annotate MoinMoin/support/passlib/handlers/des_crypt.py @ 6133:a6283e189869 tip

fixup: remove nonexisting passlib.utils._blowfish this was removed by the passlib 1.7.1 upgrade.
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Thu, 01 Jun 2017 18:10:19 +0200
parents 7f0616feeae9
children
rev   line source
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
1 """passlib.handlers.des_crypt - traditional unix (DES) crypt and variants"""
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
2 #=============================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
3 # imports
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
4 #=============================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
5 # core
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
6 import re
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
7 import logging; log = logging.getLogger(__name__)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
8 from warnings import warn
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
9 # site
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
10 # pkg
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
11 from passlib.utils import safe_crypt, test_crypt, to_unicode
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
12 from passlib.utils.binary import h64, h64big
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
13 from passlib.utils.compat import byte_elem_value, u, uascii_to_str, unicode, suppress_cause
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
14 from passlib.crypto.des import des_encrypt_int_block
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
15 import passlib.utils.handlers as uh
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
16 # local
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
17 __all__ = [
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
18 "des_crypt",
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
19 "bsdi_crypt",
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
20 "bigcrypt",
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
21 "crypt16",
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
22 ]
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
23
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
24 #=============================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
25 # pure-python backend for des_crypt family
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
26 #=============================================================================
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
27 _BNULL = b'\x00'
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
28
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
29 def _crypt_secret_to_key(secret):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
30 """convert secret to 64-bit DES key.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
31
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
32 this only uses the first 8 bytes of the secret,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
33 and discards the high 8th bit of each byte at that.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
34 a null parity bit is inserted after every 7th bit of the output.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
35 """
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
36 # NOTE: this would set the parity bits correctly,
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
37 # but des_encrypt_int_block() would just ignore them...
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
38 ##return sum(expand_7bit(byte_elem_value(c) & 0x7f) << (56-i*8)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
39 ## for i, c in enumerate(secret[:8]))
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
40 return sum((byte_elem_value(c) & 0x7f) << (57-i*8)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
41 for i, c in enumerate(secret[:8]))
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
42
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
43 def _raw_des_crypt(secret, salt):
6096
86a41c2bedec upgrade passlib from 1.6.2 to 1.6.5
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5919
diff changeset
44 """pure-python backed for des_crypt"""
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
45 assert len(salt) == 2
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
46
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
47 # NOTE: some OSes will accept non-HASH64 characters in the salt,
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
48 # but what value they assign these characters varies wildy,
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
49 # so just rejecting them outright.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
50 # the same goes for single-character salts...
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
51 # some OSes duplicate the char, some insert a '.' char,
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
52 # and openbsd does (something) which creates an invalid hash.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
53 salt_value = h64.decode_int12(salt)
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
54
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
55 # gotta do something - no official policy since this predates unicode
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
56 if isinstance(secret, unicode):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
57 secret = secret.encode("utf-8")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
58 assert isinstance(secret, bytes)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
59
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
60 # forbidding NULL char because underlying crypt() rejects them too.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
61 if _BNULL in secret:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
62 raise uh.exc.NullPasswordError(des_crypt)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
63
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
64 # convert first 8 bytes of secret string into an integer
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
65 key_value = _crypt_secret_to_key(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
66
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
67 # run data through des using input of 0
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
68 result = des_encrypt_int_block(key_value, 0, salt_value, 25)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
69
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
70 # run h64 encode on result
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
71 return h64big.encode_int64(result)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
72
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
73 def _bsdi_secret_to_key(secret):
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
74 """convert secret to DES key used by bsdi_crypt"""
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
75 key_value = _crypt_secret_to_key(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
76 idx = 8
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
77 end = len(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
78 while idx < end:
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
79 next = idx + 8
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
80 tmp_value = _crypt_secret_to_key(secret[idx:next])
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
81 key_value = des_encrypt_int_block(key_value, key_value) ^ tmp_value
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
82 idx = next
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
83 return key_value
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
84
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
85 def _raw_bsdi_crypt(secret, rounds, salt):
6096
86a41c2bedec upgrade passlib from 1.6.2 to 1.6.5
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5919
diff changeset
86 """pure-python backend for bsdi_crypt"""
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
87
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
88 # decode salt
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
89 salt_value = h64.decode_int24(salt)
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
90
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
91 # gotta do something - no official policy since this predates unicode
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
92 if isinstance(secret, unicode):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
93 secret = secret.encode("utf-8")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
94 assert isinstance(secret, bytes)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
95
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
96 # forbidding NULL char because underlying crypt() rejects them too.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
97 if _BNULL in secret:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
98 raise uh.exc.NullPasswordError(bsdi_crypt)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
99
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
100 # convert secret string into an integer
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
101 key_value = _bsdi_secret_to_key(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
102
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
103 # run data through des using input of 0
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
104 result = des_encrypt_int_block(key_value, 0, salt_value, rounds)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
105
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
106 # run h64 encode on result
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
107 return h64big.encode_int64(result)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
108
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
109 #=============================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
110 # handlers
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
111 #=============================================================================
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
112 class des_crypt(uh.TruncateMixin, uh.HasManyBackends, uh.HasSalt, uh.GenericHandler):
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
113 """This class implements the des-crypt password hash, and follows the :ref:`password-hash-api`.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
114
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
115 It supports a fixed-length salt.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
116
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
117 The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
118
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
119 :type salt: str
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
120 :param salt:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
121 Optional salt string.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
122 If not specified, one will be autogenerated (this is recommended).
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
123 If specified, it must be 2 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
124
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
125 :param bool truncate_error:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
126 By default, des_crypt will silently truncate passwords larger than 8 bytes.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
127 Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash`
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
128 to raise a :exc:`~passlib.exc.PasswordTruncateError` instead.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
129
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
130 .. versionadded:: 1.7
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
131
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
132 :type relaxed: bool
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
133 :param relaxed:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
134 By default, providing an invalid value for one of the other
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
135 keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
136 and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
137 will be issued instead. Correctable errors include
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
138 ``salt`` strings that are too long.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
139
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
140 .. versionadded:: 1.6
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
141 """
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
142 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
143 # class attrs
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
144 #===================================================================
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
145
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
146 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
147 # PasswordHash
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
148 #--------------------
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
149 name = "des_crypt"
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
150 setting_kwds = ("salt", "truncate_error")
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
151
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
152 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
153 # GenericHandler
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
154 #--------------------
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
155 checksum_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
156 checksum_size = 11
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
157
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
158 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
159 # HasSalt
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
160 #--------------------
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
161 min_salt_size = max_salt_size = 2
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
162 salt_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
163
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
164 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
165 # TruncateMixin
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
166 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
167 truncate_size = 8
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
168
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
169 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
170 # formatting
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
171 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
172 # FORMAT: 2 chars of H64-encoded salt + 11 chars of H64-encoded checksum
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
173
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
174 _hash_regex = re.compile(u(r"""
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
175 ^
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
176 (?P<salt>[./a-z0-9]{2})
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
177 (?P<chk>[./a-z0-9]{11})?
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
178 $"""), re.X|re.I)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
179
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
180 @classmethod
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
181 def from_string(cls, hash):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
182 hash = to_unicode(hash, "ascii", "hash")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
183 salt, chk = hash[:2], hash[2:]
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
184 return cls(salt=salt, checksum=chk or None)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
185
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
186 def to_string(self):
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
187 hash = u("%s%s") % (self.salt, self.checksum)
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
188 return uascii_to_str(hash)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
189
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
190 #===================================================================
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
191 # digest calculation
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
192 #===================================================================
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
193 def _calc_checksum(self, secret):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
194 # check for truncation (during .hash() calls only)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
195 if self.use_defaults:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
196 self._check_truncate_policy(secret)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
197
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
198 return self._calc_checksum_backend(secret)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
199
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
200 #===================================================================
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
201 # backend
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
202 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
203 backends = ("os_crypt", "builtin")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
204
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
205 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
206 # os_crypt backend
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
207 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
208 @classmethod
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
209 def _load_backend_os_crypt(cls):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
210 if test_crypt("test", 'abgOeLfPimXQo'):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
211 cls._set_calc_checksum_backend(cls._calc_checksum_os_crypt)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
212 return True
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
213 else:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
214 return False
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
215
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
216 def _calc_checksum_os_crypt(self, secret):
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
217 # NOTE: we let safe_crypt() encode unicode secret -> utf8;
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
218 # no official policy since des-crypt predates unicode
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
219 hash = safe_crypt(secret, self.salt)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
220 if hash:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
221 assert hash.startswith(self.salt) and len(hash) == 13
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
222 return hash[2:]
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
223 else:
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
224 # py3's crypt.crypt() can't handle non-utf8 bytes.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
225 # fallback to builtin alg, which is always available.
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
226 return self._calc_checksum_builtin(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
227
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
228 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
229 # builtin backend
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
230 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
231 @classmethod
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
232 def _load_backend_builtin(cls):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
233 cls._set_calc_checksum_backend(cls._calc_checksum_builtin)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
234 return True
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
235
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
236 def _calc_checksum_builtin(self, secret):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
237 return _raw_des_crypt(secret, self.salt.encode("ascii")).decode("ascii")
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
238
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
239 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
240 # eoc
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
241 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
242
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
243 class bsdi_crypt(uh.HasManyBackends, uh.HasRounds, uh.HasSalt, uh.GenericHandler):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
244 """This class implements the BSDi-Crypt password hash, and follows the :ref:`password-hash-api`.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
245
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
246 It supports a fixed-length salt, and a variable number of rounds.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
247
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
248 The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
249
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
250 :type salt: str
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
251 :param salt:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
252 Optional salt string.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
253 If not specified, one will be autogenerated (this is recommended).
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
254 If specified, it must be 4 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
255
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
256 :type rounds: int
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
257 :param rounds:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
258 Optional number of rounds to use.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
259 Defaults to 5001, must be between 1 and 16777215, inclusive.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
260
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
261 :type relaxed: bool
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
262 :param relaxed:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
263 By default, providing an invalid value for one of the other
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
264 keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
265 and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
266 will be issued instead. Correctable errors include ``rounds``
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
267 that are too small or too large, and ``salt`` strings that are too long.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
268
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
269 .. versionadded:: 1.6
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
270
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
271 .. versionchanged:: 1.6
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
272 :meth:`hash` will now issue a warning if an even number of rounds is used
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
273 (see :ref:`bsdi-crypt-security-issues` regarding weak DES keys).
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
274 """
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
275 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
276 # class attrs
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
277 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
278 #--GenericHandler--
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
279 name = "bsdi_crypt"
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
280 setting_kwds = ("salt", "rounds")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
281 checksum_size = 11
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
282 checksum_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
283
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
284 #--HasSalt--
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
285 min_salt_size = max_salt_size = 4
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
286 salt_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
287
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
288 #--HasRounds--
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
289 default_rounds = 5001
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
290 min_rounds = 1
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
291 max_rounds = 16777215 # (1<<24)-1
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
292 rounds_cost = "linear"
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
293
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
294 # NOTE: OpenBSD login.conf reports 7250 as minimum allowed rounds,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
295 # but that seems to be an OS policy, not a algorithm limitation.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
296
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
297 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
298 # parsing
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
299 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
300 _hash_regex = re.compile(u(r"""
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
301 ^
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
302 _
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
303 (?P<rounds>[./a-z0-9]{4})
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
304 (?P<salt>[./a-z0-9]{4})
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
305 (?P<chk>[./a-z0-9]{11})?
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
306 $"""), re.X|re.I)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
307
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
308 @classmethod
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
309 def from_string(cls, hash):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
310 hash = to_unicode(hash, "ascii", "hash")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
311 m = cls._hash_regex.match(hash)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
312 if not m:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
313 raise uh.exc.InvalidHashError(cls)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
314 rounds, salt, chk = m.group("rounds", "salt", "chk")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
315 return cls(
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
316 rounds=h64.decode_int24(rounds.encode("ascii")),
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
317 salt=salt,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
318 checksum=chk,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
319 )
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
320
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
321 def to_string(self):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
322 hash = u("_%s%s%s") % (h64.encode_int24(self.rounds).decode("ascii"),
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
323 self.salt, self.checksum)
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
324 return uascii_to_str(hash)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
325
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
326 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
327 # validation
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
328 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
329
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
330 # NOTE: keeping this flag for admin/choose_rounds.py script.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
331 # want to eventually expose rounds logic to that script in better way.
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
332 _avoid_even_rounds = True
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
333
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
334 @classmethod
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
335 def using(cls, **kwds):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
336 subcls = super(bsdi_crypt, cls).using(**kwds)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
337 if not subcls.default_rounds & 1:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
338 # issue warning if caller set an even 'rounds' value.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
339 warn("bsdi_crypt rounds should be odd, as even rounds may reveal weak DES keys",
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
340 uh.exc.PasslibSecurityWarning)
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
341 return subcls
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
342
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
343 @classmethod
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
344 def _generate_rounds(cls):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
345 rounds = super(bsdi_crypt, cls)._generate_rounds()
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
346 # ensure autogenerated rounds are always odd
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
347 # NOTE: doing this even for default_rounds so needs_update() doesn't get
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
348 # caught in a loop.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
349 # FIXME: this technically might generate a rounds value 1 larger
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
350 # than the requested upper bound - but better to err on side of safety.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
351 return rounds|1
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
352
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
353 #===================================================================
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
354 # migration
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
355 #===================================================================
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
356
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
357 def _calc_needs_update(self, **kwds):
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
358 # mark bsdi_crypt hashes as deprecated if they have even rounds.
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
359 if not self.rounds & 1:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
360 return True
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
361 # hand off to base implementation
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
362 return super(bsdi_crypt, self)._calc_needs_update(**kwds)
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
363
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
364 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
365 # backends
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
366 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
367 backends = ("os_crypt", "builtin")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
368
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
369 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
370 # os_crypt backend
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
371 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
372 @classmethod
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
373 def _load_backend_os_crypt(cls):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
374 if test_crypt("test", '_/...lLDAxARksGCHin.'):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
375 cls._set_calc_checksum_backend(cls._calc_checksum_os_crypt)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
376 return True
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
377 else:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
378 return False
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
379
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
380 def _calc_checksum_os_crypt(self, secret):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
381 config = self.to_string()
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
382 hash = safe_crypt(secret, config)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
383 if hash:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
384 assert hash.startswith(config[:9]) and len(hash) == 20
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
385 return hash[-11:]
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
386 else:
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
387 # py3's crypt.crypt() can't handle non-utf8 bytes.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
388 # fallback to builtin alg, which is always available.
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
389 return self._calc_checksum_builtin(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
390
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
391 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
392 # builtin backend
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
393 #---------------------------------------------------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
394 @classmethod
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
395 def _load_backend_builtin(cls):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
396 cls._set_calc_checksum_backend(cls._calc_checksum_builtin)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
397 return True
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
398
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
399 def _calc_checksum_builtin(self, secret):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
400 return _raw_bsdi_crypt(secret, self.rounds, self.salt.encode("ascii")).decode("ascii")
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
401
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
402 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
403 # eoc
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
404 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
405
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
406 class bigcrypt(uh.HasSalt, uh.GenericHandler):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
407 """This class implements the BigCrypt password hash, and follows the :ref:`password-hash-api`.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
408
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
409 It supports a fixed-length salt.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
410
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
411 The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
412
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
413 :type salt: str
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
414 :param salt:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
415 Optional salt string.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
416 If not specified, one will be autogenerated (this is recommended).
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
417 If specified, it must be 22 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
418
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
419 :type relaxed: bool
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
420 :param relaxed:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
421 By default, providing an invalid value for one of the other
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
422 keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
423 and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
424 will be issued instead. Correctable errors include
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
425 ``salt`` strings that are too long.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
426
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
427 .. versionadded:: 1.6
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
428 """
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
429 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
430 # class attrs
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
431 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
432 #--GenericHandler--
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
433 name = "bigcrypt"
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
434 setting_kwds = ("salt",)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
435 checksum_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
436 # NOTE: checksum chars must be multiple of 11
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
437
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
438 #--HasSalt--
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
439 min_salt_size = max_salt_size = 2
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
440 salt_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
441
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
442 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
443 # internal helpers
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
444 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
445 _hash_regex = re.compile(u(r"""
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
446 ^
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
447 (?P<salt>[./a-z0-9]{2})
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
448 (?P<chk>([./a-z0-9]{11})+)?
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
449 $"""), re.X|re.I)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
450
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
451 @classmethod
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
452 def from_string(cls, hash):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
453 hash = to_unicode(hash, "ascii", "hash")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
454 m = cls._hash_regex.match(hash)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
455 if not m:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
456 raise uh.exc.InvalidHashError(cls)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
457 salt, chk = m.group("salt", "chk")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
458 return cls(salt=salt, checksum=chk)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
459
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
460 def to_string(self):
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
461 hash = u("%s%s") % (self.salt, self.checksum)
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
462 return uascii_to_str(hash)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
463
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
464 def _norm_checksum(self, checksum, relaxed=False):
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
465 checksum = super(bigcrypt, self)._norm_checksum(checksum, relaxed=relaxed)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
466 if len(checksum) % 11:
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
467 raise uh.exc.InvalidHashError(self)
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
468 return checksum
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
469
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
470 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
471 # backend
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
472 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
473 def _calc_checksum(self, secret):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
474 if isinstance(secret, unicode):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
475 secret = secret.encode("utf-8")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
476 chk = _raw_des_crypt(secret, self.salt.encode("ascii"))
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
477 idx = 8
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
478 end = len(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
479 while idx < end:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
480 next = idx + 8
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
481 chk += _raw_des_crypt(secret[idx:next], chk[-11:-9])
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
482 idx = next
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
483 return chk.decode("ascii")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
484
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
485 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
486 # eoc
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
487 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
488
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
489 class crypt16(uh.TruncateMixin, uh.HasSalt, uh.GenericHandler):
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
490 """This class implements the crypt16 password hash, and follows the :ref:`password-hash-api`.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
491
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
492 It supports a fixed-length salt.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
493
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
494 The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
495
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
496 :type salt: str
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
497 :param salt:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
498 Optional salt string.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
499 If not specified, one will be autogenerated (this is recommended).
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
500 If specified, it must be 2 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
501
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
502 :param bool truncate_error:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
503 By default, crypt16 will silently truncate passwords larger than 16 bytes.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
504 Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash`
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
505 to raise a :exc:`~passlib.exc.PasswordTruncateError` instead.
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
506
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
507 .. versionadded:: 1.7
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
508
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
509 :type relaxed: bool
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
510 :param relaxed:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
511 By default, providing an invalid value for one of the other
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
512 keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
513 and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
514 will be issued instead. Correctable errors include
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
515 ``salt`` strings that are too long.
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
516
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
517 .. versionadded:: 1.6
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
518 """
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
519 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
520 # class attrs
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
521 #===================================================================
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
522
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
523 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
524 # PasswordHash
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
525 #--------------------
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
526 name = "crypt16"
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
527 setting_kwds = ("salt", "truncate_error")
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
528
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
529 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
530 # GenericHandler
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
531 #--------------------
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
532 checksum_size = 22
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
533 checksum_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
534
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
535 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
536 # HasSalt
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
537 #--------------------
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
538 min_salt_size = max_salt_size = 2
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
539 salt_chars = uh.HASH64_CHARS
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
540
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
541 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
542 # TruncateMixin
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
543 #--------------------
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
544 truncate_size = 16
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
545
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
546 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
547 # internal helpers
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
548 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
549 _hash_regex = re.compile(u(r"""
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
550 ^
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
551 (?P<salt>[./a-z0-9]{2})
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
552 (?P<chk>[./a-z0-9]{22})?
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
553 $"""), re.X|re.I)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
554
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
555 @classmethod
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
556 def from_string(cls, hash):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
557 hash = to_unicode(hash, "ascii", "hash")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
558 m = cls._hash_regex.match(hash)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
559 if not m:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
560 raise uh.exc.InvalidHashError(cls)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
561 salt, chk = m.group("salt", "chk")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
562 return cls(salt=salt, checksum=chk)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
563
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
564 def to_string(self):
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
565 hash = u("%s%s") % (self.salt, self.checksum)
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
566 return uascii_to_str(hash)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
567
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
568 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
569 # backend
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
570 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
571 def _calc_checksum(self, secret):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
572 if isinstance(secret, unicode):
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
573 secret = secret.encode("utf-8")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
574
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
575 # check for truncation (during .hash() calls only)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
576 if self.use_defaults:
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
577 self._check_truncate_policy(secret)
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
578
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
579 # parse salt value
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
580 try:
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
581 salt_value = h64.decode_int12(self.salt.encode("ascii"))
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
582 except ValueError: # pragma: no cover - caught by class
6130
7f0616feeae9 upgrade passlib to 1.7.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6096
diff changeset
583 raise suppress_cause(ValueError("invalid chars in salt"))
5919
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
584
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
585 # convert first 8 byts of secret string into an integer,
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
586 key1 = _crypt_secret_to_key(secret)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
587
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
588 # run data through des using input of 0
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
589 result1 = des_encrypt_int_block(key1, 0, salt_value, 20)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
590
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
591 # convert next 8 bytes of secret string into integer (key=0 if secret < 8 chars)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
592 key2 = _crypt_secret_to_key(secret[8:16])
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
593
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
594 # run data through des using input of 0
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
595 result2 = des_encrypt_int_block(key2, 0, salt_value, 5)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
596
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
597 # done
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
598 chk = h64big.encode_int64(result1) + h64big.encode_int64(result2)
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
599 return chk.decode("ascii")
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
600
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
601 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
602 # eoc
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
603 #===================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
604
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
605 #=============================================================================
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
606 # eof
efd7c0be3339 added passlib 1.6.1 to MoinMoin/support/
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
607 #=============================================================================