diff options
author | Eli Collins <elic@assurancetechnologies.com> | 2020-10-07 14:46:57 -0400 |
---|---|---|
committer | Eli Collins <elic@assurancetechnologies.com> | 2020-10-07 14:46:57 -0400 |
commit | 7086228eec5138cd40d39e18c7a132b703d07cdc (patch) | |
tree | f94719c8916600054ac764a3100fa4d63404553b | |
parent | d221b9006a1370a79bc19b8b645250d2bf35397c (diff) | |
download | passlib-7086228eec5138cd40d39e18c7a132b703d07cdc.tar.gz |
passlib.context: now raises UnknownHashError() if hash can't be identified.
this inherits from ValueError, and has same text, so backwards compatible.
-rw-r--r-- | docs/history/1.7.rst | 12 | ||||
-rw-r--r-- | passlib/context.py | 3 | ||||
-rw-r--r-- | passlib/crypto/digest.py | 2 | ||||
-rw-r--r-- | passlib/exc.py | 14 | ||||
-rw-r--r-- | passlib/tests/test_context.py | 32 |
5 files changed, 36 insertions, 27 deletions
diff --git a/docs/history/1.7.rst b/docs/history/1.7.rst index 6d6293b..42ffeec 100644 --- a/docs/history/1.7.rst +++ b/docs/history/1.7.rst @@ -12,6 +12,18 @@ Passlib 1.7 and will require Python >= 3.5. The 1.7 series will be the last to support Python 2.7. (See :issue:`119` for rationale). +**1.7.4** (NOT YET RELEASED) +============================ + +Other Changes +------------- +* .. py:currentmodule:: passlib.context + + :class:`CryptContext` will now throw :exc:`~passlib.exc.UnknownHashError` when it can't identify + a hash provided to methods such as :meth:`!CryptContext.verify`. + Previously it would throw a generic :exc:`ValueError`. + + **1.7.3** (2020-10-06) ====================== diff --git a/passlib/context.py b/passlib/context.py index 2822d70..bc3cbf5 100644 --- a/passlib/context.py +++ b/passlib/context.py @@ -11,6 +11,7 @@ import time from warnings import warn # site # pkg +from passlib import exc from passlib.exc import ExpectedStringError, ExpectedTypeError, PasslibConfigWarning from passlib.registry import get_crypt_handler, _validate_handler_name from passlib.utils import (handlers as uh, to_bytes, @@ -1128,7 +1129,7 @@ class _CryptConfig(object): elif not self.schemes: raise KeyError("no crypt algorithms supported") else: - raise ValueError("hash could not be identified") + raise exc.UnknownHashError("hash could not be identified") @memoized_property def disabled_record(self): diff --git a/passlib/crypto/digest.py b/passlib/crypto/digest.py index 0a9b77a..8da9b5e 100644 --- a/passlib/crypto/digest.py +++ b/passlib/crypto/digest.py @@ -469,7 +469,7 @@ class HashInfo(SequenceMixin): helper that installs stub constructor which throws specified error <msg>. """ def const(source=b""): - raise exc.UnknownHashError(name, message=msg) + raise exc.UnknownHashError(msg, name) if required: # if caller only wants supported digests returned, # just throw error immediately... diff --git a/passlib/exc.py b/passlib/exc.py index 4539c7d..755c7dc 100644 --- a/passlib/exc.py +++ b/passlib/exc.py @@ -193,17 +193,23 @@ class UnknownHashError(ValueError): As of version 1.7.3, this may also be raised if hash algorithm is known, but has been disabled due to FIPS mode (message will include phrase "disabled for fips"). + As of version 1.7.4, this may be raised if a :class:`~passlib.context.CryptContext` + is unable to identify the algorithm used by a password hash. + .. versionadded:: 1.7 .. versionchanged: 1.7.3 added 'message' argument. + + .. versionchanged:: 1.7.4 + altered call signature. """ - def __init__(self, name, message=None): - self.name = name + def __init__(self, message=None, value=None): + self.value = value if message is None: - message = "unknown hash algorithm: %r" % name + message = "unknown hash algorithm: %r" % value self.message = message - ValueError.__init__(self, name, message) + ValueError.__init__(self, message, value) def __str__(self): return self.message diff --git a/passlib/tests/test_context.py b/passlib/tests/test_context.py index ffd37e9..09b52c0 100644 --- a/passlib/tests/test_context.py +++ b/passlib/tests/test_context.py @@ -1647,6 +1647,7 @@ sha512_crypt__min_rounds = 45000 # # init ref info # + from passlib.exc import UnknownHashError from passlib.hash import md5_crypt, unix_disabled ctx = CryptContext(["des_crypt"]) @@ -1684,18 +1685,13 @@ sha512_crypt__min_rounds = 45000 # test w/o disabled hash support self.assertTrue(ctx.is_enabled(h_ref)) - HASH_NOT_IDENTIFIED = "hash could not be identified" - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.is_enabled, h_other) - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.is_enabled, h_dis) - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.is_enabled, h_dis_ref) + self.assertRaises(UnknownHashError, ctx.is_enabled, h_other) + self.assertRaises(UnknownHashError, ctx.is_enabled, h_dis) + self.assertRaises(UnknownHashError, ctx.is_enabled, h_dis_ref) # test w/ disabled hash support self.assertTrue(ctx2.is_enabled(h_ref)) - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.is_enabled, h_other) + self.assertRaises(UnknownHashError, ctx.is_enabled, h_other) self.assertFalse(ctx2.is_enabled(h_dis)) self.assertFalse(ctx2.is_enabled(h_dis_ref)) @@ -1704,24 +1700,18 @@ sha512_crypt__min_rounds = 45000 # # test w/o disabled hash support - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.enable, "") + self.assertRaises(UnknownHashError, ctx.enable, "") self.assertRaises(TypeError, ctx.enable, None) self.assertEqual(ctx.enable(h_ref), h_ref) - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.enable, h_other) - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.enable, h_dis) - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.enable, h_dis_ref) + self.assertRaises(UnknownHashError, ctx.enable, h_other) + self.assertRaises(UnknownHashError, ctx.enable, h_dis) + self.assertRaises(UnknownHashError, ctx.enable, h_dis_ref) # test w/ disabled hash support - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx.enable, "") + self.assertRaises(UnknownHashError, ctx.enable, "") self.assertRaises(TypeError, ctx2.enable, None) self.assertEqual(ctx2.enable(h_ref), h_ref) - self.assertRaisesRegex(ValueError, HASH_NOT_IDENTIFIED, - ctx2.enable, h_other) + self.assertRaises(UnknownHashError, ctx2.enable, h_other) self.assertRaisesRegex(ValueError, "cannot restore original hash", ctx2.enable, h_dis) self.assertEqual(ctx2.enable(h_dis_ref), h_ref) |