| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| |
|
|
|
|
|
| |
after some thought, realized the 'nthash' name should implement
the raw hash. since bsd_nthash was very rarely used, it shouldn't
present backwards incompatibility issues at this point to go
ahead and rename it.
|
| | |
|
| |
|
|
|
|
|
|
| |
* Cisco Type 5 appears to be same as md5_crypt
* added requires_user=False support to HandlerCase
* added more through salt-generation test (since
cisco_pix has only 4 bits of salt)
* added HandlerCase test to ensure user is used as salt
|
| |
|
|
| |
test
|
| |
|
|
|
|
| |
* incorporated test vectors from various sources (esp JTR) for various hashes
* tried to document sources for existing vectors
* added at least one unicode/8bit test vector for every hash
|
| |
|
|
| |
to guess capitalization)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* StaticHandler is now subclass of GenericHandler
- _calc_checksum() should be implemented instead of encrypt().
(compatibility stub added so old code should continue to work)
- _norm_hash() no longer needs to handle ->unicode conversion
- default from_string() contains a bunch of features,
including stripping a known prefix, etc.
* context kwds now pulled into constructor, so GenericHandler
supports context kwds properly; HasUserContext mixin added
to support common 'user' context kwd
* identify_regexp & identify_prefix removed, functionality
rolled into default GenericHandler.identify() implementation.
- default identify checks _hash_regex as potential way to identify hashes
* HasStubChecksum removed, functionality rolled into GenericHandler
* HasRawChecksum now just sets a flag, functionality moved into GenericHandler
* HasManyIdents._parse_ident() helper added to valid & split identifier
from hashes.
* GenericHandler._norm_checksum() is now strict about unicode / bytes
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* reworked warning-matching code into assertWarningList() method
* reorganized HandlerCase hash tests based on cross-cutting topic, not per-function;
this combined many tests together to eliminate redundant setup
* added test of reported rounds limits
* added better fuzz testing - tests random passwords & options using encrypt(),
and verifies against any all available backends
* added flags to properly support 'disabled' handlers, and other border cases.
* added tests for password & user case-sensitivity
* restores warning filters after every test
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| | |
methods of most handlers
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
strict keyword
--------------
* GenericHandler's "strict" keyword had poorly defined semantics;
replaced this with "use_defaults" and "relaxed" keywords.
Most handlers' from_string() method specified strict=True.
This is now the default behavior, use_defaults=True is enabled
only for encrypt() and genconfig(). relaxed=True is enabled
only for specific handlers (and unittests) whose code requires it.
This *does* break backward compat with passlib 1.5 handlers,
but this is mostly and internal class.
* missing required settings now throws a TypeError instead of
a ValueError, to be more in line with std python behavior.
* The norm_xxx functions provided by the GenericHandler mixins
(e.g. norm_salt) have been renamed to _norm_xxx() to reflect their
private nature; and converted from class methods to instance
methods, to simplify their call signature for subclassing.
misc
----
* rewrote GenericHandler unittests to use constructor only,
instead of poking into norm_salt/norm_rounds internals.
* checksum/salt charset checks speed up using set comparison
* some small cleanups to FHSP implementation
|
| | | |
|
| |/
|
|
| |
and adds code complexity
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
* safe_crypt() improved - accepts unicode/bytes for salt, checks for NULL, returns None on failure
* added test_crypt() wrapper to simplify backend checks.
* removed native=True from most to_string() implementations, unused now.
* updated UTs
|
| |
|
|
| |
classes to make filtering easier
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* added str_to_[ub]ascii to wrap hexdigest() calls
* fixed some h64big calls I missed
* some py3 fixes
* removed utils.compat.aliases, using overlay
to replace real compat module instead
(to agree w/ imports already in code)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved bytes compat functions from utils to utils.compat
(bord, bjoin, bjoin_ints, bjoin_elems, ujoin)
* renamed bord -> belem_ord for clarify
* a bunch of to_native_str() always use ascii, and
have fixed input types (always bytes or always unicode).
these don't need overhead of to_native_str(), so replaced
those calls with two new funcs: compat.bascii_to_str() /
compat.uascii_to_str()
* cleaned up a lot of imports from utils/utils.compat to
pull from correct module
* simplified the to_string() logic of a bunch of handlers
to reduce unicode<->byte transitions
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
aliases kept for now)
|
| |
|
|
|
|
|
|
|
|
|
| |
* new utils.Base64Engine() provides flexible class for encoding arbitrary base64 charmaps.
it should also be a bit faster than the old h64 module.
* predefined 'h64' instance has mostly the same methods as the old h64 module
which it takes the place off - so imports should be unaffected.
(the only the exception of the xxx_dc_xxx methods, which now use the 'h64big' instance)
* replaced utils._blowfish base64 encoding with custom Base64Engine instance
to reduce code duplication.
* more through unittests for Base64Engine.
|
| | |
|
| |\ |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
handler
-------
* added 'scram' to default registry list
* handler 'algs' keyword now parsed & validated correctly
* digest names normalized -> IANA spec
* saslprep() integrated into code
* added config string format
related
-------
* added documentation (still needs cleaning up though)
* added majority of UTs, still need to add a few edge cases
other
-----
* redid context->handler deprecation link - code now looks for
handler._deprecated_detector(settings) to generate a callable,
should be more efficient, and allow errors to be throw at bind-time
instead of call-time.
* pbkdf2() function now treats keylen = -1 as request for
keylen = PRF digest size.
|
| | | |
|
| | |\
|/ / |
|
| | |
| |
| |
| | |
this is not yet functional, just a quick draft of an interface, along with some notes
|
| | |
| |
| |
| | |
of throwing ValueError for some handlers
|
| | | |
|
| | | |
|
| | | |
|
