Improved coverage and fixed string checks for basic functionality of several of the pwcrypto helpers (#362)

* Add fixed string checks for basic functionality of several of the pwcrypto
helper functions as suggested by @albu-diku in the comments to PR343.

* Adjust `pwcrypto` slightly to support external use of the existing self-tests,
like it's the case e.g. for `userio`, and integrate running it in unit testing.

Added a lot of unit tests to cover almost all functions in `pwcrypto` and to
include more tests of fundamental functionality against fixed known values as
suggested in PR343 discussion.
A few tests will require API changes to pass a random seed to allow that and
have been left as disabled for now with TODO comments added.

* Workaround for pylint failing CI with bogus missing member on rocky9 and latest
stable py3. I can't see why `site_password_legacy_policy` is any different from
e.g. `site_password_policy`, which does NOT trigger the same pylint error :-s

* Make sure the AAD date stamp helper keeps the date input static over time to
prevent tests failing after a while.

Author: jonasbardino

mig/shared/pwcrypto.py

@@ -40,6 +40,7 @@
 import datetime
 import hashlib
 import time
+import sys
 
 from mig.shared.base import force_utf8, force_native_str, mask_creds, string_snippet
 from mig.shared.defaults import keyword_auto, RESET_TOKEN_TTL
@@ -1027,7 +1028,8 @@ def generate_random_password(configuration, tries=42):
     raise ValueError("Failed to generate suitable password!")
 
 
-if __name__ == "__main__":
+def main(_exit=sys.exit, _print=print):
+    """Run module self-tests"""
     from mig.shared.conf import get_configuration_object
     configuration = get_configuration_object()
     dummy_user = {'distinguished_name': 'Test User', 'password_hash': ''}
@@ -1057,6 +1059,8 @@ def generate_random_password(configuration, tries=42):
         hashed = make_hash(pw)
         snippet = string_snippet(hashed)
         dummy_user['password_hash'] = hashed
+        if 'migoid' not in configuration.site_login_methods:
+            configuration.site_login_methods.append('migoid')
         token = generate_reset_token(configuration, dummy_user, 'migoid')
         print("Password %r gives hash %r, snippet %r and reset token %r" %
               (pw, hashed, snippet, token))
@@ -1112,3 +1116,7 @@ def generate_random_password(configuration, tries=42):
         except Exception as exc:
             print(
                 "Failed to handle aesgcm static encrypt/decrypt %s : %s" % (pw, exc))
+
+
+if __name__ == "__main__":
+    main()