1#!./perl -w 2 3BEGIN { 4 chdir 't' if -d 't'; 5 @INC = qw(. ../lib); 6} 7 8BEGIN { 9 use Config; 10 11 require "test.pl"; 12 13 if( !$Config{d_crypt} ) { 14 skip_all("crypt unimplemented"); 15 } 16 else { 17 plan(tests => 4); 18 } 19} 20 21# Can't assume too much about the string returned by crypt(), 22# and about how many bytes of the encrypted (really, hashed) 23# string matter. 24# 25# HISTORICALLY the results started with the first two bytes of the salt, 26# followed by 11 bytes from the set [./0-9A-Za-z], and only the first 27# eight characters mattered, but those are probably no more safe 28# bets, given alternative encryption/hashing schemes like MD5, 29# C2 (or higher) security schemes, and non-UNIX platforms. 30 31my $alg = '$2b$12$12345678901234567890'; # Use Blowfish 32SKIP: { 33 skip ("VOS crypt ignores salt.", 1) if ($^O eq 'vos'); 34 ok(substr(crypt("ab", $alg . "cd"), 2) ne substr(crypt("ab", $alg . "ce"), 2), "salt makes a difference"); 35} 36 37$a = "a\xFF\x{100}"; 38 39eval {$b = crypt($a, $alg . "cd")}; 40like($@, qr/Wide character in crypt/, "wide characters ungood"); 41 42chop $a; # throw away the wide character 43 44eval {$b = crypt($a, $alg . "cd")}; 45is($@, '', "downgrade to eight bit characters"); 46is($b, crypt("a\xFF", $alg . "cd"), "downgrade results agree"); 47 48