PageRenderTime 34ms CodeModel.GetById 8ms RepoModel.GetById 0ms app.codeStats 0ms

/cryptacular/bcrypt/__init__.py

https://bitbucket.org/dholth/cryptacular/
Python | 74 lines | 30 code | 16 blank | 28 comment | 6 complexity | 98c07f4a0f0fa450c043756453cdcfef MD5 | raw file
    

  1. # Copyright (c) 2009 Daniel Holth <dholth@fastmail.fm>
    2. 

  2. #
    3. 

  3. # Permission is hereby granted, free of charge, to any person obtaining a copy
    4. 

  4. # of this software and associated documentation files (the 'Software'), to deal
    5. 

  5. # in the Software without restriction, including without limitation the rights
    6. 

  6. # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    7. 

  7. # copies of the Software, and to permit persons to whom the Software is
    8. 

  8. # furnished to do so, subject to the following conditions:
    9. 

  9. #
    10. 

  10. # The above copyright notice and this permission notice shall be included in
    11. 

  11. # all copies or substantial portions of the Software.
    12. 

  12. #
    13. 

  13. # THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    14. 

  14. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    15. 

  15. # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    16. 

  16. # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    17. 

  17. # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    18. 

  18. # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    19. 

  19. # THE SOFTWARE.
    20. 

  20. 

  21. __all__ = ['BCRYPTPasswordManager']
    22. 

  22. 

  23. 

  24. import os
    25. 

  25. import re
    26. 

  26. 

  27. from cryptacular.bcrypt._bcrypt import crypt_rn, crypt_gensalt_rn
    28. 

  28. from cryptacular.core import _cmp, check_unicode
    29. 

  29. 

  30. 

  31. class BCRYPTPasswordManager(object):
    32. 

  32.     # for testing
    33. 

  33.     crypt_rn = crypt_rn
    34. 

  34.     crypt_gensalt_rn = crypt_gensalt_rn
    35. 

  35. 

  36.     SCHEME = 'BCRYPT'
    37. 

  37.     PREFIX = '$2a$'
    38. 

  38.     _rounds = 10
    39. 

  39. 

  40.     _bcrypt_syntax = re.compile('\$2a\$[0-9]{2}\$[./A-Za-z0-9]{53}')
    41. 

  41. 

  42.     def encode(self, text, rounds=None):
    43. 

  43.         '''Hash a password using bcrypt.
    44. 

    45. 

  45.         Note: only the first 72 characters of password are significant.
    46. 

  46.         '''
    47. 

  47.         rounds = rounds or self._rounds
    48. 

  48.         settings = self.crypt_gensalt_rn(self.PREFIX, rounds, os.urandom(16))
    49. 

  49.         if settings is None:
    50. 

  50.             raise ValueError('_bcrypt.crypt_gensalt_rn returned None')
    51. 

  51. 

  52.         encoded = self.crypt_rn(check_unicode(text), settings)
    53. 

  53.         if encoded is None:
    54. 

  54.             raise ValueError('_bcrypt.crypt_rn returned None')
    55. 

  55. 

  56.         return encoded
    57. 

  57. 

  58.     def check(self, encoded, text):
    59. 

  59.         '''Check a bcrypt password hash against a password.
    60. 

  60.         '''
    61. 

  61.         if not self.match(encoded):
    62. 

  62.             return False
    63. 

  63. 

  64.         encoded_text = self.crypt_rn(check_unicode(text), encoded)
    65. 

  65.         if encoded_text is None:
    66. 

  66.             raise ValueError('_bcrypt.crypt_rn returned None')
    67. 

  67. 

  68.         return _cmp(encoded_text, check_unicode(encoded))
    69. 

  69. 

  70.     def match(self, hash):
    71. 

  71.         '''Return True if hash looks like a BCRYPT password hash.
    72. 

  72.         '''
    73. 

  73.         return self._bcrypt_syntax.match(hash) is not None
    74. 

  74. 

  75.