Mercurial > p > roundup > code

comparison roundup/password.py @ 6146:01e9634b81a4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fixed string encoding of SSHA encoded passwords in Python 3
author Christof Meerwald <cmeerw@cmeerw.org>
date Sun, 12 Apr 2020 21:02:57 +0100
parents e27a240430b8
children 120b0bb05b6e
comparison
equal deleted inserted replaced
6145:8ea924f8d9d0 6146:01e9634b81a4
112 Based on code of Roberto Aguilar <roberto@baremetal.io> 112 Based on code of Roberto Aguilar <roberto@baremetal.io>
113 https://gist.github.com/rca/7217540 113 https://gist.github.com/rca/7217540
114 ''' 114 '''
115 shaval = sha1(password) # nosec 115 shaval = sha1(password) # nosec
116 shaval.update(salt) 116 shaval.update(salt)
117 ssha_digest = b64encode(shaval.digest() + salt).strip() 117 ssha_digest = b2s(b64encode(shaval.digest() + salt).strip())
118 return ssha_digest 118 return ssha_digest
119 119
120 120
121 def pbkdf2(password, salt, rounds, keylen): 121 def pbkdf2(password, salt, rounds, keylen):
122 """pkcs#5 password-based key derivation v2.0 122 """pkcs#5 password-based key derivation v2.0
357 357
358 358
359 def test(): 359 def test():
360 # SHA 360 # SHA
361 p = Password('sekrit') 361 p = Password('sekrit')
362 assert Password(encrypted=str(p)) == 'sekrit'
363 assert 'sekrit' == Password(encrypted=str(p))
362 assert p == 'sekrit' 364 assert p == 'sekrit'
363 assert p != 'not sekrit' 365 assert p != 'not sekrit'
364 assert 'sekrit' == p 366 assert 'sekrit' == p
365 assert 'not sekrit' != p 367 assert 'not sekrit' != p
366 368
367 # MD5 369 # MD5
368 p = Password('sekrit', 'MD5') 370 p = Password('sekrit', 'MD5')
371 assert Password(encrypted=str(p)) == 'sekrit'
372 assert 'sekrit' == Password(encrypted=str(p))
369 assert p == 'sekrit' 373 assert p == 'sekrit'
370 assert p != 'not sekrit' 374 assert p != 'not sekrit'
371 assert 'sekrit' == p 375 assert 'sekrit' == p
372 assert 'not sekrit' != p 376 assert 'not sekrit' != p
373 377
374 # crypt 378 # crypt
375 if crypt: # not available on Windows 379 if crypt: # not available on Windows
376 p = Password('sekrit', 'crypt') 380 p = Password('sekrit', 'crypt')
381 assert Password(encrypted=str(p)) == 'sekrit'
382 assert 'sekrit' == Password(encrypted=str(p))
377 assert p == 'sekrit' 383 assert p == 'sekrit'
378 assert p != 'not sekrit' 384 assert p != 'not sekrit'
379 assert 'sekrit' == p 385 assert 'sekrit' == p
380 assert 'not sekrit' != p 386 assert 'not sekrit' != p
381 387
382 # SSHA 388 # SSHA
383 p = Password('sekrit', 'SSHA') 389 p = Password('sekrit', 'SSHA')
390 assert Password(encrypted=str(p)) == 'sekrit'
391 assert 'sekrit' == Password(encrypted=str(p))
384 assert p == 'sekrit' 392 assert p == 'sekrit'
385 assert p != 'not sekrit' 393 assert p != 'not sekrit'
386 assert 'sekrit' == p 394 assert 'sekrit' == p
387 assert 'not sekrit' != p 395 assert 'not sekrit' != p
388 396
395 h = "5000$7BvbBq.EZzz/O0HuwX3iP.nAG3s$g3oPnFFaga2BJaX5PoPRljl4XIE" 403 h = "5000$7BvbBq.EZzz/O0HuwX3iP.nAG3s$g3oPnFFaga2BJaX5PoPRljl4XIE"
396 assert encodePassword("sekrit", "PBKDF2", h) == h 404 assert encodePassword("sekrit", "PBKDF2", h) == h
397 405
398 # PBKDF2 - high level integration 406 # PBKDF2 - high level integration
399 p = Password('sekrit', 'PBKDF2') 407 p = Password('sekrit', 'PBKDF2')
408 assert Password(encrypted=str(p)) == 'sekrit'
409 assert 'sekrit' == Password(encrypted=str(p))
400 assert p == 'sekrit' 410 assert p == 'sekrit'
401 assert p != 'not sekrit' 411 assert p != 'not sekrit'
402 assert 'sekrit' == p 412 assert 'sekrit' == p
403 assert 'not sekrit' != p 413 assert 'not sekrit' != p
404 414
Roundup Issue Tracker: http://roundup-tracker.org/