-
Notifications
You must be signed in to change notification settings - Fork 8
/
django32.rs
82 lines (77 loc) · 3.27 KB
/
django32.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
//! This is an almost line-by-line translation from the hashers' test from Django 3.2:
//! https://github.com/django/django/blob/master/tests/auth_tests/test_hashers.py
//! ...but only for the tests where the iterations differ from Django 1.9.
use djangohashers::*;
#[test]
#[cfg(feature = "with_pbkdf2")]
fn test_pbkdf2() {
let django = Django {
version: DjangoVersion::V3_2,
};
let encoded = django.make_password_with_settings("lètmein", "seasalt", Algorithm::PBKDF2);
assert_eq!(
encoded,
"pbkdf2_sha256$260000$seasalt$YlZ2Vggtqdc61YjArZuoApoBh9JNGYoDRBUGu6tcJQo="
);
assert!(is_password_usable(&encoded));
assert_eq!(check_password("lètmein", &encoded), Ok(true));
assert_eq!(check_password("lètmeinz", &encoded), Ok(false));
// Blank passwords
let blank_encoded = django.make_password_with_settings("", "seasalt", Algorithm::PBKDF2);
assert!(blank_encoded.starts_with("pbkdf2_sha256$"));
assert!(is_password_usable(&blank_encoded));
assert_eq!(check_password("", &blank_encoded), Ok(true));
assert_eq!(check_password(" ", &blank_encoded), Ok(false));
}
#[test]
#[cfg(feature = "with_pbkdf2")]
fn test_low_level_pbkdf2() {
let django = Django {
version: DjangoVersion::V3_2,
};
let encoded = django.make_password_with_settings("lètmein", "seasalt2", Algorithm::PBKDF2);
assert_eq!(
encoded,
"pbkdf2_sha256$260000$seasalt2$UCGMhrOoaq1ghQPArIBK5RkI6IZLRxlIwHWA1dMy7y8="
);
assert_eq!(check_password("lètmein", &encoded), Ok(true));
}
#[test]
#[cfg(feature = "with_pbkdf2")]
fn test_low_level_pbkdf2_sha1() {
let django = Django {
version: DjangoVersion::V3_2,
};
let encoded = django.make_password_with_settings("lètmein", "seasalt2", Algorithm::PBKDF2SHA1);
assert_eq!(
encoded,
"pbkdf2_sha1$260000$seasalt2$wAibXvW6jgvatCdONi6SMJ6q7mI="
);
assert_eq!(check_password("lètmein", &encoded), Ok(true));
}
#[test]
#[cfg(feature = "with_argon2")]
fn test_argon2() {
let django = Django {
version: DjangoVersion::V3_2,
};
let encoded = django.make_password_with_algorithm("lètmein", Algorithm::Argon2);
assert!(is_password_usable(&encoded));
assert!(encoded.starts_with("argon2$argon2id$"));
assert_eq!(check_password("lètmein", &encoded), Ok(true));
assert_eq!(check_password("lètmeinz", &encoded), Ok(false));
// Blank passwords
let blank_encoded = django.make_password_with_algorithm("", Algorithm::Argon2);
assert!(blank_encoded.starts_with("argon2$argon2id$"));
assert!(is_password_usable(&blank_encoded));
assert_eq!(check_password("", &blank_encoded), Ok(true));
assert_eq!(check_password(" ", &blank_encoded), Ok(false));
// Old hashes without version attribute
let encoded = "argon2$argon2i$m=8,t=1,p=1$c29tZXNhbHQ$gwQOXSNhxiOxPOA0+PY10P9QFO4NAYysnqRt1GSQLE55m+2GYDt9FEjPMHhP2Cuf0nOEXXMocVrsJAtNSsKyfg";
assert_eq!(check_password("secret", encoded), Ok(true));
assert_eq!(check_password("wrong", encoded), Ok(false));
// Old hashes with version attribute.
let encoded = "argon2$argon2i$v=19$m=8,t=1,p=1$c2FsdHNhbHQ$YC9+jJCrQhs5R6db7LlN8Q";
assert_eq!(check_password("secret", encoded), Ok(true));
assert_eq!(check_password("wrong", encoded), Ok(false));
}