cubicweb: md5crypt.py@59ec0aaae08b (annotated)

0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	1	# md5crypt.py
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	2	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	3	# 0423.2000 by michal wallace http://www.sabren.com/
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	4	# based on perl's Crypt::PasswdMD5 by Luis Munoz (lem@cantv.net)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	5	# based on /usr/src/libcrypt/crypt.c from FreeBSD 2.2.5-RELEASE
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	6	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	7	# MANY THANKS TO
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	8	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	9	# Carey Evans - http://home.clear.net.nz/pages/c.evans/
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	10	# Dennis Marti - http://users.starpower.net/marti1/
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	11	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	12	# For the patches that got this thing working!
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	13	#
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	14	# modification by logilab:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	15	# * remove usage of the string module
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	16	# * don't include the magic string in the output string
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	17	# for true crypt.crypt compatibility
5771 c077df1d0333 [md5script] cleanup Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5770 diff changeset	18	# * use hashlib module instead of md5
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	19	#########################################################
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	20	"""md5crypt.py - Provides interoperable MD5-based crypt() function
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	21
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	22	SYNOPSIS
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	23
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	24	import md5crypt.py
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	25
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	26	cryptedpassword = md5crypt.md5crypt(password, salt);
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	27
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	28	DESCRIPTION
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	29
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	30	unix_md5_crypt() provides a crypt()-compatible interface to the
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	31	rather new MD5-based crypt() function found in modern operating systems.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	32	It's based on the implementation found on FreeBSD 2.2.[56]-RELEASE and
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	33	contains the following license in it:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	34
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	35	"THE BEER-WARE LICENSE" (Revision 42):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	36	<phk@login.dknet.dk> wrote this file. As long as you retain this notice you
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	37	can do whatever you want with this stuff. If we meet some day, and you think
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	38	this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	39	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	40
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	41	MAGIC = '$1$' # Magic string
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	42	ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	43
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	44	from hashlib import md5 # pylint: disable=E0611
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	45
10609 e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	46	from six.moves import range
e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	47
e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	48
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	49	def to64 (v, n):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	50	ret = ''
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	51	while (n - 1 >= 0):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	52	n = n - 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	53	ret = ret + ITOA64[v & 0x3f]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	54	v = v >> 6
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	55	return ret
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	56
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	57	def crypt(pw, salt):
3149 c6a85fafb155 note about licence, fix copyright, fix case of unicode argument Aurelien Campeas parents: 2172 diff changeset	58	if isinstance(pw, unicode):
c6a85fafb155 note about licence, fix copyright, fix case of unicode argument Aurelien Campeas parents: 2172 diff changeset	59	pw = pw.encode('utf-8')
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	60	# Take care of the magic string if present
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	61	if salt.startswith(MAGIC):
9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	62	salt = salt[len(MAGIC):]
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	63	# salt can have up to 8 characters:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	64	salt = salt.split('$', 1)[0]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	65	salt = salt[:8]
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	66	ctx = pw + MAGIC + salt
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	67	final = md5(pw + salt + pw).digest()
10609 e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	68	for pl in range(len(pw), 0, -16):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	69	if pl > 16:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	70	ctx = ctx + final[:16]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	71	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	72	ctx = ctx + final[:pl]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	73	# Now the 'weird' xform (??)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	74	i = len(pw)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	75	while i:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	76	if i & 1:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	77	ctx = ctx + chr(0) #if ($i & 1) { $ctx->add(pack("C", 0)); }
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	78	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	79	ctx = ctx + pw[0]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	80	i = i >> 1
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	81	final = md5(ctx).digest()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	82	# The following is supposed to make
2172 cf8f9180e63e delete-trailing-whitespace Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 1977 diff changeset	83	# things run slower.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	84	# my question: WTF???
10609 e2d8e81bfe68 [py3k] import range using six.moves Rémi Cardona <remi.cardona@logilab.fr> parents: 8317 diff changeset	85	for i in range(1000):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	86	ctx1 = ''
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	87	if i & 1:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	88	ctx1 = ctx1 + pw
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	89	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	90	ctx1 = ctx1 + final[:16]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	91	if i % 3:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	92	ctx1 = ctx1 + salt
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	93	if i % 7:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	94	ctx1 = ctx1 + pw
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	95	if i & 1:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	96	ctx1 = ctx1 + final[:16]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	97	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	98	ctx1 = ctx1 + pw
7879 9aae456abab5 [pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5771 diff changeset	99	final = md5(ctx1).digest()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	100	# Final xform
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	101	passwd = ''
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	102	passwd = passwd + to64((int(ord(final[0])) << 16)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	103	\|(int(ord(final[6])) << 8)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	104	\|(int(ord(final[12]))),4)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	105	passwd = passwd + to64((int(ord(final[1])) << 16)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	106	\|(int(ord(final[7])) << 8)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	107	\|(int(ord(final[13]))), 4)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	108	passwd = passwd + to64((int(ord(final[2])) << 16)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	109	\|(int(ord(final[8])) << 8)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	110	\|(int(ord(final[14]))), 4)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	111	passwd = passwd + to64((int(ord(final[3])) << 16)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	112	\|(int(ord(final[9])) << 8)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	113	\|(int(ord(final[15]))), 4)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	114	passwd = passwd + to64((int(ord(final[4])) << 16)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	115	\|(int(ord(final[10])) << 8)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	116	\|(int(ord(final[5]))), 4)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	117	passwd = passwd + to64((int(ord(final[11]))), 2)
8317 9c59258e7798 [security] use a stronger encryption algorythm for password, keeping bw compat Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7879 diff changeset	118	return passwd

author	Rémi Cardona <remi.cardona@logilab.fr>
	Tue, 15 Sep 2015 17:28:05 +0200
changeset 10677	59ec0aaae08b
parent 10609	e2d8e81bfe68
child 10775	4b3c1069bd4e
permissions	-rw-r--r--