added mssql 2000/2005 hashes; enhanced HandlerCase's password case sensitive test

3 files changed, 193 insertions, 0 deletions

diff --git a/docs/lib/passlib.hash.mssql2000.rst b/docs/lib/passlib.hash.mssql2000.rst
new file mode 100644
index 0000000..5c079f5
--- /dev/null
+++ b/docs/lib/passlib.hash.mssql2000.rst
@@ -0,0 +1,101 @@
+==================================================================
+:class:`passlib.hash.mssql2000` - MS SQL 2000 password hash
+==================================================================
+
+.. currentmodule:: passlib.hash
+
+This class implements the hash algorithm used by Microsoft SQL Server 2000
+to store it's user account passwords, until it was replaced
+by a slightly more secure variant (:class:`~passlib.hash.mssql2005`)
+in MSSQL 2005.
+
+.. warning::
+
+    This hash is not very secure, and should not be used for any purposes
+    besides manipulating existing MSSQL 2000 password hashes.
+
+.. seealso::
+
+    :class:`~passlib.hash.mssql2005`
+
+Usage
+=====
+This class can be used directly as follows (note that this class requires
+a username for all encrypt/verify operations)::
+
+    >>> from passlib.hash import mssql2000 as m20
+
+    >>> #encrypt password using specified username
+    >>> h = m20.encrypt("password")
+    >>> h
+    '0x0100200420C4988140FD3920894C3EDC188E94F428D57DAD5905F6CC1CBAF950CAD4C63F272B2C91E4DEEB5E6444'
+
+    >>> m20.identify(h) #check if hash is recognized
+    True
+    >>> m20.identify('$1$3azHgidD$SrJPt7B.9rekpmwJwtON31') #check if some other hash is recognized
+    False
+
+    >>> m20.verify("password", h) #verify correct password
+    True
+    >>> m20.verify("letmein", h) #verify incorrect password
+    False
+
+Interface
+=========
+.. autoclass:: mssql2000()
+
+.. rst-class:: html-toggle
+
+Format & Algorithm
+==================
+MSSQL 2000 hashes are usually presented as a series of 92 upper-case
+hexidecimal characters, prefixed by ``0x``. An example MSSQL 2000 hash
+(of ``"password"``)::
+
+    0x0100200420C4988140FD3920894C3EDC188E94F428D57DAD5905F6CC1CBAF950CAD4C63F272B2C91E4DEEB5E6444
+
+This encodes 46 bytes of raw data, consisting of:
+
+* a 2-byte constant ``0100``
+* 4 byte of salt (``200420C4`` in the example)
+* the first 20 byte digest (``988140FD3920894C3EDC188E94F428D57DAD5905``
+  in the example).
+* a second 20 byte digest (``F6CC1CBAF950CAD4C63F272B2C91E4DEEB5E6444``
+  in the example).
+
+The first digest is generated by encoding the unicode password using
+``UTF-16-LE``, and calculating ``SHA1(encoded_secret + salt)``.
+
+The second digest is generated the same as the first,
+except that the password is converted to upper-case first.
+
+Only the second digest is used when verifying passwords (and hence the hash
+is case-insensitive). The first digest is presumably for forward-compatibility:
+MSSQL 2005 removed the second digest, and thus became case sensitive.
+
+.. note::
+
+    MSSQL 2000 hashes do not actually have a native textual format, as they
+    are stored as raw bytes in an SQL table. However, when external programs
+    deal with them, MSSQL generally encodes raw bytes as upper-case hexidecimal,
+    prefixed with ``0x``. This is the representation Passlib uses.
+
+Security Issues
+===============
+This algorithm is reasonably weak, and shouldn't be used for any
+purpose besides manipulating existing MSSQL 2000 hashes, due to the
+following flaws:
+
+* The fact that it is case insensitive greatly reduces the keyspace that
+  must be searched by brute-force or pre-computed attacks.
+
+* It's simplicity, and years of research on high-speed SHA1
+  implementations, makes efficient brute force attacks much more feasible.
+
+.. rubric:: Footnotes
+
+.. [#] Overview hash algorithms used by MSSQL -
+   `<https://blogs.msdn.com/b/lcris/archive/2007/04/30/sql-server-2005-about-login-password-hashes.aspx?Redirected=true>`_.
+
+.. [#] Description of MSSQL 2000 algorithm -
+   `<http://www.theregister.co.uk/2002/07/08/cracking_ms_sql_server_passwords/>`_.
diff --git a/docs/lib/passlib.hash.mssql2005.rst b/docs/lib/passlib.hash.mssql2005.rst
new file mode 100644
index 0000000..9a3728d
--- /dev/null
+++ b/docs/lib/passlib.hash.mssql2005.rst
@@ -0,0 +1,90 @@
+==================================================================
+:class:`passlib.hash.mssql2005` - MS SQL 2005 password hash
+==================================================================
+
+.. currentmodule:: passlib.hash
+
+This class implements the hash algorithm used by Microsoft SQL Server 2005
+to store it's user account passwords, replacing the slightly less secure
+:class:`~passlib.hash.mssql2000` variant.
+
+.. warning::
+
+    This hash is not very secure, and should not be used for any purposes
+    besides manipulating existing MSSQL 2005 password hashes.
+
+.. seealso::
+
+    :class:`~passlib.hash.mssql2000`
+
+Usage
+=====
+This class can be used directly as follows (note that this class requires
+a username for all encrypt/verify operations)::
+
+    >>> from passlib.hash import mssql2005 as m25
+
+    >>> #encrypt password using specified username
+    >>> h = m25.encrypt("password")
+    >>> h
+    '0x01006ACDF9FF5D2E211B392EEF1175EFFE13B3A368CE2F94038B'
+
+    >>> m25.identify(h) #check if hash is recognized
+    True
+    >>> m25.identify('$1$3azHgidD$SrJPt7B.9rekpmwJwtON31') #check if some other hash is recognized
+    False
+
+    >>> m25.verify("password", h) #verify correct password
+    True
+    >>> m25.verify("letmein", h) #verify incorrect password
+    False
+
+Interface
+=========
+.. autoclass:: mssql2005()
+
+.. rst-class:: html-toggle
+
+Format & Algorithm
+==================
+MSSQL 2005 hashes are usually presented as a series of 52 upper-case
+hexidecimal characters, prefixed by ``0x``. An example MSSQL 2005 hash
+(of ``"password"``)::
+
+    0x01006ACDF9FF5D2E211B392EEF1175EFFE13B3A368CE2F94038B
+
+This encodes 26 bytes of raw data, consisting of:
+
+* a 2-byte constant ``0100``
+* 4 byte of salt (``6ACDF9FF`` in the example)
+* 20 byte digest (``5D2E211B392EEF1175EFFE13B3A368CE2F94038B``
+  in the example).
+
+The digest is generated by encoding the unicode password using
+``UTF-16-LE``, and calculating ``SHA1(encoded_secret + salt)``.
+
+This format and algorithm is identical to :doc:`mssql2000 <passlib.hash.mssql2000>`,
+except that this hash omits the 2nd case-insensitive
+digest used by MSSQL 2000.
+
+.. note::
+
+    MSSQL 2005 hashes do not actually have a native textual format, as they
+    are stored as raw bytes in an SQL table. However, when external programs
+    deal with them, MSSQL generally encodes raw bytes as upper-case hexidecimal,
+    prefixed with ``0x``. This is the representation Passlib uses.
+
+Security Issues
+===============
+This algorithm is reasonably weak, and shouldn't be used for any
+purpose besides manipulating existing MSSQL 2005 hashes. This mainly due to
+it's simplicity, and years of research on high-speed SHA1
+implementations, which makes efficient brute force attacks feasible.
+
+.. rubric:: Footnotes
+
+.. [#] Overview hash algorithms used by MSSQL -
+   `<https://blogs.msdn.com/b/lcris/archive/2007/04/30/sql-server-2005-about-login-password-hashes.aspx?Redirected=true>`_.
+
+.. [#] Description of MSSQL 2000/2005 algorithm -
+   `<http://www.theregister.co.uk/2002/07/08/cracking_ms_sql_server_passwords/>`_.
diff --git a/docs/lib/passlib.hash.rst b/docs/lib/passlib.hash.rst
index fc108ab..13c2397 100644
--- a/docs/lib/passlib.hash.rst
+++ b/docs/lib/passlib.hash.rst
@@ -172,6 +172,8 @@ not seen outside those specific contexts:
 .. toctree::
     :maxdepth: 1
 
+    passlib.hash.mssql2000
+    passlib.hash.mssql2005
     passlib.hash.mysql323
     passlib.hash.mysql41
     passlib.hash.postgres_md5