii"),
    580. 

  580.             (b"aaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ./k.Xxn9YiqtV/sxh3EHbnOHd0Qsq27K"),
    581. 

  581.             (b"aaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.PYJqRFQbgRbIjMd5VNKmdKS4sBVOyDe"),
    582. 

  582.             (b"aaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ..VMYfzaw1wP/SGxowpLeGf13fxCCt.q"),
    583. 

  583.             (b"aaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.5B0p054nO5WgAD1n04XslDY/bqY9RJi"),
    584. 

  584.             (b"aaaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.INBTgqm7sdlBJDg.J5mLMSRK25ri04y"),
    585. 

  585.             (b"aaaaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.s3y7CdFD0OR5p6rsZw/eZ.Dla40KLfm"),
    586. 

  586.             (b"aaaaaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.Jx742Djra6Q7PqJWnTAS.85c28g.Siq"),
    587. 

  587.             (b"aaaaaaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.oKMXW3EZcPHcUV0ib5vDBnh9HojXnLu"),
    588. 

  588.             (b"aaaaaaaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.w6nIjWpDPNSH5pZUvLjC1q25ONEQpeS"),
    589. 

  589.             (b"aaaaaaaaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.k1b2/r9A/hxdwKEKurg6OCn4MwMdiGq"),
    590. 

  590.             (b"aaaaaaaaaaaaaaaa", 4, b"5DCebwootqWMCp59ISrMJ.", b"$2a$04$5DCebwootqWMCp59ISrMJ.3prCNHVX1Ws.7Hm2bJxFUnQOX9f7DFa"),
    591. 

  591.         ]
    592. 

  592. 

  593.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    594. 

  594.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    595. 

  595.             self.assertEqual(x, result)
    596. 

  596.             bcrypt_check(password, result)
    597. 

  597. 

  598.     def test_non_ascii_characters(self):
    599. 

  599.         # password, cost, salt, bcrypt hash
    600. 

  600.         tvs = [
    601. 

  601.             ("àèìòùÀÈÌÒÙáéíóúýÁÉÍÓÚÝðÐ", 4, b"D3qS2aoTVyqM7z8v8crLm.", b"$2a$04$D3qS2aoTVyqM7z8v8crLm.3nKt4CzBZJbyFB.ZebmfCvRw7BGs.Xm"),
    602. 

  602.             ("àèìòùÀÈÌÒÙáéíóúýÁÉÍÓÚÝðÐ", 5, b"VA1FujiOCMPkUHQ8kF7IaO", b"$2a$05$VA1FujiOCMPkUHQ8kF7IaOg7NGaNvpxwWzSluQutxEVmbZItRTsAa"),
    603. 

  603.             ("àèìòùÀÈÌÒÙáéíóúýÁÉÍÓÚÝðÐ", 6, b"TXiaNrPeBSz5ugiQlehRt.", b"$2a$06$TXiaNrPeBSz5ugiQlehRt.gwpeDQnXWteQL4z2FulouBr6G7D9KUi"),
    604. 

  604.             ("âêîôûÂÊÎÔÛãñõÃÑÕäëïöüÿ", 4, b"YTn1Qlvps8e1odqMn6G5x.", b"$2a$04$YTn1Qlvps8e1odqMn6G5x.85pqKql6w773EZJAExk7/BatYAI4tyO"),
    605. 

  605.             ("âêîôûÂÊÎÔÛãñõÃÑÕäëïöüÿ", 5, b"C.8k5vJKD2NtfrRI9o17DO", b"$2a$05$C.8k5vJKD2NtfrRI9o17DOfIW0XnwItA529vJnh2jzYTb1QdoY0py"),
    606. 

  606.             ("âêîôûÂÊÎÔÛãñõÃÑÕäëïöüÿ", 6, b"xqfRPj3RYAgwurrhcA6uRO", b"$2a$06$xqfRPj3RYAgwurrhcA6uROtGlXDp/U6/gkoDYHwlubtcVcNft5.vW"),
    607. 

  607.             ("ÄËÏÖÜŸåÅæÆœŒßçÇøØ¢¿¡€", 4, b"y8vGgMmr9EdyxP9rmMKjH.", b"$2a$04$y8vGgMmr9EdyxP9rmMKjH.wv2y3r7yRD79gykQtmb3N3zrwjKsyay"),
    608. 

  608.             ("ÄËÏÖÜŸåÅæÆœŒßçÇøØ¢¿¡€", 5, b"iYH4XIKAOOm/xPQs7xKP1u", b"$2a$05$iYH4XIKAOOm/xPQs7xKP1upD0cWyMn3Jf0ZWiizXbEkVpS41K1dcO"),
    609. 

  609.             ("ÄËÏÖÜŸåÅæÆœŒßçÇøØ¢¿¡€", 6, b"wCOob.D0VV8twafNDB2ape", b"$2a$06$wCOob.D0VV8twafNDB2apegiGD5nqF6Y1e6K95q6Y.R8C4QGd265q"),
    610. 

  610.             ("ΔημοσιεύθηκεστηνΕφημερίδατης", 4, b"E5SQtS6P4568MDXW7cyUp.", b"$2a$04$E5SQtS6P4568MDXW7cyUp.18wfDisKZBxifnPZjAI1d/KTYMfHPYO"),
    611. 

  611.             ("АБбВвГгДдЕеЁёЖжЗзИиЙйКкЛлМмН", 4, b"03e26gQFHhQwRNf81/ww9.", b"$2a$04$03e26gQFHhQwRNf81/ww9.p1UbrNwxpzWjLuT.zpTLH4t/w5WhAhC"),
    612. 

  612.             ("нОоПпРрСсТтУуФфХхЦцЧчШшЩщЪъЫыЬьЭэЮю", 4, b"PHNoJwpXCfe32nUtLv2Upu", b"$2a$04$PHNoJwpXCfe32nUtLv2UpuhJXOzd4k7IdFwnEpYwfJVCZ/f/.8Pje"),
    613. 

  613.             ("電电電島岛島兔兔兎龜龟亀國国国區区区", 4, b"wU4/0i1TmNl2u.1jIwBX.u", b"$2a$04$wU4/0i1TmNl2u.1jIwBX.uZUaOL3Rc5ID7nlQRloQh6q5wwhV/zLW"),
    614. 

  614.             ("诶比伊艾弗豆贝尔维吾艾尺开艾丝维贼德", 4, b"P4kreGLhCd26d4WIy7DJXu", b"$2a$04$P4kreGLhCd26d4WIy7DJXusPkhxLvBouzV6OXkL5EB0jux0osjsry"),
    615. 

  615.         ]
    616. 

  616. 

  617.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    618. 

  618.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    619. 

  619.             self.assertEqual(x, result)
    620. 

  620.             bcrypt_check(password, result)
    621. 

  621. 

  622.     def test_special_case_salt(self):
    623. 

  623.         # password, cost, salt, bcrypt hash
    624. 

  624.         tvs = [
    625. 

  625.             ("-O_=*N!2JP", 4, b"......................", b"$2a$04$......................JjuKLOX9OOwo5PceZZXSkaLDvdmgb82"),
    626. 

  626.             ("7B[$Q<4b>U", 5, b"......................", b"$2a$05$......................DRiedDQZRL3xq5A5FL8y7/6NM8a2Y5W"),
    627. 

  627.             (">d5-I_8^.h", 6, b"......................", b"$2a$06$......................5Mq1Ng8jgDY.uHNU4h5p/x6BedzNH2W"),
    628. 

  628.             (")V`/UM/]1t", 4, b".OC/.OC/.OC/.OC/.OC/.O", b"$2a$04$.OC/.OC/.OC/.OC/.OC/.OQIvKRDAam.Hm5/IaV/.hc7P8gwwIbmi"),
    629. 

  629.             (":@t2.bWuH]", 5, b".OC/.OC/.OC/.OC/.OC/.O", b"$2a$05$.OC/.OC/.OC/.OC/.OC/.ONDbUvdOchUiKmQORX6BlkPofa/QxW9e"),
    630. 

  630.             ("b(#KljF5s\"", 6, b".OC/.OC/.OC/.OC/.OC/.O", b"$2a$06$.OC/.OC/.OC/.OC/.OC/.OHfTd9e7svOu34vi1PCvOcAEq07ST7.K"),
    631. 

  631.             ("@3YaJ^Xs]*", 4, b"eGA.eGA.eGA.eGA.eGA.e.", b"$2a$04$eGA.eGA.eGA.eGA.eGA.e.stcmvh.R70m.0jbfSFVxlONdj1iws0C"),
    632. 

  632.             ("'\"5\\!k*C(p", 5, b"eGA.eGA.eGA.eGA.eGA.e.", b"$2a$05$eGA.eGA.eGA.eGA.eGA.e.vR37mVSbfdHwu.F0sNMvgn8oruQRghy"),
    633. 

  633.             ("edEu7C?$'W", 6, b"eGA.eGA.eGA.eGA.eGA.e.", b"$2a$06$eGA.eGA.eGA.eGA.eGA.e.tSq0FN8MWHQXJXNFnHTPQKtA.n2a..G"),
    634. 

  634.             ("N7dHmg\\PI^", 4, b"999999999999999999999u", b"$2a$04$999999999999999999999uCZfA/pLrlyngNDMq89r1uUk.bQ9icOu"),
    635. 

  635.             ("\"eJuHh!)7*", 5, b"999999999999999999999u", b"$2a$05$999999999999999999999uj8Pfx.ufrJFAoWFLjapYBS5vVEQQ/hK"),
    636. 

  636.             ("ZeDRJ:_tu:", 6, b"999999999999999999999u", b"$2a$06$999999999999999999999u6RB0P9UmbdbQgjoQFEJsrvrKe.BoU6q"),
    637. 

  637.         ]
    638. 

  638. 

  639.         for (idx, (password, cost, salt64, result)) in enumerate(tvs):
    640. 

  640.             x = bcrypt(password, cost, salt=_bcrypt_decode(salt64))
    641. 

  641.             self.assertEqual(x, result)
    642. 

  642.             bcrypt_check(password, result)
    643. 

  643. 

  644. 

  645. class TestVectorsHKDFWycheproof(unittest.TestCase):
    646. 

  646. 

  647.     def __init__(self, wycheproof_warnings):
    648. 

  648.         unittest.TestCase.__init__(self)
    649. 

  649.         self._wycheproof_warnings = wycheproof_warnings
    650. 

  650.         self._id = "None"
    651. 

  651. 

  652.     def add_tests(self, filename):
    653. 

  653. 

  654.         def filter_algo(root):
    655. 

  655.             algo_name = root['algorithm']
    656. 

  656.             if algo_name == "HKDF-SHA-1":
    657. 

  657.                 return SHA1
    658. 

  658.             elif algo_name == "HKDF-SHA-256":
    659. 

  659.                 return SHA256
    660. 

  660.             elif algo_name == "HKDF-SHA-384":
    661. 

  661.                 return SHA384
    662. 

  662.             elif algo_name == "HKDF-SHA-512":
    663. 

  663.                 return SHA512
    664. 

  664.             else:
    665. 

  665.                 raise ValueError("Unknown algorithm " + algo_name)
    666. 

  666. 

  667.         def filter_size(unit):
    668. 

  668.             return int(unit['size'])
    669. 

  669. 

  670.         result = load_test_vectors_wycheproof(("Protocol", "wycheproof"),
    671. 

  671.                                               filename,
    672. 

  672.                                               "Wycheproof HMAC (%s)" % filename,
    673. 

  673.                                               root_tag={'hash_module': filter_algo},
    674. 

  674.                                               unit_tag={'size': filter_size})
    675. 

  675.         return result
    676. 

  676. 

  677.     def setUp(self):
    678. 

  678.         self.tv = []
    679. 

  679.         self.add_tests("hkdf_sha1_test.json")
    680. 

  680.         self.add_tests("hkdf_sha256_test.json")
    681. 

  681.         self.add_tests("hkdf_sha384_test.json")
    682. 

  682.         self.add_tests("hkdf_sha512_test.json")
    683. 

  683. 

  684.     def shortDescription(self):
    685. 

  685.         return self._id
    686. 

  686. 

  687.     def warn(self, tv):
    688. 

  688.         if tv.warning and self._wycheproof_warnings:
    689. 

  689.             import warnings
    690. 

  690.             warnings.warn("Wycheproof warning: %s (%s)" % (self._id, tv.comment))
    691. 

  691. 

  692.     def test_verify(self, tv):
    693. 

  693.         self._id = "Wycheproof HKDF Test #%d (%s, %s)" % (tv.id, tv.comment, tv.filename)
    694. 

  694. 

  695.         try:
    696. 

  696.             key = HKDF(tv.ikm, tv.size, tv.salt, tv.hash_module, 1, tv.info)
    697. 

  697.         except ValueError:
    698. 

  698.             assert not tv.valid
    699. 

  699.         else:
    700. 

  700.             if key != tv.okm:
    701. 

  701.                 assert not tv.valid
    702. 

  702.             else:
    703. 

  703.                 assert tv.valid
    704. 

  704.                 self.warn(tv)
    705. 

  705. 

  706.     def runTest(self):
    707. 

  707.         for tv in self.tv:
    708. 

  708.             self.test_verify(tv)
    709. 

  709. 

  710. 

  711. def get_tests(config={}):
    712. 

  712.     wycheproof_warnings = config.get('wycheproof_warnings')
    713. 

  713. 

  714.     if not config.get('slow_tests'):
    715. 

  715.         PBKDF2_Tests._testData = PBKDF2_Tests._testData[:3]
    716. 

  716.         scrypt_Tests.data = scrypt_Tests.data[:3]
    717. 

  717. 

  718.     tests = []
    719. 

  719.     tests += list_test_cases(PBKDF1_Tests)
    720. 

  720.     tests += list_test_cases(PBKDF2_Tests)
    721. 

  721.     tests += list_test_cases(S2V_Tests)
    722. 

  722.     tests += list_test_cases(HKDF_Tests)
    723. 

  723.     tests += [TestVectorsHKDFWycheproof(wycheproof_warnings)]
    724. 

  724.     tests += list_test_cases(scrypt_Tests)
    725. 

  725.     tests += list_test_cases(bcrypt_Tests)
    726. 

  726. 

  727.     return tests
    728. 

  728. 

  729. 

  730. if __name__ == '__main__':
    731. 

  731.     suite = lambda: unittest.TestSuite(get_tests())
    732. 

  732.     unittest.main(defaultTest='suite')
    733. 

  733.