Mercurial > p > roundup > code

comparison roundup/password.py @ 5454:fbbcbfc6dad0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix encoding for hash functions
author Christof Meerwald <cmeerw@cmeerw.org>
date Mon, 23 Jul 2018 21:40:31 +0100
parents 1f1899658115
children 3d0f71775e42
comparison
equal deleted inserted replaced
5453:2b4f606d8e72 5454:fbbcbfc6dad0
106 Based on code of Roberto Aguilar <roberto@baremetal.io> 106 Based on code of Roberto Aguilar <roberto@baremetal.io>
107 https://gist.github.com/rca/7217540 107 https://gist.github.com/rca/7217540
108 ''' 108 '''
109 shaval = sha1(password) 109 shaval = sha1(password)
110 shaval.update( salt ) 110 shaval.update( salt )
111 ssha_digest = b64encode( '{}{}'.format(shaval.digest(), salt) ).strip() 111 ssha_digest = b64encode( shaval.digest() + salt ).strip()
112 return ssha_digest 112 return ssha_digest
113 113
114 def pbkdf2(password, salt, rounds, keylen): 114 def pbkdf2(password, salt, rounds, keylen):
115 """pkcs#5 password-based key derivation v2.0 115 """pkcs#5 password-based key derivation v2.0
116 116
182 else: 182 else:
183 #new password 183 #new password
184 # variable salt length 184 # variable salt length
185 salt_len = random.randrange(36, 52) 185 salt_len = random.randrange(36, 52)
186 salt = os.urandom(salt_len) 186 salt = os.urandom(salt_len)
187 s = ssha(plaintext, salt) 187 s = ssha(s2b(plaintext), salt)
188 elif scheme == 'SHA': 188 elif scheme == 'SHA':
189 s = sha1(plaintext).hexdigest() 189 s = sha1(s2b(plaintext)).hexdigest()
190 elif scheme == 'MD5': 190 elif scheme == 'MD5':
191 s = md5(plaintext).hexdigest() 191 s = md5(s2b(plaintext)).hexdigest()
192 elif scheme == 'crypt' and crypt is not None: 192 elif scheme == 'crypt' and crypt is not None:
193 if other is not None: 193 if other is not None:
194 salt = other 194 salt = other
195 else: 195 else:
196 saltchars = './0123456789'+string.ascii_letters 196 saltchars = './0123456789'+string.ascii_letters
Roundup Issue Tracker: http://roundup-tracker.org/