entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity

hashers: fix drupal password hasher (#45576)

This commit is contained in:
Valentin Deniaud 2020-07-30 14:24:58 +02:00
parent 069daa4fd5
commit a3301348a0
2 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/authentic2/hashers.py
View File

@ -47,17 +47,17 @@ class Drupal7PasswordHasher(hashers.BasePasswordHasher):
count = len(v)
i = 0
while i < count:
value = ord(v[i])
value = v[i]
i += 1
out += self.i64toa(value & 0x3f)
if i < count:
value |= ord(v[i]) << 8
value |= v[i] << 8
out += self.i64toa((value >> 6) & 0x3f)
if i == count:
break
i += 1
if i < count:
value |= ord(v[i]) << 16
value |= v[i] << 16
out += self.i64toa((value >> 12) & 0x3f)
if i == count:
break
@ -74,14 +74,14 @@ class Drupal7PasswordHasher(hashers.BasePasswordHasher):
def to_drupal(self, encoded):
algo, count, salt, h = encoded.split('$', 3)
count = self.atoi64(math.ceil(math.log(count, 2)))
count = self.i64toa(math.ceil(math.log(int(count), 2)))
return '$S$%s%s%s' % (count, salt, h)
def encode(self, password, salt, iterations):
assert password
assert salt and '$' not in salt
h = force_bytes(salt)
password = force_bytes(password)
h = salt.encode()
password = password.encode()
for i in range(iterations + 1):
h = self.digest(h + password).digest()
return "%s$%d$%s$%s" % (self.algorithm, iterations, salt, self.b64encode(h)[:43])

10
tests/test_hashers.py
View File

@ -53,3 +53,13 @@ def test_plone_hasher():
assert hasher.verify(
'Azerty!123',
'plonesha1${SSHA}vS4g4MtzJyAjvhyW7vsrgjpJ6lDCU+Y42a6p')
def test_drupal_hasher():
hasher = hashers.Drupal7PasswordHasher()
encoded = '$S$Dynle.OzZaDw.KtHA3F81KvwnKFkFI3YPxe/q9ksun7HjrpEDy6N'
pwd = 'Azerty!123'
dj_encoded = hasher.from_drupal(encoded)
assert hasher.verify(pwd, dj_encoded)
assert hasher.to_drupal(dj_encoded) == encoded