pollutri
/
res_levis_API
1
0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 分支
203 MiB
 
 
 
 
目錄樹: 5404e09047
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from '5404e09047'
${ noResults }
res_levis_API/venv/lib/python3.10/site-packages/passlib/handlers/phpass.py

136 line
4.7 KiB
原始文件 Blame 文件歷史 

  1. """passlib.handlers.phpass - PHPass Portable Crypt

  2. 

  3. phppass located - http://www.openwall.com/phpass/

  4. algorithm described - http://www.openwall.com/articles/PHP-Users-Passwords

  5. 

  6. phpass context - blowfish, bsdi_crypt, phpass

  7. """

  8. #=============================================================================

  9. # imports

  10. #=============================================================================

  11. # core

  12. from hashlib import md5

  13. import logging; log = logging.getLogger(__name__)

  14. # site

  15. # pkg

  16. from passlib.utils.binary import h64

  17. from passlib.utils.compat import u, uascii_to_str, unicode

  18. import passlib.utils.handlers as uh

  19. # local

  20. __all__ = [

  21.     "phpass",

  22. ]

  23. 

  24. #=============================================================================

  25. # phpass

  26. #=============================================================================

  27. class phpass(uh.HasManyIdents, uh.HasRounds, uh.HasSalt, uh.GenericHandler):

  28.     """This class implements the PHPass Portable Hash, and follows the :ref:`password-hash-api`.

  29. 

  30.     It supports a fixed-length salt, and a variable number of rounds.

  31. 

  32.     The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:

  33. 

  34.     :type salt: str

  35.     :param salt:

  36.         Optional salt string.

  37.         If not specified, one will be autogenerated (this is recommended).

  38.         If specified, it must be 8 characters, drawn from the regexp range ``[./0-9A-Za-z]``.

  39. 

  40.     :type rounds: int

  41.     :param rounds:

  42.         Optional number of rounds to use.

  43.         Defaults to 19, must be between 7 and 30, inclusive.

  44.         This value is logarithmic, the actual number of iterations used will be :samp:`2**{rounds}`.

  45. 

  46.     :type ident: str

  47.     :param ident:

  48.         phpBB3 uses ``H`` instead of ``P`` for its identifier,

  49.         this may be set to ``H`` in order to generate phpBB3 compatible hashes.

  50.         it defaults to ``P``.

  51. 

  52.     :type relaxed: bool

  53.     :param relaxed:

  54.         By default, providing an invalid value for one of the other

  55.         keywords will result in a :exc:`ValueError`. If ``relaxed=True``,

  56.         and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`

  57.         will be issued instead. Correctable errors include ``rounds``

  58.         that are too small or too large, and ``salt`` strings that are too long.

  59. 

  60.         .. versionadded:: 1.6

  61.     """

  62. 

  63.     #===================================================================

  64.     # class attrs

  65.     #===================================================================

  66.     #--GenericHandler--

  67.     name = "phpass"

  68.     setting_kwds = ("salt", "rounds", "ident")

  69.     checksum_chars = uh.HASH64_CHARS

  70. 

  71.     #--HasSalt--

  72.     min_salt_size = max_salt_size = 8

  73.     salt_chars = uh.HASH64_CHARS

  74. 

  75.     #--HasRounds--

  76.     default_rounds = 19

  77.     min_rounds = 7

  78.     max_rounds = 30

  79.     rounds_cost = "log2"

  80. 

  81.     #--HasManyIdents--

  82.     default_ident = u("$P$")

  83.     ident_values = (u("$P$"), u("$H$"))

  84.     ident_aliases = {u("P"):u("$P$"), u("H"):u("$H$")}

  85. 

  86.     #===================================================================

  87.     # formatting

  88.     #===================================================================

  89. 

  90.     #$P$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0

  91.     # $P$

  92.     # 9

  93.     # IQRaTwmf

  94.     # eRo7ud9Fh4E2PdI0S3r.L0

  95. 

  96.     @classmethod

  97.     def from_string(cls, hash):

  98.         ident, data = cls._parse_ident(hash)

  99.         rounds, salt, chk = data[0], data[1:9], data[9:]

  100.         return cls(

  101.             ident=ident,

  102.             rounds=h64.decode_int6(rounds.encode("ascii")),

  103.             salt=salt,

  104.             checksum=chk or None,

  105.         )

  106. 

  107.     def to_string(self):

  108.         hash = u("%s%s%s%s") % (self.ident,

  109.                               h64.encode_int6(self.rounds).decode("ascii"),

  110.                               self.salt,

  111.                               self.checksum or u(''))

  112.         return uascii_to_str(hash)

  113. 

  114.     #===================================================================

  115.     # backend

  116.     #===================================================================

  117.     def _calc_checksum(self, secret):

  118.         # FIXME: can't find definitive policy on how phpass handles non-ascii.

  119.         if isinstance(secret, unicode):

  120.             secret = secret.encode("utf-8")

  121.         real_rounds = 1<<self.rounds

  122.         result = md5(self.salt.encode("ascii") + secret).digest()

  123.         r = 0

  124.         while r < real_rounds:

  125.             result = md5(result + secret).digest()

  126.             r += 1

  127.         return h64.encode_bytes(result).decode("ascii")

  128. 

  129.     #===================================================================

  130.     # eoc

  131.     #===================================================================

  132. 

  133. #=============================================================================

  134. # eof

  135. #=============================================================================