| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
backends;
and some related helper methods.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* tests now filter out some passlib deprecation warnings
* bugfix: @doesnt_require_backend() decorator (rev XXX) now silences
MissingBackendError exceptions thrown during HandlerCase.setUp()
* simplified some monkeypatching within test_registry
|
| | |
| |
| |
| | |
also cleaned up comments
|
| | |
| |
| |
| |
| | |
mainly a few minor test changes that were missed in prior commits
(rev 7273b2ca68f3, 2bf6312ecd77)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
on FIPS systems (issue 116).
* lookup_hash():
- moved all hash consturctor error checks / handling into HashInfo object,
which simplifies lookup_hash() internals
- [minor] added "required" kwd, inverse of the now-deprecated "return_unknown" kwd
- [minor] now caches unknown/unsupported HashInfo records.
* HashInfo:
- now catches ValueErrors thrown by hash constructor,
and special-cased detection of "disabled for fips" errors.
- stub instances now have constructor that throws UnknownHashError,
instead of being None. calling code should detect stub instances via
the new "not info.supported" instead of testing for "info.const is None".
* create_hex_digest() now defaults to creating handlers w/ mock hash func
when it's not present (e.g. due to FIPS). this should let them be imported;
and defer the errors until they're actually used.
* added _set_mock_fips_mode() and some helps to make lookup_hash()
fake a FIPS mode system (per traceback provided in issue comments).
used this to make some preliminary UTs for the digest & hasher changes above.
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
crypt support may be present in libxcrypt
Author: Björn Esser <besser82@fedoraproject.org>
Date: Wed Mar 13 10:02:43 2019 +0100
https://src.fedoraproject.org/rpms/python-passlib/c/29e9641462291e812d7eb50d402e1b3a74c7a95e
|
| | |
| |
| |
| |
| |
| |
| | |
realized can do this now that we're requiring python3 >= 3.3.
had to keep u() helper around for u(r"") instances, since py3 doesn't have ur"".
but switched it to use ascii decoding for py2, to make sure things are clean.
|
| |\ \
| |/ |
|
| | | |
|
| |/
|
|
|
|
|
|
|
| |
scheduled
for removal in v1.8.
this removes CryptPolicy, unix_fallback, some old HtpasswdFile methods,
and more. tests were updated as well. see history/1.8 for a complete list.
|
| | |
|
| |
|
|
|
|
|
| |
* added django_argon2 wrapper & docs
* added method for PrefixWrapper to generically preserve custom attrs when
creating variants, so .django_name attr is persisted across .using() calls.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
in reproducible manner.
* added TestCase.getRandom() helper, which creates RNG initialized
from ${RANDOM_TEST_SEED} or ${PYTHONHASHSEED} when possible,
and logs the seed so that exact test can be reproduced in future.
* replaced all test references to 'passlib.utils.rng' or other random source
with TestCase().getRandom() call.
* once remaining bit was all the hash fuzz tests.
since these are called over multiple threads, would either have to
pass around a per-thread RNG to every call, or refactor fuzz generator
into separate class, so we could make a separate instance per thread.
latter choice seemed generally cleaner anyways, so...
* Refactored fuzz generator methods into FuzzHashGeneator class.
- Uses separate RNG per thread, seeded from .getRandom() using thread name.
- removed class-scanning magic, now uses explicit lists of verifiers
& parameter generation helpers.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Added PasswordHash.truncate_size info attribute, to detect hashes
which truncate the password.
* All such hashes (bcrypt, des_crypt, some others) now accept a "truncate_error"
option, allowing them to be switched from silent truncation to throwing
an error instead. This option is also supported by CryptContext.
* tests/HandlerCase:
- removed .secret_size config flag, can now just read handler.truncate_size instead.
- reworked truncation tests to use new API, and test 'truncate_error' policy support.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PasswordHash.is_disabled flag now present, to programmatically detect
disabled hashers (unix_disabled, etc)
* CryptContext now offers methods for disabling, enabling, and testing
hashes to see if they're tied to a real hash or not.
* disabled hashers now offer .disable() and .enable() helpers,
as backend for CryptContext methods.
* django_disabled now appends random alphanumeric string, per Django.
* adjusted HandlerCase:
- checks handler.is_disabled,
- handle django_disabled via disabled_contains_salt flag
- tests .disable() and .enable() api if present
|
| |
|
|
|
|
|
|
| |
* moved bsdi_crypt needs_update() tests from test_context to bsdi_crypt test
* moved bcrypt needs_update() tests from test_context to bcrypt test
* removed redundant rounds+context test in HandlerCase,
not needed now that .using()+rounds is being tested.
* silence some warnings
|
| |
|
|
|
|
|
| |
* tweaked passlib's format to follow argon2 and
use explicit param names + normal base64 encoding
* added support for openwall's $7$ format
* moved hash tests to separate file
|
| |
|
|
|
|
|
|
| |
* b"" prefix added to a few strings in argon2 hash & tests
* misc tests: get_handler_case() -- added argon2 to list of conditionally available hashes
* consteq test: pypy's compare_digest() supports non-ascii unicode(), unlike cpython
* old pbkdf2() tests: account for keylen=0 now throwing error
* tox.ini: disable testing w/ cryptography under pypy, not installing properly.
|
| |
|
|
| |
a group
|
| | |
|
| |
|
|
|
| |
this basically reversed rev 5c41b0153d4f; after using it a bit more,
decided the name didn't indicate as well what the method was doing.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
callers should use handler.replace(**settings).hash() instead.
this is being done because it greatly streamlines the internals of the .hash()
implementation, and allows some redundant configuration parsing to be extracted
from the .hash() methods and merged in with existing code in .replace().
this also opens things up for alternate code architectures for implementing new hashers,
making it easier to wrap existing libraries (e.g. argon2).
internals
---------
* replaced a bunch of internal .hash(**settings) calls
* GenericHandler
- stripped out 'relaxed' keyword from constructor, since it's no longer
passed by hash() etc.
- _norm_checksum() now only invoked if checksum is specified (simplifies logic).
keeping support for 'relaxed' mode, but only as explicit keyword.
- removed some unused comments about .from_string() & .to_string()
* HasSalt mixin:
- .replace() now supports 'salt' keyword, creates variant
which has a fixed salt string.
- 'salt size' keyword removed from ctor, now handled by .replace() call
- _norm_salt() converted to class method so it can be
used by .replace() 'salt' keyword code.
- per-instance bits of _norm_salt() relocated to HasSalt.__init__ proper
- _generate_salt() converted to class method, since no longer depends on instance config.
* HasRounds mixin:
- similar to HasSalt, relocates per-instance bits of _norm_rounds()
into HasRounds.__init__() proper.
- remainder of _norm_rounds() turned into class method, merged
with ._clip_to_valid_rounds() helper to reduce duplication.
- _generate_rounds() converted to class method, since no longer depends on instance config.
hashers
-------
* fshp: added support for 'variant' keyword to replace()
* unix_disabled: added support for 'marker' keyword to replace(), added UTs.
* cisco_type7: to match HasSalt, added support for 'salt' keyword to replace(), added UTs.
* sha256/512_crypt: now uses custom salt & rounds parsing, rather than relaxed kwd,
to handle correctable-but-invalid config strings.
unittests
---------
* removed checks for PasslibConfigWarning when setting hash(rounds=) out of policy bounds,
since that now *is* setting the policy.
* adapted some handler ctor to deal w/ lack of 'relaxed' kwd
docs
----
* updated docstrings listing hash() keywords for each scheme to list them
as .replace() keywords.
* updated example code to use .replace()
* fleshed out api docs about the change
|
| |
|
|
|
| |
made behavior of various bits (rounds etc) default to relaxed=False,
updated UTs accordingly.
|
| |
|
|
| |
to match stdlib's convention (for things like str, namedtuple, etc)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
after further consideration (while implementing a handler for argon2),
decided that rolling .genconfig() and .genhash() into the .hash() method
(as was done in rev 1f7421b35b75) put too much complexity into the .hash() method.
this commit walks back those portions of rev 1f7421b35b75 -- .genconfig()
and .genhash() are now implemented for each handler directly.
however, going a little further and completely deprecating .genconfig()
and .genhash() support entirely -- decided there's no need for them in
the public api whatsoever. apps shouldn't need/use them, and the unittests
can use their own workarounds.
* removed "config" keyword from handler.hash() ifc
* removed support for config=None from handler.genhash() -- nothing should use it
now that handler.genconfig() always returns a string.
* marked .genhash() and .genconfig() as completely deprecated, w/ no alternative
* uts: factored out calls which need config only into a .do_stub_encrypt() helper,
as replacement for internal uses of .genconfig()
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scrypt kdf code
- relocated scrypt kdf code to passlib.crypto.scrypt
- py3 compat fixes
- split UTs out into separate file
- removed "non-power of 2" support, not needed.
- added wrapper which can toggle between builtin backend,
and extenrnal scrypt package.
- factored out n/r/p validation code so it can be used independantly
of calling kdf itself.
* passlib.handlers.scrypt: added scrypt handler which wraps the kdf.
- added some custom test strings, as well as adapted some reference values
from the scrypt whitepaper.
- added documentation page
- integrated scrypt kdf wrapper w/ hash's HasManyBackends api
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
.encrypt()
----------
hash.encrypt() & context.encrypt() have been renamed to .hash().
this should take care of the long-standing issue 21 (the poor naming of .encrypt).
per docs, legacy aliases will remain in place until passlib 2.0.
.genhash() / .genconfig()
-------------------------
taking advantage of this reorganization to also deprecate .genconfig()
and .genhash() -- they're not really useful in a modern system,
nor as needed for historical support as initially thought:
.genconfig() will be retired completely in passlib 2.0;
.genhash() is rolled into the new .hash() method along with .encrypt().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and moved them to a separate passlib.crypto subpackage.
along with this move, made a few api cleanups:
* unified all code that's looking up hashes
to use new passlib.crypto.lookup_hash() wrapper, which takes
care of hash name normalization, loading fallback implementations,
and alg metadata inspection, all hidden behind a memoized function.
* deprecated pbkdf2() in favor of pbkdf2_hmac() -- only real use,
and new signature matches stdlib function. additionally,
this version is a bit faster, due to some assumptions that
can be made due to the PRF always being HMAC based.
* added compile_hmac() helper which does an even more efficient
job of pre-compiling a keyed HMAC function; this helped speed up pbkdf2 a bit more.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* test_handlers: fix py3 u() compat issue
* test_totp: clean norm_hash_name() caches so warnings repeat per-test,
added/fixed some warnings checks.
* HandlerCase: HasRounds.using() test: hack so bsdi_crypt can pass
(the 'odd rounds only' was playing havoc w/ the test's expectations)
* HandlerCase: effective_rounds() / effective_ident() helpers
now unwrap PrefixWrappers first; wrappers aren't callable like classes.
* HandlerCase: HasRounds.using() test: don't check min_rounds-1
if min_rounds is 0.
* HandlerCase: multithreaded fuzz test -- detect & log errors if stalled thread,
rather than main thread stalling forever. reduced thread count down to 10.
* reset_warning_filter() context manager -- simplified __exit__() cleanup code
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* split cisco ASA 7.0 code out into separate 'cisco_asa' class,
some minor reformatting of the internals (no alg changes).
* updated documentation to reflect the two different classes,
added to changelog.
* added some reference vectors generated by current implementation --
vectors chosen to verify thresholds around various if/thens in the ASA alg.
added note that these still need to be verified by official implementation.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved utils.patchAttr() function to TestCase.patchAttr(),
redid a bunch of manual monkeypatches to use .patchAttr() method.
* temporary_backend() hack replaced by subcls.using(), so temporary
backend use will be threadsafe (needed for concurrent tests).
* HandlerCase.create_backend_cases() replaced with HandlerCase.create_backend_case(),
all calls split out to make individual calls for each backend.
Easier to read in diffs going forward when backends added/removed.
* moved os_crypt specific code w/in create_backend_case() to OsCryptMixin,
which just subclasses the method it needs to modify. allowed
removing find_crypt_replacement() method entirely; decision to skip backend
now directly uses OsCryptMixin's own logic.
* fuzz_verifier_crypt() cleanups
- moved to OsCryptMixin; removing .using_patched_crypt ref from HandlerCase
- has_crypt_support() helper rolled into method, was only caller.
- os_supports_ident() refactored into crypt_supports_variant().
fuzz_verified_crypt() is (now) the only caller.
* bcrypt's crypt_supports_variant() now uses actual test of crypt()
rather than hardcoded list of supported values.
* fuzz verifier now handlers hashes throwing SkipTest.
* utils.has_crypt_support() rolled into
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
support;
as well as PyPy 1.x and Jython 2.5.
shims removed
-------------
* b() shim replaced with b'' (py25)
* 'bytes' alias no longer needed (py25)
* callable() shim no longer needed (py30,31)
* PY_MIN_32 flag replaced with PY3 flag (py30,31)
* removed 'abc' module stub used by passlib.ifc (py25)
* removed chain_from_iterable() backport (py25)
* tests: removed catch_warnings() backport,
replaced refs with real warnings.catch_warnings() (py25)
* tests: removed unittest2 backports (py25, py30, py31) --
now throw hard error if unittest2 not present under py26
(the only release remaining which lacks the unittest2 features)
* removed SUPPORTS_DIR_METHOD conditional (py25, pypy 1.x)
* some other minor workarounds
other
-----
* added check in passlib.compat which now throws error telling user
version isn't supported (to prevent spurious errors later)
|
| |
|
|
|
|
|
| |
* simplified get_handler_case() a little
* has_active_backend() now returns a less confusing default string
("builtin" was ambiguous since it's a common backend name)
* probabilistic getrandstr() test fails 1/600 times, upped to 1/430,000 :)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* added implementation of django 1.6's bcrypt_sha256 hasher, and UTs
* added django16 premade context to passlib.apps, made it default django_context
* test_ext_django now makes use of django16_context
* passlib.ext.django.utils.get_preset_config() now uses django16_context
* tox 'django' and 'django-py3' now test bcrypt integration
|
| | |
| |
| |
| | |
also split bcrypt handler tests out into separate file for ease of testing
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
passlib.ext.django & it's tests have gotten out of sync with django,
leading to a number of UT failures, as reported in issue 50.
tests now pass on django 1.2 through 1.6
passlib.ext.django
------------------
mimic changes in django's hasher logic:
* handle unsalted_sha1 hasher (django 1.4.6+)
* check_password(): empty hashes return False, rather throw error (django 1.5+
* allow empty passwords (django 1.6+)
* generate unusuable password suffixes (django 1.6+)
passlib.hash
------------
* django_des_crypt: added "use_duplicate_salt" class attr,
allowing tests to enable django 1.4+ style hashes which omit 1st salt.
* django_disabled: added support for django 1.6+ random suffixes
passlib.tests
-------------
* test_ext_django: lots of changes to verify django 1.5/1.6 behavior
* test_handlers_django: split django tests out of test_handlers
to make it easiers to run django-related tests.
* added workaround for encoding glitch in salted_md5 / salted_sha1 hashers (django 1.5+)
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
* added multi-thread fuzz testing to shared PasswordHash test suite
* added code to detect pybcrypt <0.3, issue warning, and implement
thread-lock to workaround it's fatal concurrency issue.
* TODO: audit rest of passlib for threading issues (shouldn't be any major ones)
|
