Mercurial Repositories > eric / annotate

src/eric7/Utilities/crypto/py3PBKDF2.py@ce599998be7d (annotated)

src/eric7/Utilities/crypto/py3PBKDF2.py

Thu, 26 Sep 2024 09:48:49 +0200

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Thu, 26 Sep 2024 09:48:49 +0200
branch
eric7
changeset 10927
ce599998be7d
parent 10439
21c28b0f9e41
permissions
-rw-r--r--

Removed some obsolete TODO markers.

1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
10439
21c28b0f9e41 Updated copyright for 2024.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10433
diff changeset
3 # Copyright (c) 2002 - 2024 Detlev Offenbach <detlev@die-offenbachs.de>
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing PBKDF2 functions.
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9
9473
3f23dbf37dbe Resorted the import statements using isort.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9221
diff changeset
10 import base64
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 import hashlib
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12 import hmac
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
13 import os
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 Hashes = {
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 "sha1": hashlib.sha1,
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17 "sha224": hashlib.sha224,
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18 "sha256": hashlib.sha256,
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
19 "sha384": hashlib.sha384,
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20 "sha512": hashlib.sha512,
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21 "md5": hashlib.md5,
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22 }
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 Delimiter = "$"
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25
1130
3e9f0330f833 Removed some obsolete code (forgot about it) and made some PEP-8 related fixes.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 1127
diff changeset
26
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
27 def pbkdf2(password, salt, iterations, digestMod):
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
29 Module function to hash a password according to the PBKDF2 specification.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
30
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
31 @param password clear text password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
32 @type bytes
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
33 @param salt salt value
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
34 @type bytes
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
35 @param iterations number of times hash function should be applied
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
36 @type int
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 @param digestMod hash function
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
38 @type function
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
39 @return hashed password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
40 @rtype bytes
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 """
5604
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
42 pwHash = password
6188
5a6ae3be31e6 Fixed some loop related coding issues detected by the extended code style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 6048
diff changeset
43 for _ in range(iterations):
5604
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
44 pwHash = hmac.new(salt, pwHash, digestMod).digest()
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
45 return pwHash
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
48 def hashPasswordTuple(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
49 password, digestMod=hashlib.sha512, iterations=10000, saltSize=32
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
50 ):
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
51 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52 Module function to hash a password according to the PBKDF2 specification.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
53
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
54 @param password clear text password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
55 @type str
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 @param digestMod hash function
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
57 @type function
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
58 @param iterations number of times hash function should be applied
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
59 @type int
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
60 @param saltSize size of the salt
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
61 @type int
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
62 @return tuple of digestname, number of iterations, salt and hashed password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
63 @rtype tuple of (str, int, bytes, bytes)
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65 salt = os.urandom(saltSize)
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 password = password.encode("utf-8")
5604
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
67 pwHash = pbkdf2(password, salt, iterations, digestMod)
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
68 digestname = digestMod.__name__.replace("openssl_", "")
5604
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
69 return digestname, iterations, salt, pwHash
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
70
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
71
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
72 def hashPassword(password, digestMod=hashlib.sha512, iterations=10000, saltSize=32):
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 Module function to hash a password according to the PBKDF2 specification.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
75
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
76 @param password clear text password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
77 @type str
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
78 @param digestMod hash function
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
79 @type function
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
80 @param iterations number of times hash function should be applied
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
81 @type int
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
82 @param saltSize size of the salt
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
83 @type int
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
84 @return hashed password entry according to PBKDF2 specification
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
85 @rtype str
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
86 """
7259
7c017076c12e Continued to resolve code style issue M841.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7229
diff changeset
87 digestname, iterations, salt, pwHash = hashPasswordTuple(
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
88 password, digestMod, iterations, saltSize
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
89 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
90 return Delimiter.join(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
91 [
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
92 digestname,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
93 str(iterations),
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
94 base64.b64encode(salt).decode("ascii"),
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
95 base64.b64encode(pwHash).decode("ascii"),
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
96 ]
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
97 )
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
98
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
99
5604
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
100 def verifyPassword(password, pwHash):
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
101 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
102 Module function to verify a password against a hash encoded password.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
103
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
104 @param password clear text password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
105 @type str
5604
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
106 @param pwHash hash encoded password in the form
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
107 'digestmod$iterations$salt$hashed_password' as produced by the
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
108 hashPassword function
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
109 @type str
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
110 @return flag indicating a successfull verification
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
111 @rtype bool
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
112 @exception ValueError the hash is not of the expected format or the
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
113 digest is not one of the known ones
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
114 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
115 try:
5604
b047181a4a33 Continued fixing code style issues detected by the extended style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 5389
diff changeset
116 digestname, iterations, salt, pwHash = pwHash.split(Delimiter)
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
117 except ValueError:
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
118 raise ValueError(
2997
7f0ef975da9e Continued to shorten the code lines to max. 79 characters.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 2302
diff changeset
119 "Expected hash encoded password in format "
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
120 "'digestmod{0}iterations{0}salt{0}hashed_password".format(Delimiter)
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
121 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
122
10373
093dcebe5ecb Corrected some uses of dict.keys(), dict.values() and dict.items().
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9653
diff changeset
123 if digestname not in Hashes:
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
124 raise ValueError(
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
125 "Unsupported hash algorithm '{0}' for hash encoded password '{1}'.".format(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
126 digestname, pwHash
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
127 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
128 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
129
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
130 iterations = int(iterations)
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
131 salt = base64.b64decode(salt.encode("ascii"))
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
132 pwHash = base64.b64decode(pwHash.encode("ascii"))
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
133 password = password.encode("utf-8")
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
134 return pwHash == pbkdf2(password, salt, iterations, Hashes[digestname])
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
135
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
136
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
137 def rehashPassword(password, hashParameters):
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
138 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
139 Module function to recreate a password hash given the hash parameters.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
140
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
141 @param password clear text password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
142 @type str
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
143 @param hashParameters hash parameters in the form
10433
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
144 'digestmod$iterations$salt'
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
145 @type str
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
146 @return hashed password
328f3ec4b77a Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
147 @rtype bytes
2997
7f0ef975da9e Continued to shorten the code lines to max. 79 characters.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 2302
diff changeset
148 @exception ValueError the hash parameters string is not of the expected
7f0ef975da9e Continued to shorten the code lines to max. 79 characters.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 2302
diff changeset
149 format or the digest is not one of the known ones
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
150 """
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
151 try:
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
152 digestname, iterations, salt = hashParameters.split(Delimiter)
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
153 except ValueError:
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
154 raise ValueError(
3034
7ce719013078 Fixed various coding style issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 2997
diff changeset
155 "Expected hash parameters string in format "
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
156 "'digestmod{0}iterations{0}salt".format(Delimiter)
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
157 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
158
10373
093dcebe5ecb Corrected some uses of dict.keys(), dict.values() and dict.items().
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9653
diff changeset
159 if digestname not in Hashes:
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
160 raise ValueError(
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
161 "Unsupported hash algorithm '{0}' for hash parameters '{1}'.".format(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
162 digestname, hashParameters
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
163 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
164 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
165
1127
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
166 iterations = int(iterations)
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
167 salt = base64.b64decode(salt.encode("ascii"))
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
168 password = password.encode("utf-8")
b1802ebe0066 Added capability to encrypt saved passwords with a master password and rearranged some configuration parameters related to security.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
169 return pbkdf2(password, salt, iterations, Hashes[digestname])

Mercurial Repository: eric

eric ide

mercurial