Add a NoSecurityHash class for fast testing

management_interface/management_interface/forms.py

@@ -9,6 +9,8 @@
 from .models import CareProviderLocation, CareRecipient, RegisteredManager
 
 
+from os import getenv
+
 class CareProviderLocationForm(forms.ModelForm):
     class Meta:
         model = CareProviderLocation
@@ -24,6 +26,32 @@ class Meta:
         }
 
 
+class HighSecurityHash:
+    # This version is intentionally slow, derives its security from
+    # being slow, and must be used as the default.
+    def encode(self, salt="", data="") -> str:
+        return scrypt(
+            data.encode(),
+            salt=str(salt).encode(),
+            n=32768,
+            r=12,
+            p=6,
+            maxmem=2**26,
+        ).hex()
+
+class NoSecurityHash:
+    # This version is fast and offers no security whatsoever, and must
+    # be actively selected only for testing purposes.
+    def encode(self, salt="", data="") -> str:
+        return scrypt(
+            data.encode(),
+            salt=str(salt).encode(),
+            n=16,
+            r=12,
+            p=1,
+        ).hex()
+
+
 class CareRecipientForm(forms.ModelForm):
     given_name = forms.CharField(
         max_length=64,
@@ -84,11 +112,9 @@ def _create_subscription(self) -> uuid.UUID:
 
     def _generate_nhs_number_hash(self) -> str:
         # https://nhsx.github.io/il-hans-infrastructure/adrs/003-Do-not-use-NEMS-or-MESH
-        return scrypt(
-            self.cleaned_data["nhs_number"].encode(),
-            salt=str(self.cleaned_data["birth_date"]).encode(),
-            n=32768,
-            r=12,
-            p=6,
-            maxmem=2**26,
-        ).hex()
+        if getenv("STUPIDLY_HOBBLE_SECURITY") == "I_AM_AN_IDIOT_YES_I_REALLY_MEAN_IT":
+            hasher = NoSecurityHash()
+        else:
+            hasher = HighSecurityHash()
+        return hasher.encode(data=self.cleaned_data["nhs_number"],
+                             salt=self.cleaned_data["birth_date"])