| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
join_byte_values() wrappers
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
"native_string_types" aliases
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
removing unittest2 also allowed removing "passlib.tests.backports"
|
| |
|
|
| |
of Python 3.5.
|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
on FIPS systems (issue 116).
* lookup_hash():
- moved all hash consturctor error checks / handling into HashInfo object,
which simplifies lookup_hash() internals
- [minor] added "required" kwd, inverse of the now-deprecated "return_unknown" kwd
- [minor] now caches unknown/unsupported HashInfo records.
* HashInfo:
- now catches ValueErrors thrown by hash constructor,
and special-cased detection of "disabled for fips" errors.
- stub instances now have constructor that throws UnknownHashError,
instead of being None. calling code should detect stub instances via
the new "not info.supported" instead of testing for "info.const is None".
* create_hex_digest() now defaults to creating handlers w/ mock hash func
when it's not present (e.g. due to FIPS). this should let them be imported;
and defer the errors until they're actually used.
* added _set_mock_fips_mode() and some helps to make lookup_hash()
fake a FIPS mode system (per traceback provided in issue comments).
used this to make some preliminary UTs for the digest & hasher changes above.
|
| |\ \
| |/ |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
realized can do this now that we're requiring python3 >= 3.3.
had to keep u() helper around for u(r"") instances, since py3 doesn't have ur"".
but switched it to use ascii decoding for py2, to make sure things are clean.
|
| |/
|
|
|
|
|
|
|
| |
scheduled
for removal in v1.8.
this removes CryptPolicy, unix_fallback, some old HtpasswdFile methods,
and more. tests were updated as well. see history/1.8 for a complete list.
|
| |
|
|
|
| |
* moved has_active_backend() from UTs to .registry
* moved os_crypt backend support helper from .hosts to .registry
|
| |
|
|
| |
(a few minor tweaks to UTs so everything passes)
|
| |
|
|
|
| |
* factored out parallel count code into ParallelismMixin (to share w/ argon2)
* added basic .using() & .needs_update() support for block_size, parallelism
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scrypt kdf code
- relocated scrypt kdf code to passlib.crypto.scrypt
- py3 compat fixes
- split UTs out into separate file
- removed "non-power of 2" support, not needed.
- added wrapper which can toggle between builtin backend,
and extenrnal scrypt package.
- factored out n/r/p validation code so it can be used independantly
of calling kdf itself.
* passlib.handlers.scrypt: added scrypt handler which wraps the kdf.
- added some custom test strings, as well as adapted some reference values
from the scrypt whitepaper.
- added documentation page
- integrated scrypt kdf wrapper w/ hash's HasManyBackends api
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and moved them to a separate passlib.crypto subpackage.
along with this move, made a few api cleanups:
* unified all code that's looking up hashes
to use new passlib.crypto.lookup_hash() wrapper, which takes
care of hash name normalization, loading fallback implementations,
and alg metadata inspection, all hidden behind a memoized function.
* deprecated pbkdf2() in favor of pbkdf2_hmac() -- only real use,
and new signature matches stdlib function. additionally,
this version is a bit faster, due to some assumptions that
can be made due to the PRF always being HMAC based.
* added compile_hmac() helper which does an even more efficient
job of pre-compiling a keyed HMAC function; this helped speed up pbkdf2 a bit more.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved utils.patchAttr() function to TestCase.patchAttr(),
redid a bunch of manual monkeypatches to use .patchAttr() method.
* temporary_backend() hack replaced by subcls.using(), so temporary
backend use will be threadsafe (needed for concurrent tests).
* HandlerCase.create_backend_cases() replaced with HandlerCase.create_backend_case(),
all calls split out to make individual calls for each backend.
Easier to read in diffs going forward when backends added/removed.
* moved os_crypt specific code w/in create_backend_case() to OsCryptMixin,
which just subclasses the method it needs to modify. allowed
removing find_crypt_replacement() method entirely; decision to skip backend
now directly uses OsCryptMixin's own logic.
* fuzz_verifier_crypt() cleanups
- moved to OsCryptMixin; removing .using_patched_crypt ref from HandlerCase
- has_crypt_support() helper rolled into method, was only caller.
- os_supports_ident() refactored into crypt_supports_variant().
fuzz_verified_crypt() is (now) the only caller.
* bcrypt's crypt_supports_variant() now uses actual test of crypt()
rather than hardcoded list of supported values.
* fuzz verifier now handlers hashes throwing SkipTest.
* utils.has_crypt_support() rolled into
|
| | |
|
| |
|
