cubicweb: cubicweb/md5crypt.py@018b6445aef1 (annotated)

0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	1	# md5crypt.py
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	2	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	3	# 0423.2000 by michal wallace http://www.sabren.com/
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	4	# based on perl's Crypt::PasswdMD5 by Luis Munoz (lem@cantv.net)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	5	# based on /usr/src/libcrypt/crypt.c from FreeBSD 2.2.5-RELEASE
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	6	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	7	# MANY THANKS TO
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	8	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	9	# Carey Evans - http://home.clear.net.nz/pages/c.evans/
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	10	# Dennis Marti - http://users.starpower.net/marti1/
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	11	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	12	# For the patches that got this thing working!
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	13	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	14	# modification by logilab:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	15	# * remove usage of the string module
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	16	# * don't include the magic string in the output string
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	17	# for true crypt.crypt compatibility
5771 c077df1d0333 [md5script] cleanup Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5770 diff changeset	18	# * use hashlib module instead of md5
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	19	#########################################################
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	20	"""md5crypt.py - Provides interoperable MD5-based crypt() function
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	21
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	22	SYNOPSIS
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	23
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	24	import md5crypt.py
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	25
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	26	cryptedpassword = md5crypt.md5crypt(password, salt);
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	27
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	28	DESCRIPTION
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	29
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	30	unix_md5_crypt() provides a crypt()-compatible interface to the
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	31	rather new MD5-based crypt() function found in modern operating systems.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	32	It's based on the implementation found on FreeBSD 2.2.[56]-RELEASE and
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	33	contains the following license in it:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	34
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	35	"THE BEER-WARE LICENSE" (Revision 42):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	36	<phk@login.dknet.dk> wrote this file. As long as you retain this notice you
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	37	can do whatever you want with this stuff. If we meet some day, and you think
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	38	this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	39	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	40
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	41	MAGIC = b'$1$' # Magic string
4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	42	ITOA64 = b"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	43
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	44	from hashlib import md5 # pylint: disable=E0611
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	45
10609 e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	46
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	47	def to64 (v, n):
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	48	ret = bytearray()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	49	while (n - 1 >= 0):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	50	n = n - 1
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	51	ret.append(ITOA64[v & 0x3f])
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	52	v = v >> 6
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	53	return ret
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	54
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	55	def crypt(pw, salt):
12567 26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	56	if isinstance(pw, str):
3149 c6a85fafb155 note about licence, fix copyright, fix case of unicode argument Aurelien Campeas parents: 2172 diff changeset	57	pw = pw.encode('utf-8')
12567 26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	58	if isinstance(salt, str):
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	59	salt = salt.encode('ascii')
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	60	# Take care of the magic string if present
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	61	if salt.startswith(MAGIC):
9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	62	salt = salt[len(MAGIC):]
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	63	# salt can have up to 8 characters:
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	64	salt = salt.split(b'$', 1)[0]
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	65	salt = salt[:8]
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	66	ctx = pw + MAGIC + salt
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	67	final = md5(pw + salt + pw).digest()
10609 e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	68	for pl in range(len(pw), 0, -16):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	69	if pl > 16:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	70	ctx = ctx + final[:16]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	71	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	72	ctx = ctx + final[:pl]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	73	# Now the 'weird' xform (??)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	74	i = len(pw)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	75	while i:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	76	if i & 1:
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	77	ctx = ctx + b'\0' #if ($i & 1) { $ctx->add(pack("C", 0)); }
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	78	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	79	ctx = ctx + pw[0]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	80	i = i >> 1
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	81	final = md5(ctx).digest()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	82	# The following is supposed to make
2172 cf8f9180e63e delete-trailing-whitespace Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 1977 diff changeset	83	# things run slower.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	84	# my question: WTF???
10609 e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	85	for i in range(1000):
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	86	ctx1 = b''
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	87	if i & 1:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	88	ctx1 = ctx1 + pw
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	89	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	90	ctx1 = ctx1 + final[:16]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	91	if i % 3:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	92	ctx1 = ctx1 + salt
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	93	if i % 7:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	94	ctx1 = ctx1 + pw
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	95	if i & 1:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	96	ctx1 = ctx1 + final[:16]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	97	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	98	ctx1 = ctx1 + pw
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	99	final = md5(ctx1).digest()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	100	# Final xform
10775 4b3c1069bd4e Fix md5crypt and crypt_password test for python3 Julien Cristau <julien.cristau@logilab.fr> parents: 10609 diff changeset	101	passwd = b''
12567 26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	102	passwd += to64((final[0] << 16)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	103	\|(final[6] << 8)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	104	\|(final[12]),4)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	105	passwd += to64((final[1] << 16)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	106	\|(final[7] << 8)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	107	\|(final[13]), 4)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	108	passwd += to64((final[2] << 16)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	109	\|(final[8] << 8)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	110	\|(final[14]), 4)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	111	passwd += to64((final[3] << 16)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	112	\|(final[9] << 8)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	113	\|(final[15]), 4)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	114	passwd += to64((final[4] << 16)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	115	\|(final[10] << 8)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	116	\|(final[5]), 4)
26744ad37953 Drop python2 support Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	117	passwd += to64((final[11]), 2)
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	118	return passwd

author	Philippe Pepiot <philippe.pepiot@logilab.fr>
	Wed, 18 Mar 2020 13:18:21 +0100
branch	3.27
changeset 12920	018b6445aef1
parent 12567	26744ad37953
permissions	-rw-r--r--