Commit | Line | Data |
---|---|---|
69026470 | 1 | #!./perl -w |
7b48dbf9 MS |
2 | |
3 | BEGIN { | |
4 | chdir 't' if -d 't'; | |
1ae3d757 | 5 | require "./test.pl"; |
624c42e2 N |
6 | set_up_inc( qw(. ../lib) ); |
7 | use Config; | |
8 | } | |
7b48dbf9 | 9 | |
624c42e2 N |
10 | if ( !$Config{d_crypt} ) { |
11 | skip_all("crypt unimplemented"); | |
7b48dbf9 | 12 | } |
624c42e2 N |
13 | else { |
14 | plan(tests => 6); | |
15 | } | |
16 | ||
7b48dbf9 | 17 | |
85c16d83 JH |
18 | # Can't assume too much about the string returned by crypt(), |
19 | # and about how many bytes of the encrypted (really, hashed) | |
20 | # string matter. | |
21 | # | |
22 | # HISTORICALLY the results started with the first two bytes of the salt, | |
23 | # followed by 11 bytes from the set [./0-9A-Za-z], and only the first | |
24 | # eight characters mattered, but those are probably no more safe | |
25 | # bets, given alternative encryption/hashing schemes like MD5, | |
26 | # C2 (or higher) security schemes, and non-UNIX platforms. | |
d3e5298a P |
27 | # |
28 | # On platforms implementing FIPS mode, using a weak algorithm (including | |
29 | # the default triple-DES algorithm) causes crypt(3) to return a null | |
30 | # pointer, which Perl converts into undef. We assume for now that all | |
31 | # such platforms support glibc-style selection of a different hashing | |
32 | # algorithm. | |
e7a4a717 | 33 | # glibc supports MD5, but OpenBSD only supports Blowfish. |
d3e5298a | 34 | my $alg = ''; # Use default algorithm |
e7a4a717 AD |
35 | if ( !defined(crypt("ab", $alg."cd")) ) { |
36 | $alg = '$5$'; # Try SHA-256 | |
37 | } | |
38 | if ( !defined(crypt("ab", $alg."cd")) ) { | |
39 | $alg = '$2b$12$FPWWO2RJ3CK4FINTw0Hi'; # Try Blowfish | |
40 | } | |
41 | if ( !defined(crypt("ab", $alg."cd")) ) { | |
42 | $alg = ''; # Nothing worked. Back to default | |
d3e5298a | 43 | } |
85c16d83 | 44 | |
dcd1d1bf | 45 | SKIP: { |
d3e5298a | 46 | skip ("VOS crypt ignores salt.", 1) if ($^O eq 'vos'); |
e7a4a717 AD |
47 | ok(substr(crypt("ab", $alg."cd"), length($alg)+2) ne |
48 | substr(crypt("ab", $alg."ce"), length($alg)+2), | |
d3e5298a | 49 | "salt makes a difference"); |
dcd1d1bf | 50 | } |
85c16d83 | 51 | |
f2791508 JH |
52 | $a = "a\xFF\x{100}"; |
53 | ||
d3e5298a | 54 | eval {$b = crypt($a, $alg."cd")}; |
f2791508 JH |
55 | like($@, qr/Wide character in crypt/, "wide characters ungood"); |
56 | ||
57 | chop $a; # throw away the wide character | |
58 | ||
d3e5298a | 59 | eval {$b = crypt($a, $alg."cd")}; |
f2791508 | 60 | is($@, '', "downgrade to eight bit characters"); |
d3e5298a | 61 | is($b, crypt("a\xFF", $alg."cd"), "downgrade results agree"); |
f2791508 | 62 | |
fbc76eb3 FC |
63 | my $x = chr 256; # has to be lexical, and predeclared |
64 | # Assignment gets optimised away here: | |
65 | $x = crypt "foo", ${\"bar"}; # ${\ } to defeat constant folding | |
66 | is $x, crypt("foo", "bar"), 'crypt writing to utf8 target'; | |
67 | ok !utf8::is_utf8($x), 'crypt turns off utf8 on its target'; |