/usr/lib/python3/dist-packages/passlib/handlers/md5_crypt.py is in python3-passlib 1.5.3-0ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 | """passlib.handlers.md5_crypt - md5-crypt algorithm"""
#=========================================================
#imports
#=========================================================
#core
from hashlib import md5
import re
import logging; log = logging.getLogger(__name__)
from warnings import warn
#site
#libs
from passlib.utils import b, bytes, to_bytes, h64, safe_os_crypt, \
classproperty, handlers as uh
#pkg
#local
__all__ = [
"md5_crypt",
"apr_md5_crypt",
]
#=========================================================
#pure-python backend
#=========================================================
B_NULL = b("\x00")
B_MD5_MAGIC = b("$1$")
B_APR_MAGIC = b("$apr1$")
def raw_md5_crypt(secret, salt, apr=False):
"""perform raw md5-crypt calculation
:arg secret:
password, bytes or unicode (encoded to utf-8)
:arg salt:
salt portion of hash, bytes or unicode (encoded to ascii),
clipped to max 8 bytes.
:param apr:
flag to use apache variant
:returns:
encoded checksum as unicode
"""
#NOTE: regarding 'apr' format:
# really, apache? you had to invent a whole new "$apr1$" format,
# when all you did was change the ident incorporated into the hash?
# would love to find webpage explaining why just using a portable
# implementation of $1$ wasn't sufficient. *nothing* else was changed.
#validate secret
#FIXME: can't find definitive policy on how md5-crypt handles non-ascii.
if isinstance(secret, str):
secret = secret.encode("utf-8")
#validate salt
if isinstance(salt, str):
salt = salt.encode("ascii")
if len(salt) > 8:
salt = salt[:8]
#primary hash = secret+id+salt+...
h = md5(secret)
h.update(B_APR_MAGIC if apr else B_MD5_MAGIC)
h.update(salt)
# primary hash - add len(secret) chars of tmp hash,
# where temp hash is md5(secret+salt+secret)
tmp = md5(secret + salt + secret).digest()
assert len(tmp) == 16
slen = len(secret)
h.update(tmp * (slen//16) + tmp[:slen % 16])
# primary hash - add null chars & first char of secret !?!
#
# this may have historically been a bug,
# where they meant to use tmp[0] instead of '\x00',
# but the code memclear'ed the buffer,
# and now all implementations have to use this.
#
# sha-crypt replaced this step with
# something more useful, anyways
idx = len(secret)
evenchar = secret[:1]
while idx > 0:
h.update(B_NULL if idx & 1 else evenchar)
idx >>= 1
result = h.digest()
#next:
# do 1000 rounds of md5 to make things harder.
# each round we do digest of round-specific content,
# where content is formed from concatenation of...
# secret if round % 2 else result
# salt if round % 3
# secret if round % 7
# result if round % 2 else secret
#
#NOTE:
# instead of doing this directly, this implementation
# pre-computes all the combinations of strings & md5 hash objects
# that will be needed, in order to perform round operations as fast as possible
# (so that each round consists of one hash create/copy + 1 update + 1 digest)
#
#TODO: might be able to optimize even further by removing need for tests, since
# if/then pattern is easily predicatble -
# pattern is 7-0-1-0-3-0 (where 1 bit = mult 2, 2 bit = mult 3, 3 bit = mult 7)
secret_secret = secret*2
salt_secret = salt+secret
salt_secret_secret = salt + secret*2
secret_hash = md5(secret).copy
secret_secret_hash = md5(secret_secret).copy
secret_salt_hash = md5(secret+salt).copy
secret_salt_secret_hash = md5(secret+salt_secret).copy
for idx in range(1000):
if idx & 1:
if idx % 3:
if idx % 7:
h = secret_salt_secret_hash()
else:
h = secret_salt_hash()
elif idx % 7:
h = secret_secret_hash()
else:
h = secret_hash()
h.update(result)
else:
h = md5(result)
if idx % 3:
if idx % 7:
h.update(salt_secret_secret)
else:
h.update(salt_secret)
elif idx % 7:
h.update(secret_secret)
else:
h.update(secret)
result = h.digest()
#encode resulting hash
return h64.encode_transposed_bytes(result, _chk_offsets).decode("ascii")
_chk_offsets = (
12,6,0,
13,7,1,
14,8,2,
15,9,3,
5,10,4,
11,
)
#=========================================================
#handler
#=========================================================
class _Md5Common(uh.HasSalt, uh.GenericHandler):
"common code for md5_crypt and apr_md5_crypt"
#=========================================================
#algorithm information
#=========================================================
#--GenericHandler--
#name in subclass
setting_kwds = ("salt", "salt_size")
#ident in subclass
checksum_size = 22
checksum_chars = uh.H64_CHARS
#--HasSalt--
min_salt_size = 0
max_salt_size = 8
salt_chars = uh.H64_CHARS
#=========================================================
#internal helpers
#=========================================================
@classmethod
def from_string(cls, hash):
salt, chk = uh.parse_mc2(hash, cls.ident, cls.name)
return cls(salt=salt, checksum=chk, strict=bool(chk))
def to_string(self):
return uh.render_mc2(self.ident, self.salt, self.checksum)
#=========================================================
#primary interface
#=========================================================
#calc_checksum in subclass
#=========================================================
#eoc
#=========================================================
#=========================================================
#handler
#=========================================================
class md5_crypt(uh.HasManyBackends, _Md5Common):
"""This class implements the MD5-Crypt password hash, and follows the :ref:`password-hash-api`.
It supports a variable-length salt.
The :meth:`encrypt()` and :meth:`genconfig` methods accept the following optional keywords:
:param salt:
Optional salt string.
If not specified, one will be autogenerated (this is recommended).
If specified, it must be 0-8 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
It will use the first available of two possible backends:
* stdlib :func:`crypt()`, if the host OS supports MD5-Crypt.
* a pure python implementation of MD5-Crypt built into passlib.
You can see which backend is in use by calling the :meth:`get_backend()` method.
"""
#=========================================================
#algorithm information
#=========================================================
name = "md5_crypt"
ident = "$1$"
#=========================================================
#primary interface
#=========================================================
#FIXME: can't find definitive policy on how md5-crypt handles non-ascii.
# all backends currently coerce -> utf-8
backends = ("os_crypt", "builtin")
_has_backend_builtin = True
@classproperty
def _has_backend_os_crypt(cls):
h = '$1$test$pi/xDtU5WFVRqYS6BMU8X/'
return bool(safe_os_crypt and safe_os_crypt("test",h)[1]==h)
def _calc_checksum_builtin(self, secret):
return raw_md5_crypt(secret, self.salt)
def _calc_checksum_os_crypt(self, secret):
ok, hash = safe_os_crypt(secret, self.ident + self.salt)
if ok:
return hash[-22:]
else:
return self._calc_checksum_builtin(secret)
#=========================================================
#eoc
#=========================================================
#=========================================================
#apache variant of md5-crypt
#=========================================================
class apr_md5_crypt(_Md5Common):
"""This class implements the Apr-MD5-Crypt password hash, and follows the :ref:`password-hash-api`.
It supports a variable-length salt.
The :meth:`encrypt()` and :meth:`genconfig` methods accept the following optional keywords:
:param salt:
Optional salt string.
If not specified, one will be autogenerated (this is recommended).
If specified, it must be 0-8 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
"""
#=========================================================
#algorithm information
#=========================================================
name = "apr_md5_crypt"
ident = "$apr1$"
#=========================================================
#primary interface
#=========================================================
def calc_checksum(self, secret):
return raw_md5_crypt(secret, self.salt, apr=True)
#=========================================================
#eoc
#=========================================================
#=========================================================
#eof
#=========================================================
|