def bcrypt_check_pw(self, password_string, hashed_pw_str):
""" Bcrypt-based password checker. Takes a raw string password and
compares it to the hash of a previously hashed password, returning True
if the passwords match, or False if not.
Bcrypt functions are to be used where ever you are storing a user's
password, but do not ever want to be able to "know" their password
directly. We only need to know if the password they supplied is
correct or not.
If bcrypt is not installed on
the system, the comparison is just a comparison of the two supplied
strings.
:Args:
:passphrase: 32 URL-safe Base64 encoded bytes
:data: string data or password to encrypt
:encoding: encoding (string).
:returns: a string repr of the encrypted data
"""
if not bcrypt:
print(
"\x1b\x5b\x33\x33\x6dWARNING! Package `bcrypt` is not installed"
". Therefore, `crypt` is only doing a string comparison of the "
"'hash' and the 'password'! \x1b\x5b\x30\x6d"
)
if password_string == hashed_pw_str:
return True
else:
return False
password_bytes = py_bytes(password_string, self.encoding)
hashed_pw = py_bytes(hashed_pw_str, self.encoding)
return bcrypt.checkpw(password_bytes, hashed_pw)
def decrypt(self, encrypted_str_data):
""" Decrypt password using cryptography Fernet.
:Args:
:passphrase: 32 URL-safe Base64 encoded bytes
:returns: a string repr of the decrypted data. Returns False if decrypt fails
"""
if not Fernet:
print(
"\x1b\x5b\x33\x33\x6dWARNING! Package `cryptography` is not "
"installed... `Crypt.decrypt` did not do anything! "
"\x1b\x5b\x30\x6d"
)
return encrypted_str_data
cipher = Fernet(self.passphrase)
encrypted_byte_data = py_bytes(encrypted_str_data, self.encoding)
try:
decrypted_bytes = cipher.decrypt(encrypted_byte_data)
except:
# data could not be decryted (probably wrong salt/passphrase)
return False
return py_str(decrypted_bytes, self.encoding)
def phrase_to_url_safebytes(pass_phrase, encoding='utf-8', salt=b'AAAAA'):
"""return 32, url-safe, base64 encoded bytes from a string"""
passphrase = py_bytes(pass_phrase, encoding)
if not Fernet:
return passphrase
backend = default_backend()
salt_b = py_bytes(salt, encoding)
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt_b,
iterations=100000,
backend=backend
)
return urlsafe_b64encode(kdf.derive(passphrase))
def bcrypt_make_hash(self, password_string):
""" Use bcrypt to hash a password and return a string repr of the hash.
Bcrypt functions are to be used where ever you are storing a user's
password, but do not ever want to be able to "know" their password
directly. We only need to know if the password they supplied is
correct or not.
"""
if not bcrypt:
print(
"\x1b\x5b\x33\x33\x6dWARNING! Package `bcrypt` is not installed. "
"Therefore, `crypt` could not create a hash for this password!"
" \x1b\x5b\x30\x6d" % password_string)
return False
password_bytes = py_bytes(password_string, self.encoding)
hashed_bytes = bcrypt.hashpw(password_bytes, bcrypt.gensalt())
return py_str(hashed_bytes, self.encoding)
def encrypt(self, data):
"""Encrypt password using cryptography Fernet.
:Args:
:passphrase: 32 URL-safe Base64 encoded bytes
:data: string data or password to encrypt
:returns: a string repr of the encrypted data
"""
if not Fernet:
print(
"\x1b\x5b\x33\x33\x6dWARNING! Package `cryptography` is not "
"installed. Therefore, `crypt` did not actually encrypt the data: "
"`%s`. It was simply returned as plain text"
"! \x1b\x5b\x30\x6d" % data)
return data
cipher = Fernet(self.passphrase)
byte_data = py_bytes(data, self.encoding)
encrypted_bytes = cipher.encrypt(byte_data)
return py_str(encrypted_bytes, self.encoding)
def write(self, message):
if type(message) is str:
message = py_bytes(message, self.wrapper.encoding)
self.socket.send(message)
def write(self, message):
if type(message) is str:
message = py_bytes(message, self.wrapper.encoding)
self.socket.send(message)
def send(self, payload):
pay = py_bytes("%s\n" % payload, self.encoding)
if self.socket:
self.socket.send(pay)
else:
return False
def send(self, payload):
pay = py_bytes("%s\n" % payload, self.encoding)
if self.socket:
self.socket.send(pay)
else:
return False