diff options
author | Eli Collins <elic@assurancetechnologies.com> | 2012-04-13 14:12:14 -0400 |
---|---|---|
committer | Eli Collins <elic@assurancetechnologies.com> | 2012-04-13 14:12:14 -0400 |
commit | 154046a05e38cb889f886853971a48a8c7d626b4 (patch) | |
tree | 36ebc8878e91ab676abaa83dceaa69c6fa3e2261 /passlib/handlers/des_crypt.py | |
parent | 5a3bd0d6ac8ad706c7d4a21aa49a51c9fcc54873 (diff) | |
download | passlib-154046a05e38cb889f886853971a48a8c7d626b4.tar.gz |
issue warning if app requests even bsdi_crypt rounds
Diffstat (limited to 'passlib/handlers/des_crypt.py')
-rw-r--r-- | passlib/handlers/des_crypt.py | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/passlib/handlers/des_crypt.py b/passlib/handlers/des_crypt.py index d87c495..efce29e 100644 --- a/passlib/handlers/des_crypt.py +++ b/passlib/handlers/des_crypt.py @@ -261,7 +261,23 @@ class bsdi_crypt(uh.HasManyBackends, uh.HasRounds, uh.HasSalt, uh.GenericHandler return uascii_to_str(hash) #========================================================= - #backend + # validation + #========================================================= + + # flag so CryptContext won't generate even rounds. + _avoid_even_rounds = True + + def _norm_rounds(self, rounds): + rounds = super(bsdi_crypt, self)._norm_rounds(rounds) + # issue warning if app provided an even rounds value + if self.use_defaults and not rounds & 1: + warn("bsdi_crypt rounds should be odd, " + "as even rounds may reveal weak DES keys", + uh.exc.PasslibSecurityWarning) + return rounds + + #========================================================= + # backends #========================================================= backends = ("os_crypt", "builtin") |