Mercurial > p > roundup > code
annotate roundup/password.py @ 4587:a2eb4fb3e6d8
New Chameleon templating engine, engine is now configurable.
We now have two configurable templating engines, the old Zope TAL
templates (called zopetal in the config) and the new Chameleon (called
chameleon in the config). A new config-option "template_engine" under
[main] can take these config-options, the default is zopetal.
Thanks to Cheer Xiao for the idea of making this configurable *and*
for the actual implementation!
Cheer Xiao commit log:
- The original TAL engine ported from Zope is thereafter referred to as
"zopetal", in speech and in code
- A new option "template_engine" under [main] introduced
- Zopetal-specific code stripped from cgi/templating.py to form the new
cgi/engine_zopetal.py
- Interface to Chameleon in cgi/engine_chameleon.py
- Engines are supposed to provide a Templates class that mimics the
behavior of the old cgi.templating.Templates. The Templates class is
preferably subclassed from cgi.templating.TemplatesBase.
- New function cgi.templating.get_templates to get the appropriate engine's
Templates instance according to the engine name
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Thu, 23 Feb 2012 18:10:03 +0100 |
| parents | 6e3e4f24c753 |
| children | 2f66d44616ad |
| rev | line source |
|---|---|
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
1 # |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2 # Copyright (c) 2001 Bizar Software Pty Ltd (http://www.bizarsoftware.com.au/) |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
3 # This module is free software, and you may redistribute it and/or modify |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
4 # under the same terms as Python, so long as this copyright message and |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
5 # disclaimer are retained in their original form. |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
6 # |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
7 # IN NO EVENT SHALL BIZAR SOFTWARE PTY LTD BE LIABLE TO ANY PARTY FOR |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
8 # DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
9 # OUT OF THE USE OF THIS CODE, EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
10 # POSSIBILITY OF SUCH DAMAGE. |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
11 # |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
12 # BIZAR SOFTWARE PTY LTD SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
13 # BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
14 # FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS" |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
15 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
16 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. |
|
3434
1f860b50fa5f
encodePassword: don't trim the salt string...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2277
diff
changeset
|
17 # |
|
2005
fc52d57c6c3e
documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents:
1905
diff
changeset
|
18 """Password handling (encoding, decoding). |
|
406
bdc2ea127ae9
Added module docstrings to all modules.
Jürgen Hermann <jhermann@users.sourceforge.net>
parents:
302
diff
changeset
|
19 """ |
|
2005
fc52d57c6c3e
documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents:
1905
diff
changeset
|
20 __docformat__ = 'restructuredtext' |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
21 |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
22 import re, string, random |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
23 from base64 import b64encode, b64decode |
|
4491
357c6079c73b
python2.4 compatibility fix
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
24 from roundup.anypy.hashlib_ import md5, sha1, shamodule |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
25 try: |
| 1231 | 26 import crypt |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
27 except ImportError: |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
28 crypt = None |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
29 |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
30 _bempty = "" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
31 _bjoin = _bempty.join |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
32 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
33 def getrandbytes(count): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
34 return _bjoin(chr(random.randint(0,255)) for i in xrange(count)) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
35 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
36 #NOTE: PBKDF2 hash is using this variant of base64 to minimize encoding size, |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
37 # and have charset that's compatible w/ unix crypt variants |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
38 def h64encode(data): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
39 """encode using variant of base64""" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
40 return b64encode(data, "./").strip("=\n") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
41 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
42 def h64decode(data): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
43 """decode using variant of base64""" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
44 off = len(data) % 4 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
45 if off == 0: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
46 return b64decode(data, "./") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
47 elif off == 1: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
48 raise ValueError("invalid bas64 input") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
49 elif off == 2: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
50 return b64decode(data + "==", "./") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
51 else: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
52 return b64decode(data + "=", "./") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
53 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
54 try: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
55 from M2Crypto.EVP import pbkdf2 as _pbkdf2 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
56 except ImportError: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
57 #no m2crypto - make our own pbkdf2 function |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
58 from struct import pack |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
59 from hmac import HMAC |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
60 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
61 def xor_bytes(left, right): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
62 "perform bitwise-xor of two byte-strings" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
63 return _bjoin(chr(ord(l) ^ ord(r)) for l, r in zip(left, right)) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
64 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
65 def _pbkdf2(password, salt, rounds, keylen): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
66 digest_size = 20 # sha1 generates 20-byte blocks |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
67 total_blocks = int((keylen+digest_size-1)/digest_size) |
|
4491
357c6079c73b
python2.4 compatibility fix
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
68 hmac_template = HMAC(password, None, shamodule) |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
69 out = _bempty |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
70 for i in xrange(1, total_blocks+1): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
71 hmac = hmac_template.copy() |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
72 hmac.update(salt + pack(">L",i)) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
73 block = tmp = hmac.digest() |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
74 for j in xrange(rounds-1): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
75 hmac = hmac_template.copy() |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
76 hmac.update(tmp) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
77 tmp = hmac.digest() |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
78 #TODO: need to speed up this call |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
79 block = xor_bytes(block, tmp) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
80 out += block |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
81 return out[:keylen] |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
82 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
83 def pbkdf2(password, salt, rounds, keylen): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
84 """pkcs#5 password-based key derivation v2.0 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
85 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
86 :arg password: passphrase to use to generate key (if unicode, converted to utf-8) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
87 :arg salt: salt string to use when generating key (if unicode, converted to utf-8) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
88 :param rounds: number of rounds to use to generate key |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
89 :arg keylen: number of bytes to generate |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
90 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
91 If M2Crypto is present, uses it's implementation as backend. |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
92 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
93 :returns: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
94 raw bytes of generated key |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
95 """ |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
96 if isinstance(password, unicode): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
97 password = password.encode("utf-8") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
98 if isinstance(salt, unicode): |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
99 salt = salt.encode("utf-8") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
100 if keylen > 40: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
101 #NOTE: pbkdf2 allows up to (2**31-1)*20 bytes, |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
102 # but m2crypto has issues on some platforms above 40, |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
103 # and such sizes aren't needed for a password hash anyways... |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
104 raise ValueError, "key length too large" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
105 if rounds < 1: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
106 raise ValueError, "rounds must be positive number" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
107 return _pbkdf2(password, salt, rounds, keylen) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
108 |
|
1905
dc43e339e607
Centralised conversion of user-input data to hyperdb values
Richard Jones <richard@users.sourceforge.net>
parents:
1583
diff
changeset
|
109 class PasswordValueError(ValueError): |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
110 """ The password value is not valid """ |
|
1905
dc43e339e607
Centralised conversion of user-input data to hyperdb values
Richard Jones <richard@users.sourceforge.net>
parents:
1583
diff
changeset
|
111 pass |
|
dc43e339e607
Centralised conversion of user-input data to hyperdb values
Richard Jones <richard@users.sourceforge.net>
parents:
1583
diff
changeset
|
112 |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
113 def pbkdf2_unpack(pbkdf2): |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
114 """ unpack pbkdf2 encrypted password into parts, |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
115 assume it has format "{rounds}${salt}${digest} |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
116 """ |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
117 if isinstance(pbkdf2, unicode): |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
118 pbkdf2 = pbkdf2.encode("ascii") |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
119 try: |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
120 rounds, salt, digest = pbkdf2.split("$") |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
121 except ValueError: |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
122 raise PasswordValueError, "invalid PBKDF2 hash (wrong number of separators)" |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
123 if rounds.startswith("0"): |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
124 raise PasswordValueError, "invalid PBKDF2 hash (zero-padded rounds)" |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
125 try: |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
126 rounds = int(rounds) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
127 except ValueError: |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
128 raise PasswordValueError, "invalid PBKDF2 hash (invalid rounds)" |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
129 raw_salt = h64decode(salt) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
130 return rounds, salt, raw_salt, digest |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
131 |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
132 def encodePassword(plaintext, scheme, other=None, config=None): |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
133 """Encrypt the plaintext password. |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
134 """ |
|
1343
2e557762ee87
fixed handling of missing password [SF#655632]
Richard Jones <richard@users.sourceforge.net>
parents:
1231
diff
changeset
|
135 if plaintext is None: |
|
2e557762ee87
fixed handling of missing password [SF#655632]
Richard Jones <richard@users.sourceforge.net>
parents:
1231
diff
changeset
|
136 plaintext = "" |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
137 if scheme == "PBKDF2": |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
138 if other: |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
139 rounds, salt, raw_salt, digest = pbkdf2_unpack(other) |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
140 else: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
141 raw_salt = getrandbytes(20) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
142 salt = h64encode(raw_salt) |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
143 if config: |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
144 rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
145 else: |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
146 rounds = 10000 |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
147 if rounds < 1000: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
148 raise PasswordValueError, "invalid PBKDF2 hash (rounds too low)" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
149 raw_digest = pbkdf2(plaintext, raw_salt, rounds, 20) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
150 return "%d$%s$%s" % (rounds, salt, h64encode(raw_digest)) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
151 elif scheme == 'SHA': |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
152 s = sha1(plaintext).hexdigest() |
|
2277
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
153 elif scheme == 'MD5': |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
154 s = md5(plaintext).hexdigest() |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
155 elif scheme == 'crypt' and crypt is not None: |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
156 if other is not None: |
|
3434
1f860b50fa5f
encodePassword: don't trim the salt string...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2277
diff
changeset
|
157 salt = other |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
158 else: |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
159 saltchars = './0123456789'+string.letters |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
160 salt = random.choice(saltchars) + random.choice(saltchars) |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
161 s = crypt.crypt(plaintext, salt) |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
162 elif scheme == 'plaintext': |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
163 s = plaintext |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
164 else: |
|
1905
dc43e339e607
Centralised conversion of user-input data to hyperdb values
Richard Jones <richard@users.sourceforge.net>
parents:
1583
diff
changeset
|
165 raise PasswordValueError, 'unknown encryption scheme %r'%scheme |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
166 return s |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
167 |
|
1583
caae7d8934dc
set new email rego user password to random string
Richard Jones <richard@users.sourceforge.net>
parents:
1343
diff
changeset
|
168 def generatePassword(length=8): |
|
caae7d8934dc
set new email rego user password to random string
Richard Jones <richard@users.sourceforge.net>
parents:
1343
diff
changeset
|
169 chars = string.letters+string.digits |
|
caae7d8934dc
set new email rego user password to random string
Richard Jones <richard@users.sourceforge.net>
parents:
1343
diff
changeset
|
170 return ''.join([random.choice(chars) for x in range(length)]) |
|
caae7d8934dc
set new email rego user password to random string
Richard Jones <richard@users.sourceforge.net>
parents:
1343
diff
changeset
|
171 |
|
4483
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
172 class JournalPassword: |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
173 """ Password dummy instance intended for journal operation. |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
174 We do not store passwords in the journal any longer. The dummy |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
175 version only reads the encryption scheme from the given |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
176 encrypted password. |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
177 """ |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
178 default_scheme = 'PBKDF2' # new encryptions use this scheme |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
179 pwre = re.compile(r'{(\w+)}(.+)') |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
180 |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
181 def __init__ (self, encrypted=''): |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
182 if isinstance(encrypted, self.__class__): |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
183 self.scheme = encrypted.scheme or self.default_scheme |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
184 else: |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
185 m = self.pwre.match(encrypted) |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
186 if m: |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
187 self.scheme = m.group(1) |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
188 else: |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
189 self.scheme = self.default_scheme |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
190 self.password = '' |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
191 |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
192 def dummystr(self): |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
193 """ return dummy string to store in journal |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
194 - reports scheme, but nothing else |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
195 """ |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
196 return "{%s}*encrypted*" % (self.scheme,) |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
197 |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
198 __str__ = dummystr |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
199 |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
200 def __cmp__(self, other): |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
201 """Compare this password against another password.""" |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
202 # check to see if we're comparing instances |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
203 if isinstance(other, self.__class__): |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
204 if self.scheme != other.scheme: |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
205 return cmp(self.scheme, other.scheme) |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
206 return cmp(self.password, other.password) |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
207 |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
208 # assume password is plaintext |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
209 if self.password is None: |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
210 raise ValueError, 'Password not set' |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
211 return cmp(self.password, encodePassword(other, self.scheme, |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
212 self.password or None)) |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
213 |
|
22bc0426e348
Second patch from issue2550688 -- with some changes:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4480
diff
changeset
|
214 class Password(JournalPassword): |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
215 """The class encapsulates a Password property type value in the database. |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
216 |
|
2277
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
217 The encoding of the password is one if None, 'SHA', 'MD5' or 'plaintext'. |
|
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
218 The encodePassword function is used to actually encode the password from |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
219 plaintext. The None encoding is used in legacy databases where no |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
220 encoding scheme is identified. |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
221 |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
222 The scheme is stored with the encoded data in the database: |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
223 {scheme}data |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
224 |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
225 Example usage: |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
226 >>> p = Password('sekrit') |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
227 >>> p == 'sekrit' |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
228 1 |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
229 >>> p != 'not sekrit' |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
230 1 |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
231 >>> 'sekrit' == p |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
232 1 |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
233 >>> 'not sekrit' != p |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
234 1 |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
235 """ |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
236 #TODO: code to migrate from old password schemes. |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
237 |
|
4485
95aace124a8e
use idea from Eli Collins to use a list of deprecated password encoding schemes
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
238 deprecated_schemes = ["SHA", "MD5", "crypt", "plaintext"] |
|
95aace124a8e
use idea from Eli Collins to use a list of deprecated password encoding schemes
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
239 known_schemes = ["PBKDF2"] + deprecated_schemes |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
240 |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
241 def __init__(self, plaintext=None, scheme=None, encrypted=None, strict=False, config=None): |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
242 """Call setPassword if plaintext is not None.""" |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
243 if scheme is None: |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
244 scheme = self.default_scheme |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
245 if plaintext is not None: |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
246 self.setPassword (plaintext, scheme, config=config) |
|
2098
18addf2a8596
Implemented proper datatypes in mysql and postgresql backends...
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
247 elif encrypted is not None: |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
248 self.unpack(encrypted, scheme, strict=strict, config=config) |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
249 else: |
|
3439
822a2719b81b
keep plaintext password in Password object property (rfe [SF#1379447])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3434
diff
changeset
|
250 self.scheme = self.default_scheme |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
251 self.password = None |
|
3439
822a2719b81b
keep plaintext password in Password object property (rfe [SF#1379447])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3434
diff
changeset
|
252 self.plaintext = None |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
253 |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
254 def needs_migration(self): |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
255 """ Password has insecure scheme or other insecure parameters |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
256 and needs migration to new password scheme |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
257 """ |
|
4485
95aace124a8e
use idea from Eli Collins to use a list of deprecated password encoding schemes
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
258 if self.scheme in self.deprecated_schemes: |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
259 return True |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
260 rounds, salt, raw_salt, digest = pbkdf2_unpack(self.password) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
261 if rounds < 1000: |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
262 return True |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
263 return False |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4483
diff
changeset
|
264 |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
265 def unpack(self, encrypted, scheme=None, strict=False, config=None): |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
266 """Set the password info from the scheme:<encryted info> string |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
267 (the inverse of __str__) |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
268 """ |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
269 m = self.pwre.match(encrypted) |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
270 if m: |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
271 self.scheme = m.group(1) |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
272 self.password = m.group(2) |
|
3439
822a2719b81b
keep plaintext password in Password object property (rfe [SF#1379447])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3434
diff
changeset
|
273 self.plaintext = None |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
274 else: |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
275 # currently plaintext - encrypt |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
276 self.setPassword(encrypted, scheme, config=config) |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
277 if strict and self.scheme not in self.known_schemes: |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
278 raise PasswordValueError, "unknown encryption scheme: %r" % (self.scheme,) |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
279 |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
280 def setPassword(self, plaintext, scheme=None, config=None): |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
281 """Sets encrypts plaintext.""" |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
282 if scheme is None: |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
283 scheme = self.default_scheme |
|
3439
822a2719b81b
keep plaintext password in Password object property (rfe [SF#1379447])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3434
diff
changeset
|
284 self.scheme = scheme |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
285 self.password = encodePassword(plaintext, scheme, config=config) |
|
3439
822a2719b81b
keep plaintext password in Password object property (rfe [SF#1379447])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3434
diff
changeset
|
286 self.plaintext = plaintext |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
287 |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
288 def __str__(self): |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
3439
diff
changeset
|
289 """Stringify the encrypted password for database storage.""" |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
290 if self.password is None: |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
291 raise ValueError, 'Password not set' |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
292 return '{%s}%s'%(self.scheme, self.password) |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
293 |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
294 def test(): |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
295 # SHA |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
296 p = Password('sekrit') |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
297 assert p == 'sekrit' |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
298 assert p != 'not sekrit' |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
299 assert 'sekrit' == p |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
300 assert 'not sekrit' != p |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
301 |
|
2277
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
302 # MD5 |
|
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
303 p = Password('sekrit', 'MD5') |
|
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
304 assert p == 'sekrit' |
|
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
305 assert p != 'not sekrit' |
|
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
306 assert 'sekrit' == p |
|
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
307 assert 'not sekrit' != p |
|
c9e52addda42
added MD5 scheme for password hiding
Richard Jones <richard@users.sourceforge.net>
parents:
2098
diff
changeset
|
308 |
|
1229
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
309 # crypt |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
310 p = Password('sekrit', 'crypt') |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
311 assert p == 'sekrit' |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
312 assert p != 'not sekrit' |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
313 assert 'sekrit' == p |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
314 assert 'not sekrit' != p |
|
5c581b120738
added "crypt" password encoding...
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
315 |
|
4480
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
316 # PBKDF2 - low level function |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
317 from binascii import unhexlify |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
318 k = pbkdf2("password", "ATHENA.MIT.EDUraeburn", 1200, 32) |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
319 assert k == unhexlify("5c08eb61fdf71e4e4ec3cf6ba1f5512ba7e52ddbc5e5142f708a31e2e62b1e13") |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
320 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
321 # PBKDF2 - hash function |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
322 h = "5000$7BvbBq.EZzz/O0HuwX3iP.nAG3s$g3oPnFFaga2BJaX5PoPRljl4XIE" |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
323 assert encodePassword("sekrit", "PBKDF2", h) == h |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
324 |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
325 # PBKDF2 - high level integration |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
326 p = Password('sekrit', 'PBKDF2') |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
327 assert p == 'sekrit' |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
328 assert p != 'not sekrit' |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
329 assert 'sekrit' == p |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
330 assert 'not sekrit' != p |
|
1613754d2646
Fix first part of Password handling security issue2550688
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4089
diff
changeset
|
331 |
|
270
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
332 if __name__ == '__main__': |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
333 test() |
|
a4241ddd22d7
Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
334 |
|
3434
1f860b50fa5f
encodePassword: don't trim the salt string...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2277
diff
changeset
|
335 # vim: set filetype=python sts=4 sw=4 et si : |