CLI for generating password hashes and add unittest for pwhash

2023-06-06 00:00:36 -04:00 · 2023-06-06 00:00:36 -04:00 · aa6e102b07
commit aa6e102b07
parent 203c78b97b
2 changed files with 41 additions and 16 deletions
--- a/mail4one/pwhash.py
+++ b/mail4one/pwhash.py
@ -29,7 +29,7 @@ def gen_pwhash(password: str) -> str:
 class PWInfo:
-    def __init__(self, salt, sh):
+    def __init__(self, salt: bytes, sh: bytes):
        self.salt = salt
        self.scrypt_hash = sh
@ -52,3 +52,14 @@ def check_pass(password: str, pwinfo: PWInfo) -> bool:
                                        n=SCRYPT_N,
                                        r=SCRYPT_R,
                                        p=SCRYPT_P)
 if __name__ == '__main__':
    import sys
    if len(sys.argv) == 2:
        print(gen_pwhash(sys.argv[1]))
    elif len(sys.argv) == 3:
        ok = check_pass(sys.argv[1], parse_hash(sys.argv[2]))
        print("OK" if ok else "NOT OK")
    else:
        print("Usage: python3 -m mail4one.pwhash <password> [password_hash]", file=sys.stderr)
--- a/mail4one/pwhash_test.py
+++ b/mail4one/pwhash_test.py
@ -1,22 +1,36 @@
-from .pwhash import *
+from .pwhash import gen_pwhash, parse_hash, check_pass, SALT_LEN
 import unittest
-def check_pass_from_hash(password: str, pwhash: str) -> bool:
+
-    try:
+class TestPWHash(unittest.TestCase):
    def test_expected_usage(self):
        password = "Blah Blah ABCD"
        pwhash = gen_pwhash(password)
        pwinfo = parse_hash(pwhash)
-    except:
+        self.assertEqual(len(pwinfo.salt), SALT_LEN)
-        return False
+        self.assertEqual(len(pwinfo.scrypt_hash), 64)
-    return check_pass(password, pwinfo)
+        self.assertTrue(check_pass(password, pwinfo),
                        "check pass with correct password")
        self.assertFalse(check_pass("foobar", pwinfo),
                         "check pass with wrong password")
-test_hash = "AFWMBONQ2XGHWBTKVECDBBJWYEMS4DFIXIJML4VP76JQT5VWVLALE3KVKFEBAGWG3DOY53DK3H2EACWOBHJFYAIHDA3OFDQN2UAXI5TLBFOW4O2GWXNBGQ5QFMOJ5Z27HGYNO73DS5WPX2INNE47EGI6Z5UAAQAAAAEAAAIA"
+    def test_hardcoded_hash(self):
        test_hash = "".join((l.strip() for l in """
        AFWMBONQ2XGHWBTKVECDBBJWYEMS4DFIXIJML4VP76JQT5VWVLALE3KV
        KFEBAGWG3DOY53DK3H2EACWOBHJFYAIHDA3OFDQN2UAXI5TLBFOW4O2G
        WXNBGQ5QFMOJ5Z27HGYNO73DS5WPX2INNE47EGI6Z5UAAQAAAAEAAAIA
        """.splitlines()))
        pwinfo = parse_hash(test_hash)
        self.assertTrue(check_pass("helloworld", pwinfo),
                        "check pass with correct password")
        self.assertFalse(check_pass("foobar", pwinfo),
                         "check pass with wrong password")
-def main():
+    def test_invalid_hash(self):
-    print(gen_pwhash("helloworld"))
+        with self.assertRaises(Exception):
-    print("------------")
+            parse_hash("sdlfkjdsklfjdsk")
    print(check_pass_from_hash("hElloworld", test_hash))
    print(check_pass_from_hash("helloworld", "foobar"))
    print("------------")
    print(check_pass_from_hash("helloworld", test_hash))
 if __name__ == '__main__':
-    main()
+    unittest.main()