def encodePassword(plaintext, scheme, other=None, config=None): """Encrypt the plaintext password. """ if plaintext is None: plaintext = "" if scheme == "PBKDF2": if other: rounds, salt, raw_salt, digest = pbkdf2_unpack(other) else: raw_salt = getrandbytes(20) salt = h64encode(raw_salt) if config: rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS else: rounds = 10000 if rounds < 1000: raise PasswordValueError, "invalid PBKDF2 hash (rounds too low)" raw_digest = pbkdf2(plaintext, raw_salt, rounds, 20) return "%d$%s$%s" % (rounds, salt, h64encode(raw_digest)) elif scheme == 'SHA': s = sha1(plaintext).hexdigest() elif scheme == 'MD5': s = md5(plaintext).hexdigest() elif scheme == 'crypt' and crypt is not None: if other is not None: salt = other else: saltchars = './0123456789'+string.letters salt = random.choice(saltchars) + random.choice(saltchars) s = crypt.crypt(plaintext, salt) elif scheme == 'plaintext': s = plaintext else: raise PasswordValueError, 'unknown encryption scheme %r'%scheme return s
def testPassword(self): self.assertEqual(self._test('password', ''), None) self.assertEqual(self._test('password', ' a string '), 'a string') val = self._test('password', ' a string ') self.assert_(isinstance(val, password.Password)) val = self._test('password', '{plaintext}a string') self.assert_(isinstance(val, password.Password)) val = self._test('password', '{crypt}a string') self.assert_(isinstance(val, password.Password)) s = sha1('a string').hexdigest() val = self._test('password', '{SHA}'+s) self.assert_(isinstance(val, password.Password)) self.assertEqual(val, 'a string') self.assertRaises(hyperdb.HyperdbValueError, self._test, 'password', '{fubar}a string')
def checkDigest(filename): """Read file, check for valid fingerprint, return TRUE if ok""" # open and read file inp = open(filename, "r") lines = inp.readlines() inp.close() fingerprint = extractFingerprint(lines) if fingerprint is None: return 0 del lines[-1] # calculate current digest digest = sha1() for line in lines: digest.update(line) # compare current to stored digest return fingerprint == digest.hexdigest()
def encodePassword(plaintext, scheme, other=None): """Encrypt the plaintext password. """ if plaintext is None: plaintext = "" if scheme == 'SHA': s = sha1(plaintext).hexdigest() elif scheme == 'MD5': s = md5(plaintext).hexdigest() elif scheme == 'crypt' and crypt is not None: if other is not None: salt = other else: saltchars = './0123456789'+string.letters salt = random.choice(saltchars) + random.choice(saltchars) s = crypt.crypt(plaintext, salt) elif scheme == 'plaintext': s = plaintext else: raise PasswordValueError, 'unknown encryption scheme %r'%scheme return s
def __init__(self, filename): self.filename = filename self.digest = sha1() self.file = open(self.filename, "w")