Mercurial > p > roundup > code

comparison roundup/password.py @ 7228:07ce4e4110f5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
flake8 fixes: whitespace, remove unused imports
author John Rouillard <rouilj@ieee.org>
date Sat, 18 Mar 2023 14:16:31 -0400
parents 4d83f9f751ff
children 594b562ca99c
comparison
equal deleted inserted replaced
7227:1e004afe87bb 7228:07ce4e4110f5
41 crypt = None 41 crypt = None
42 42
43 _bempty = b"" 43 _bempty = b""
44 _bjoin = _bempty.join 44 _bjoin = _bempty.join
45 45
46
46 class ConfigNotSet(RoundupException): 47 class ConfigNotSet(RoundupException):
47 pass 48 pass
49
48 50
49 def bchr(c): 51 def bchr(c):
50 if bytes == str: 52 if bytes == str:
51 # Python 2. 53 # Python 2.
52 return chr(c) 54 return chr(c)
125 tmp = hmac.digest() 127 tmp = hmac.digest()
126 # TODO: need to speed up this call 128 # TODO: need to speed up this call
127 block = xor_bytes(block, tmp) 129 block = xor_bytes(block, tmp)
128 out += block 130 out += block
129 return out[:keylen] 131 return out[:keylen]
130 132
131 def _pbkdf2_sha512(password, salt, rounds, keylen): 133 def _pbkdf2_sha512(password, salt, rounds, keylen):
132 return _pbkdf2(password, salt, rounds, keylen, sha=sha512) 134 return _pbkdf2(password, salt, rounds, keylen, sha=sha512)
133 135
134 136
135 def ssha(password, salt): 137 def ssha(password, salt):
136 ''' Make ssha digest from password and salt. 138 ''' Make ssha digest from password and salt.
137 Based on code of Roberto Aguilar <roberto@baremetal.io> 139 Based on code of Roberto Aguilar <roberto@baremetal.io>
169 # and such sizes aren't needed for a password hash anyways... 171 # and such sizes aren't needed for a password hash anyways...
170 raise ValueError("key length too large") 172 raise ValueError("key length too large")
171 if rounds < 1: 173 if rounds < 1:
172 raise ValueError("rounds must be positive number") 174 raise ValueError("rounds must be positive number")
173 return _pbkdf2_sha512(password, salt, rounds, keylen) 175 return _pbkdf2_sha512(password, salt, rounds, keylen)
176
174 177
175 def pbkdf2(password, salt, rounds, keylen): 178 def pbkdf2(password, salt, rounds, keylen):
176 """pkcs#5 password-based key derivation v2.0 179 """pkcs#5 password-based key derivation v2.0
177 180
178 :arg password: passphrase to use to generate key (if unicode, 181 :arg password: passphrase to use to generate key (if unicode,
235 salt = h64encode(raw_salt) 238 salt = h64encode(raw_salt)
236 if config: 239 if config:
237 rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS 240 rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS
238 241
239 # if we are testing 242 # if we are testing
240 if ("pytest" in sys.modules and 243 if ("pytest" in sys.modules and
241 "PYTEST_CURRENT_TEST" in os.environ): 244 "PYTEST_CURRENT_TEST" in os.environ):
242 if ("PYTEST_USE_CONFIG" in os.environ): 245 if ("PYTEST_USE_CONFIG" in os.environ):
243 rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS 246 rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS
244 else: 247 else:
245 # Use 1000 rounds unless the test signals it 248 # Use 1000 rounds unless the test signals it
263 rounds = 2000000 266 rounds = 2000000
264 logger = logging.getLogger('roundup') 267 logger = logging.getLogger('roundup')
265 if sys.version_info[0] > 2: 268 if sys.version_info[0] > 2:
266 logger.critical( 269 logger.critical(
267 "encodePassword called without config.", 270 "encodePassword called without config.",
268 stack_info = True) 271 stack_info=True)
269 else: 272 else:
270 import inspect, traceback 273 import inspect, traceback
271 where = inspect.currentframe() 274 where = inspect.currentframe()
272 trace = traceback.format_stack(where) 275 trace = traceback.format_stack(where)
273 logger.critical( 276 logger.critical(
Roundup Issue Tracker: http://roundup-tracker.org/