-
-
Notifications
You must be signed in to change notification settings - Fork 30.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding salt and Modular Crypt Format to crypt library. #55133
Comments
Over the years I've written the same code over and over to create a random salt string of 2 characters. Worse, the Modular Crypt Format is difficult to find documentation on, so creating stronger hashed passwords is difficult to get right. To that end, I'm proposing the addition of a "mksalt()" method which will generate a salt, and several METHOD_* values to select which hashing method to use. I also figure there will need to be a "methods()" call that figures out what methods are available in the library crypt() and return a list of the available ones. If we have a way to generate a salt, then I figure we could drop the salt argument of crypt.crypt(), and if not specified to generate one. So to hash a password you could do: "crypt.crypt('password')". I figure that the best way to accomplish this is to implement this all in Python and move the existing C crypt module to _crypt. A patch accomplishing this is attached. Please review. Attached is a patch to accomplish this. |
You forgot to add the new files to your patch. |
Oops, thanks. It's in there now, though for some reason I can't get this patch to apply to trunk, but I'll have to look at that later this afternoon. I wanted to get this new version up in the interim since it definitely does include the Lib/crypt.py file, the heart of the changes. |
I've made a new .patch file using "diff -c" rather than "svn diff". This is the same code, but applies without manual intervention. |
Hello,
|
Thanks for the review. Attached is a new version of the patch.
|
Can you use "diff -u" (or simply "svn diff") when generating a patch?
It is indeed. |
Sure thing, here's an "svn diff". I had switched to the diff because I couldn't get it to patch into a fresh trunk, but the format looked fine; not sure why it couldn't find the files. Anyway, here's a new version. |
You also have to "svn add" the relevant files :) |
Not sure if that was meant to be a suggestion for why my local patching wasn't working from the "svn diff" output, but obviously -5 was messed up. Here's a new version that I can apply to my fresh trunk and passes "make test". If the suggestion was how to fix my patching from "svn diff", the problem I ran into was that it had the files in it, say crypt.py, but it was trying to apply them as if I had specified "patch -p1", even though the "svn diff" contained the paths and I hadn't done "-p1". Anyway, this diff is "diff -urN". I just can't win, I usually use "diff -u", but in the distant past Guido asked me for "diff -c" instead. :-) |
Thank you! The important is that we now have a workable patch in unified
For the record, when using "svn diff", you have to use "patch -p0" to
I would bet even Guido changed his habits :) Rietveld computes and |
Thanks for the pointer about "patch -p0". I *HAD* tried that, but it didn't seem to work either. I'll double check that though... "svn diff" is what I'd prefer, because then I can "svn commit" it when it's ready. Any other review feedback? I'll probably let this sit until 3.2 goes to maintenance and then check it into trunk, so there's some time yet... |
Ok, it seems the code inside crypt.py is duplicated in your patch.
Looks good mostly. Why do you need _MethodListClass()? Executing code at
That paragraph is a bit confusing. Also, other uses of *salt* are |
Affirmative on the "svn mv" for the C module. The duplicated code, thanks for pointing that out. Someone else mentioned it, but I didn't understand what they were saying and they didn't reply to my request for clarification. Fixed. On the modules() list, how about if I just make it a list and build it at import time? The class was the way I thought most straightforward to do it as a function, so maybe this is more reasonable? Per the documentation, I pulled down the description from above, which I think captured the uses of *salt* and removed the duplication. |
At this point I'm going to consider this good to go, and will commit it after the 3.2 final release. Thanks for the review everyone. Of course, I'm open to further suggestions until then, just not expecting any... |
Actually, the "pending" stage is only for when things have been committed :) |
Thanks. I had just read that a day or so ago, reviewing it for Brett's work. |
Committed in r88500. |
Some buildbots are failing after the commit. Also in the crypt.py module I still see things that according to msg126453 should be fixed already:
According to the PEP-8 there shouldn't be any spaces after the '[' and before the ']' (e.g. "method_list = [ METHOD_SHA512, METHOD_SHA256, METHOD_MD5 ]" and in the listcomps) and around the = in the function/method declarations/calls (e.g. "def crypt(word, salt = None):"). |
Here is the patch fixing pep-8 compatibility and test. It is against the latest commit. |
I will look at the patch. |
The patch didn't even import as-is or past the tests, but I tweaked it so it did (and made method() just an attribute on the module). |
Above-mentioned fix was committed in 0586c699d467 and 62994662676a |
I just found mksalt in the whatsnew section and got curious how you've implemented the function. IMHO it has one major security flaw. The function uses random.choice(). The choice() function generates random values with a Mersenne Twister. However MTs are not suited for any cryptographic purpose and must not be used to generate passwords, session keys or salts. The random.SystemRandom class uses os.urandom() as source which is a wrapper around /dev/urandom or the Windows crypto API. The output is suitable for short living states and salts. I'm going to chance the implementation to a global instance of random.SystemRandom() and _sr.samples() as soon as Georg has cut beta 1. _sr = random.SystemRandom() s += ''.join(_sr.samples(_saltchars, method.salt_chars)) |
New changeset 74a1110a3b50 by Christian Heimes in branch 'default': |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: