diff options
| author | Eli Collins <elic@assurancetechnologies.com> | 2012-04-10 14:24:04 -0400 |
|---|---|---|
| committer | Eli Collins <elic@assurancetechnologies.com> | 2012-04-10 14:24:04 -0400 |
| commit | d1cd32ca8209513eb7f00201c3555363b3675dd6 (patch) | |
| tree | 846deb09e084029a2a1687d52644af66760b4180 /passlib/handlers | |
| parent | d70e36e2fb1fc2b4e33d237c1a72cc6bc8802d52 (diff) | |
| download | passlib-d1cd32ca8209513eb7f00201c3555363b3675dd6.tar.gz | |
minor constant & comment tweaks
Diffstat (limited to 'passlib/handlers')
| -rw-r--r-- | passlib/handlers/__init__.py | 4 | ||||
| -rw-r--r-- | passlib/handlers/bcrypt.py | 13 | ||||
| -rw-r--r-- | passlib/handlers/des_crypt.py | 2 |
3 files changed, 8 insertions, 11 deletions
diff --git a/passlib/handlers/__init__.py b/passlib/handlers/__init__.py index 1ee5ea0..0a0338c 100644 --- a/passlib/handlers/__init__.py +++ b/passlib/handlers/__init__.py @@ -1,3 +1 @@ -#XXX: make this a namespace package ? - -#TODO: bigcrypt, crypt16, raw hex strings for md5/sha1/sha256/sha512 +"""passlib.handlers -- holds implementations of all passlib's builtin hash formats""" diff --git a/passlib/handlers/bcrypt.py b/passlib/handlers/bcrypt.py index 3c1cb2e..8690eb5 100644 --- a/passlib/handlers/bcrypt.py +++ b/passlib/handlers/bcrypt.py @@ -1,14 +1,10 @@ -"""passlib.bcrypt - -Implementation of OpenBSD's BCrypt algorithm. +"""passlib.bcrypt -- implementation of OpenBSD's BCrypt algorithm. TODO: * support 2x and altered-2a hashes? http://www.openwall.com/lists/oss-security/2011/06/27/9 -* is there any workaround for bcryptor lacking $2$ support? - * deal with lack of PY3-compatibile c-ext implementation """ #========================================================= @@ -42,6 +38,9 @@ __all__ = [ "bcrypt", ] +#========================================================= +# support funcs & constants +#========================================================= _builtin_bcrypt = None def _load_builtin(): @@ -55,7 +54,7 @@ IDENT_2X = u("$2x$") IDENT_2Y = u("$2y$") #========================================================= -#handler +# handler #========================================================= class bcrypt(uh.HasManyIdents, uh.HasRounds, uh.HasSalt, uh.HasManyBackends, uh.GenericHandler): """This class implements the BCrypt password hash, and follows the :ref:`password-hash-api`. @@ -168,7 +167,7 @@ class bcrypt(uh.HasManyIdents, uh.HasRounds, uh.HasSalt, uh.HasManyBackends, uh. if isinstance(hash, bytes): hash = hash.decode("ascii") # check for incorrect padding bits (passlib issue 25) - if hash.startswith(u("$2a$")) and hash[28] not in bcrypt64._padinfo2[1]: + if hash.startswith(IDENT_2A) and hash[28] not in bcrypt64._padinfo2[1]: return True return False diff --git a/passlib/handlers/des_crypt.py b/passlib/handlers/des_crypt.py index d5b3d14..41e132a 100644 --- a/passlib/handlers/des_crypt.py +++ b/passlib/handlers/des_crypt.py @@ -496,7 +496,7 @@ class crypt16(uh.HasSalt, uh.GenericHandler): result1 = mdes_encrypt_int_block(key1, 0, salt_value, 20) #convert next 8 bytes of secret string into integer (key=0 if secret < 8 chars) - key2 = _crypt_secret_to_key(secret[8:]) + key2 = _crypt_secret_to_key(secret[8:16]) #run data through des using input of 0 result2 = mdes_encrypt_int_block(key2, 0, salt_value, 5) |