# -*- coding: utf-8 -*-
-u"""Password hashing functions and constants for the mudpy engine."""
+"""Password hashing functions and constants for the mudpy engine."""
-# Copyright (c) 2004-2011 Jeremy Stanley <fungi@yuggoth.org>. Permission
+# Copyright (c) 2004-2013 Jeremy Stanley <fungi@yuggoth.org>. Permission
# to use, copy, modify, and distribute this software is granted under
# terms provided in the LICENSE file distributed with this software.
between 0 and 255 into a packed sequence akin to a C-style string.
"""
import struct
- # this will need to be declared as b"" during 2to3 migration
- packed = ""
+ packed = b""
for number in numbers:
number = int(number)
assert 0 <= number <= 255
- # need to use b"B" during 2to3 migration
packed += struct.pack("B", number)
return packed
import base64
return base64.b64encode(
byte_sequence,
- u"./".encode(u"ascii")
- ).rstrip(u"=")
+ b"./"
+ ).decode("ascii").rstrip("=")
def _generate_salt(salt_len=2):
import math
import random
salt = []
- for i in xrange(int(math.ceil(salt_len * 0.75))):
+ for i in range(int(math.ceil(salt_len * 0.75))):
salt.append(random.randint(0, 255))
return _bytes_to_text(_pack_bytes(salt))[:salt_len]
-def upgrade_legacy_hash(legacy_hash, salt, sep=u"$"):
+def upgrade_legacy_hash(legacy_hash, salt, sep="$"):
"""
This utility function is meant to provide a migration path for users
of mudpy's legacy account-name-salted MD5 hexdigest password hashes.
returned.
"""
import re
- assert re.match(u"^[0-9a-f]{32}$",
+ assert re.match("^[0-9a-f]{32}$",
legacy_hash), "Not a valid MD5 hexdigest"
- # this needs to be declared as b"" in 2to3
- collapsed = ""
- for i in xrange(16):
+ collapsed = b""
+ for i in range(16):
# this needs to become a byte() call in 2to3
- collapsed += chr(int(legacy_hash[2 * i:2 * i + 2], 16))
- return u"%s%s%s%s%s%s%s%s" % (
+ collapsed += bytes(legacy_hash[2 * i:2 * i + 2].decode("ascii"))
+ return "%s%s%s%s%s%s%s%s" % (
sep,
MD5,
sep,
algorithm=SHA1,
rounds=4,
salt_len=2,
- sep=u"$"
+ sep="$"
):
"""
The meat of the module, this function takes a provided password and
# iterate the hashing algorithm over its own digest the specified
# number of times
- for i in xrange(2 ** rounds):
- hashed = algorithms[algorithm](hashed).digest()
+ for i in range(2 ** rounds):
+ hashed = algorithms[algorithm](hashed.encode("utf-8")).digest()
+ # TODO: remove this exception trap after the switch to py2k
+ try:
+ hashed = "".join(format(x, "02x") for x in bytes(hashed))
+ except ValueError:
+ hashed = "".join(format(ord(x), "02x") for x in bytes(hashed))
# concatenate the output fields, coercing into text form as needed
- return u"%s%s%s%s%s%s%s%s" % (
- sep, algorithm, sep, rounds, sep, salt, sep, _bytes_to_text(hashed)
+ return "%s%s%s%s%s%s%s%s" % (
+ sep, algorithm, sep, rounds, sep, salt, sep,
+ _bytes_to_text(hashed.encode("ascii"))
)
comes out the same as the encoded_hash.
"""
sep = encoded_hash[0]
- algorithm, rounds, salt, hashed = encoded_hash[1:].split(sep)
+ import mudpy.misc
+ algorithm, rounds, salt, hashed = encoded_hash.split(sep)[1:]
if encoded_hash == create(
password=password,
salt=salt,