0001-hashers-fix-drupal-password-hasher-45576.patch
src/authentic2/hashers.py | ||
---|---|---|
47 | 47 |
count = len(v) |
48 | 48 |
i = 0 |
49 | 49 |
while i < count: |
50 |
value = ord(v[i])
|
|
50 |
value = v[i]
|
|
51 | 51 |
i += 1 |
52 | 52 |
out += self.i64toa(value & 0x3f) |
53 | 53 |
if i < count: |
54 |
value |= ord(v[i]) << 8
|
|
54 |
value |= v[i] << 8
|
|
55 | 55 |
out += self.i64toa((value >> 6) & 0x3f) |
56 | 56 |
if i == count: |
57 | 57 |
break |
58 | 58 |
i += 1 |
59 | 59 |
if i < count: |
60 |
value |= ord(v[i]) << 16
|
|
60 |
value |= v[i] << 16
|
|
61 | 61 |
out += self.i64toa((value >> 12) & 0x3f) |
62 | 62 |
if i == count: |
63 | 63 |
break |
... | ... | |
74 | 74 | |
75 | 75 |
def to_drupal(self, encoded): |
76 | 76 |
algo, count, salt, h = encoded.split('$', 3) |
77 |
count = self.atoi64(math.ceil(math.log(count, 2)))
|
|
77 |
count = self.i64toa(math.ceil(math.log(int(count), 2)))
|
|
78 | 78 |
return '$S$%s%s%s' % (count, salt, h) |
79 | 79 | |
80 | 80 |
def encode(self, password, salt, iterations): |
81 | 81 |
assert password |
82 | 82 |
assert salt and '$' not in salt |
83 |
h = force_bytes(salt)
|
|
84 |
password = force_bytes(password)
|
|
83 |
h = salt.encode()
|
|
84 |
password = password.encode()
|
|
85 | 85 |
for i in range(iterations + 1): |
86 | 86 |
h = self.digest(h + password).digest() |
87 | 87 |
return "%s$%d$%s$%s" % (self.algorithm, iterations, salt, self.b64encode(h)[:43]) |
tests/test_hashers.py | ||
---|---|---|
53 | 53 |
assert hasher.verify( |
54 | 54 |
'Azerty!123', |
55 | 55 |
'plonesha1${SSHA}vS4g4MtzJyAjvhyW7vsrgjpJ6lDCU+Y42a6p') |
56 | ||
57 | ||
58 |
def test_drupal_hasher(): |
|
59 |
hasher = hashers.Drupal7PasswordHasher() |
|
60 |
encoded = '$S$Dynle.OzZaDw.KtHA3F81KvwnKFkFI3YPxe/q9ksun7HjrpEDy6N' |
|
61 |
pwd = 'Azerty!123' |
|
62 |
dj_encoded = hasher.from_drupal(encoded) |
|
63 | ||
64 |
assert hasher.verify(pwd, dj_encoded) |
|
65 |
assert hasher.to_drupal(dj_encoded) == encoded |
|
56 |
- |