clarify behavior for secret=None and hash=None

* passing a non-string secret or non-string hash to any
  CryptContext or handler method will now reliably result
  in a TypeError.

  previously, passing hash=None to many handler identify() and verify()
  methods would return False, while others would raise a TypeError.
  other handler methods would alternately throw ValueError or TypeError
  when passed a value that wasn't unicode or bytes.
  the various CryptContext methods also behaved inconsistently,
  depending on the behavior of the underlying handler.

  all of these behaviors are gone, they should all raise the same TypeError.

* redid many of the from_string() methods to verify the hash type.

* moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods.
  this cheaply made the secret validation global to all hashes, and lets
  _calc_digest() implementations trust that the secret is valid.

* updated the CryptContext and handler unittests to verify the above behavior is adhered to.

1 files changed, 2 insertions, 2 deletions

diff --git a/passlib/ext/django/models.py b/passlib/ext/django/models.py
index 2b3dd16..edc334a 100644
--- a/passlib/ext/django/models.py
+++ b/passlib/ext/django/models.py
@@ -15,7 +15,7 @@ from django.conf import settings
 #pkg
 from passlib.context import CryptContext, CryptPolicy
 from passlib.utils import is_crypt_context
-from passlib.utils.compat import bytes, sb_types, unicode
+from passlib.utils.compat import bytes, unicode, base_string_types
 from passlib.ext.django.utils import DEFAULT_CTX, get_category, \
     set_django_password_context
 
@@ -34,7 +34,7 @@ def patch():
         return
     if ctx == "passlib-default":
         ctx = DEFAULT_CTX
-    if isinstance(ctx, str):
+    if isinstance(ctx, base_string_types):
         ctx = CryptContext(policy=CryptPolicy.from_string(ctx))
     if not is_crypt_context(ctx):
         raise TypeError("django settings.PASSLIB_CONTEXT must be CryptContext "