def fuzz_verifier_pybcrypt(self):
# test against py-bcrypt, if available
from passlib.handlers.bcrypt import IDENT_2, IDENT_2A, IDENT_2X, IDENT_2Y
from passlib.utils import to_native_str
try:
import bcrypt
except ImportError:
return
if hasattr(bcrypt, "_ffi"):
return
def check_pybcrypt(secret, hash):
"pybcrypt"
secret = to_native_str(secret, self.fuzz_password_encoding)
if hash.startswith(IDENT_2Y):
hash = IDENT_2A + hash[4:]
try:
return bcrypt.hashpw(secret, hash) == hash
except ValueError:
raise ValueError("py-bcrypt rejected hash: %r" % (hash,))
return check_pybcrypt
评论列表
文章目录
