diff options
Diffstat (limited to 't')
-rw-r--r-- | t/op/crypt.t | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/t/op/crypt.t b/t/op/crypt.t index 424a24ff6e..f6caf85288 100644 --- a/t/op/crypt.t +++ b/t/op/crypt.t @@ -27,20 +27,31 @@ BEGIN { # eight characters mattered, but those are probably no more safe # bets, given alternative encryption/hashing schemes like MD5, # C2 (or higher) security schemes, and non-UNIX platforms. +# +# On platforms implementing FIPS mode, using a weak algorithm (including +# the default triple-DES algorithm) causes crypt(3) to return a null +# pointer, which Perl converts into undef. We assume for now that all +# such platforms support glibc-style selection of a different hashing +# algorithm. +my $alg = ''; # Use default algorithm +if ( !defined(crypt("ab", "cd")) ) { + $alg = '$5$'; # Use SHA-256 +} SKIP: { - skip ("VOS crypt ignores salt.", 1) if ($^O eq 'vos'); - ok(substr(crypt("ab", "cd"), 2) ne substr(crypt("ab", "ce"), 2), "salt makes a difference"); + skip ("VOS crypt ignores salt.", 1) if ($^O eq 'vos'); + ok(substr(crypt("ab", $alg."cd"), 2) ne substr(crypt("ab", $alg."ce"), 2), + "salt makes a difference"); } $a = "a\xFF\x{100}"; -eval {$b = crypt($a, "cd")}; +eval {$b = crypt($a, $alg."cd")}; like($@, qr/Wide character in crypt/, "wide characters ungood"); chop $a; # throw away the wide character -eval {$b = crypt($a, "cd")}; +eval {$b = crypt($a, $alg."cd")}; is($@, '', "downgrade to eight bit characters"); -is($b, crypt("a\xFF", "cd"), "downgrade results agree"); +is($b, crypt("a\xFF", $alg."cd"), "downgrade results agree"); |