diff options
| author | Eli Collins <elic@astllc.org> | 2011-03-25 12:11:17 -0400 |
|---|---|---|
| committer | Eli Collins <elic@astllc.org> | 2011-03-25 12:11:17 -0400 |
| commit | 32773d53f07bd9e94d4966a28f48c56cdecd51c3 (patch) | |
| tree | 59f64c35fb6c4b3255882a417b9a4462c40cac8f /passlib/utils | |
| parent | 771a8d2c0f909c6e8a59ff39ee4a1e939d799ce9 (diff) | |
| download | passlib-32773d53f07bd9e94d4966a28f48c56cdecd51c3.tar.gz | |
misc bugfixes & tweaks for win32 compat
Diffstat (limited to 'passlib/utils')
| -rw-r--r-- | passlib/utils/__init__.py | 5 | ||||
| -rw-r--r-- | passlib/utils/pbkdf2.py | 12 |
2 files changed, 14 insertions, 3 deletions
diff --git a/passlib/utils/__init__.py b/passlib/utils/__init__.py index 00f27da..8b7fff2 100644 --- a/passlib/utils/__init__.py +++ b/passlib/utils/__init__.py @@ -7,6 +7,7 @@ from cStringIO import StringIO from functools import update_wrapper from hashlib import sha256 import logging; log = logging.getLogger(__name__) +from math import log as logb import os import sys import random @@ -40,6 +41,10 @@ __all__ = [ 'getrandstr', ] +#quick check of system's arch +sys_bits = int(logb(sys.maxsize,2)+1.5) +assert sys_bits in (32,64), "unexpected sys_bits value: %r" % (sys_bits,) + #================================================================================= #os crypt helpers #================================================================================= diff --git a/passlib/utils/pbkdf2.py b/passlib/utils/pbkdf2.py index ad6f087..460925c 100644 --- a/passlib/utils/pbkdf2.py +++ b/passlib/utils/pbkdf2.py @@ -48,6 +48,7 @@ if _EVP: #backend #================================================================================= MAX_BLOCKS = 0xffffffffL #2**32-1 +MAX_HMAC_SHA1_KEYLEN = MAX_BLOCKS*20 def _resolve_prf(prf): "resolve prf string or callable -> func & digest_size" @@ -134,10 +135,15 @@ def pbkdf2(secret, salt, rounds, keylen, prf="hmac-sha1"): #special case for m2crypto + hmac-sha1 if prf == "hmac-sha1" and _EVP: - try: - return _EVP.pbkdf2(secret, salt, rounds, keylen) - except OverflowError: + #NOTE: doing check here, because M2crypto won't take longs (which this is, under 32bit) + if keylen > MAX_HMAC_SHA1_KEYLEN: raise ValueError, "key length too long" + + #NOTE: M2crypto reliably segfaults for me if given keylengths + # larger than 40 (crashes at 41 on one system, 61 on another). + # so just avoiding it for longer calls. + if keylen < 41: + return _EVP.pbkdf2(secret, salt, rounds, keylen) #resolve prf encode_block, digest_size = _resolve_prf(prf) |