Compare commits

..

No commits in common. "19048e175d224b216c5f49a6aabc140329d020be" and "c64a2307cc189281224b5e3b464d4aba3eb34359" have entirely different histories.

13 changed files with 23 additions and 469 deletions

3
.gitignore vendored
View file

@ -39,6 +39,3 @@ nosetests.xml
# pipenv custom environment variables # pipenv custom environment variables
.env .env
# Sphinx builds
_build

View file

@ -13,4 +13,3 @@ name = "pypi"
twine = "*" twine = "*"
wheel = "*" wheel = "*"
sphinx = "*"

103
Pipfile.lock generated
View file

@ -1,7 +1,7 @@
{ {
"_meta": { "_meta": {
"hash": { "hash": {
"sha256": "5b489d0f14f5d9f666647da451d77b471ea2ee16e97f81128ec1176bbd5cbbd4" "sha256": "bc2f3999187c6f5eee3a8a8f26c22b796b5034c7a412de94fd6f95c37c020cc4"
}, },
"host-environment-markers": { "host-environment-markers": {
"implementation_name": "cpython", "implementation_name": "cpython",
@ -9,9 +9,9 @@
"os_name": "posix", "os_name": "posix",
"platform_machine": "x86_64", "platform_machine": "x86_64",
"platform_python_implementation": "CPython", "platform_python_implementation": "CPython",
"platform_release": "4.14.5-1-ARCH", "platform_release": "4.13.12-1-ARCH",
"platform_system": "Linux", "platform_system": "Linux",
"platform_version": "#1 SMP PREEMPT Sun Dec 10 14:50:30 UTC 2017", "platform_version": "#1 SMP PREEMPT Wed Nov 8 11:54:06 CET 2017",
"python_full_version": "3.6.3", "python_full_version": "3.6.3",
"python_version": "3.6", "python_version": "3.6",
"sys_platform": "linux" "sys_platform": "linux"
@ -28,20 +28,6 @@
}, },
"default": {}, "default": {},
"develop": { "develop": {
"alabaster": {
"hashes": [
"sha256:2eef172f44e8d301d25aff8068fddd65f767a3f04b5f15b0f4922f113aa1c732",
"sha256:37cdcb9e9954ed60912ebc1ca12a9d12178c26637abdf124e3cde2341c257fe0"
],
"version": "==0.7.10"
},
"babel": {
"hashes": [
"sha256:f20b2acd44f587988ff185d8949c3e208b4b3d5d20fcab7d91fe481ffa435528",
"sha256:6007daf714d0cd5524bbe436e2d42b3c20e68da66289559341e48d2cd6d25811"
],
"version": "==2.5.1"
},
"certifi": { "certifi": {
"hashes": [ "hashes": [
"sha256:244be0d93b71e93fc0a0a479862051414d0e00e16435707e5bf5000f92e04694", "sha256:244be0d93b71e93fc0a0a479862051414d0e00e16435707e5bf5000f92e04694",
@ -56,14 +42,6 @@
], ],
"version": "==3.0.4" "version": "==3.0.4"
}, },
"docutils": {
"hashes": [
"sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6",
"sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6",
"sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274"
],
"version": "==0.14"
},
"idna": { "idna": {
"hashes": [ "hashes": [
"sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4", "sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4",
@ -71,26 +49,6 @@
], ],
"version": "==2.6" "version": "==2.6"
}, },
"imagesize": {
"hashes": [
"sha256:6ebdc9e0ad188f9d1b2cdd9bc59cbe42bf931875e829e7a595e6b3abdc05cdfb",
"sha256:0ab2c62b87987e3252f89d30b7cedbec12a01af9274af9ffa48108f2c13c6062"
],
"version": "==0.7.1"
},
"jinja2": {
"hashes": [
"sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd",
"sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4"
],
"version": "==2.10"
},
"markupsafe": {
"hashes": [
"sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665"
],
"version": "==1.0"
},
"pkginfo": { "pkginfo": {
"hashes": [ "hashes": [
"sha256:31a49103180ae1518b65d3f4ce09c784e2bc54e338197668b4fb7dc539521024", "sha256:31a49103180ae1518b65d3f4ce09c784e2bc54e338197668b4fb7dc539521024",
@ -98,27 +56,6 @@
], ],
"version": "==1.4.1" "version": "==1.4.1"
}, },
"pygments": {
"hashes": [
"sha256:78f3f434bcc5d6ee09020f92ba487f95ba50f1e3ef83ae96b9d5ffa1bab25c5d",
"sha256:dbae1046def0efb574852fab9e90209b23f556367b5a320c0bcb871c77c3e8cc"
],
"version": "==2.2.0"
},
"pytz": {
"hashes": [
"sha256:80af0f3008046b9975242012a985f04c5df1f01eed4ec1633d56cc47a75a6a48",
"sha256:feb2365914948b8620347784b6b6da356f31c9d03560259070b2f30cff3d469d",
"sha256:59707844a9825589878236ff2f4e0dc9958511b7ffaae94dc615da07d4a68d33",
"sha256:d0ef5ef55ed3d37854320d4926b04a4cb42a2e88f71da9ddfdacfde8e364f027",
"sha256:c41c62827ce9cafacd6f2f7018e4f83a6f1986e87bfd000b8cfbd4ab5da95f1a",
"sha256:8cc90340159b5d7ced6f2ba77694d946fc975b09f1a51d93f3ce3bb399396f94",
"sha256:dd2e4ca6ce3785c8dd342d1853dd9052b19290d5bf66060846e5dc6b8d6667f7",
"sha256:699d18a2a56f19ee5698ab1123bbcc1d269d061996aeb1eda6d89248d3542b82",
"sha256:fae4cffc040921b8a2d60c6cf0b5d662c1190fe54d718271db4eb17d44a185b7"
],
"version": "==2017.3"
},
"requests": { "requests": {
"hashes": [ "hashes": [
"sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b", "sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b",
@ -133,40 +70,12 @@
], ],
"version": "==0.8.0" "version": "==0.8.0"
}, },
"six": {
"hashes": [
"sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb",
"sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9"
],
"version": "==1.11.0"
},
"snowballstemmer": {
"hashes": [
"sha256:9f3bcd3c401c3e862ec0ebe6d2c069ebc012ce142cce209c098ccb5b09136e89",
"sha256:919f26a68b2c17a7634da993d91339e288964f93c274f1343e3bbbe2096e1128"
],
"version": "==1.2.1"
},
"sphinx": {
"hashes": [
"sha256:fdf77f4f30d84a314c797d67fe7d1b46665e6c48a25699d7bf0610e05a2221d4",
"sha256:c6de5dbdbb7a0d7d2757f4389cc00e8f6eb3c49e1772378967a12cfcf2cfe098"
],
"version": "==1.6.5"
},
"sphinxcontrib-websupport": {
"hashes": [
"sha256:f4932e95869599b89bf4f80fc3989132d83c9faa5bf633e7b5e0c25dffb75da2",
"sha256:7a85961326aa3a400cd4ad3c816d70ed6f7c740acd7ce5d78cd0a67825072eb9"
],
"version": "==1.0.1"
},
"tqdm": { "tqdm": {
"hashes": [ "hashes": [
"sha256:4c041f8019f7be65b8028ddde9a836f7ccc51c4637f1ff2ba9b5813d38d19d5a", "sha256:733ce813ab83e17a03da34043c6265e29f6731e3cbbbe305b12694ced0af6770",
"sha256:df32e6f127dc0ccbc675eadb33f749abbcb8f174c5cb9ec49c0cdb73aa737377" "sha256:7ca803c2ea268c6bdb541e2dac74a3af23cf4bf7b4132a6a78926d255f8c8df1"
], ],
"version": "==4.19.5" "version": "==4.19.4"
}, },
"twine": { "twine": {
"hashes": [ "hashes": [

View file

@ -4,30 +4,6 @@ Python LibreAuth
Python bindings to the LibreAuth library. Python bindings to the LibreAuth library.
LibreAuth is a collection of tools for user authentication written in Rust. LibreAuth is a collection of tools for user authentication written in Rust.
.. image:: https://api.travis-ci.org/breard-r/py-libreauth.png
:target: https://travis-ci.org/breard-r/py-libreauth
:alt: Build status
.. image:: https://readthedocs.org/projects/py-libreauth/badge/?version=latest
:target: http://py-libreauth.readthedocs.io/en/latest/?badge=latest
:alt: Documentation Status
.. image:: https://img.shields.io/pypi/status/libreauth.svg
:target: https://pypi.python.org/pypi/libreauth
:alt: Project status
.. image:: https://img.shields.io/pypi/v/libreauth.svg
:target: https://pypi.python.org/pypi/libreauth
:alt: Version
.. image:: https://img.shields.io/pypi/pyversions/libreauth.svg
:target: https://pypi.python.org/pypi/libreauth
:alt: Python versions
.. image:: https://img.shields.io/pypi/l/libreauth.svg
:target: http://cecill.info/index.en.html
:alt: CeCILL license
Features Features
-------- --------
@ -59,3 +35,9 @@ This is a work in progress. Some features may not be available.
- ✗ customizable output length - ✗ customizable output length
- ✗ customizable output alphabet - ✗ customizable output alphabet
- ✗ customizable positive and negative period tolerance - ✗ customizable positive and negative period tolerance
Requirements
------------
LibreAuth 0.6 or higher.

View file

@ -1,20 +0,0 @@
# Minimal makefile for Sphinx documentation
#
# You can set these variables from the command line.
SPHINXOPTS =
SPHINXBUILD = sphinx-build
SPHINXPROJ = LibreAuth
SOURCEDIR = .
BUILDDIR = _build
# Put it first so that "make" without argument is like "make help".
help:
@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
.PHONY: help Makefile
# Catch-all target: route all unknown targets to Sphinx using the new
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
%: Makefile
@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

View file

@ -1,169 +0,0 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# LibreAuth documentation build configuration file, created by
# sphinx-quickstart on Sat Dec 16 23:15:23 2017.
#
# This file is execfile()d with the current directory set to its
# containing dir.
#
# Note that not all possible configuration values are present in this
# autogenerated file.
#
# All configuration values have a default; values that are commented out
# serve to show the default.
# If extensions (or modules to document with autodoc) are in another directory,
# add these directories to sys.path here. If the directory is relative to the
# documentation root, use os.path.abspath to make it absolute, like shown here.
#
# import os
# import sys
# sys.path.insert(0, os.path.abspath('.'))
# -- General configuration ------------------------------------------------
# If your documentation needs a minimal Sphinx version, state it here.
#
# needs_sphinx = '1.0'
# Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = []
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
# The suffix(es) of source filenames.
# You can specify multiple suffix as a list of string:
#
# source_suffix = ['.rst', '.md']
source_suffix = '.rst'
# The master toctree document.
master_doc = 'index'
# General information about the project.
project = 'LibreAuth'
copyright = '2017, Rodolphe Bréard'
author = 'Rodolphe Bréard'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = '0.1'
# The full version, including alpha/beta/rc tags.
release = '0.1.0.dev3'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
#
# This is also used if you do content translation via gettext catalogs.
# Usually you set "language" from the command line for these cases.
language = None
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
# This patterns also effect to html_static_path and html_extra_path
exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
# The name of the Pygments (syntax highlighting) style to use.
pygments_style = 'sphinx'
# If true, `todo` and `todoList` produce output, else they produce nothing.
todo_include_todos = False
# -- Options for HTML output ----------------------------------------------
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
#
html_theme = 'alabaster'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# documentation.
#
# html_theme_options = {}
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static']
# Custom sidebar templates, must be a dictionary that maps document names
# to template names.
#
# This is required for the alabaster theme
# refs: http://alabaster.readthedocs.io/en/latest/installation.html#sidebars
html_sidebars = {
'**': [
'relations.html', # needs 'show_related': True theme option to display
'searchbox.html',
]
}
# -- Options for HTMLHelp output ------------------------------------------
# Output file base name for HTML help builder.
htmlhelp_basename = 'LibreAuthdoc'
# -- Options for LaTeX output ---------------------------------------------
latex_elements = {
# The paper size ('letterpaper' or 'a4paper').
#
# 'papersize': 'letterpaper',
# The font size ('10pt', '11pt' or '12pt').
#
# 'pointsize': '10pt',
# Additional stuff for the LaTeX preamble.
#
# 'preamble': '',
# Latex figure (float) alignment
#
# 'figure_align': 'htbp',
}
# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title,
# author, documentclass [howto, manual, or own class]).
latex_documents = [
(master_doc, 'LibreAuth.tex', 'LibreAuth Documentation',
'Rodolphe Bréard', 'manual'),
]
# -- Options for manual page output ---------------------------------------
# One entry per manual page. List of tuples
# (source start file, name, description, authors, manual section).
man_pages = [
(master_doc, 'libreauth', 'LibreAuth Documentation',
[author], 1)
]
# -- Options for Texinfo output -------------------------------------------
# Grouping the document tree into Texinfo files. List of tuples
# (source start file, target name, title, author,
# dir menu entry, description, category)
texinfo_documents = [
(master_doc, 'LibreAuth', 'LibreAuth Documentation',
author, 'LibreAuth', 'One line description of project.',
'Miscellaneous'),
]

View file

@ -1,18 +0,0 @@
.. include:: ../README.rst
Reference
---------
.. toctree::
:maxdepth: 2
:titlesonly:
:glob:
install.rst
password.rst
Indices and tables
------------------
* :ref:`genindex`

View file

@ -1,32 +0,0 @@
Install
=======
In order to work, you need to install LibreAuth 0.6 or higher.
Installing Rust with rustup
---------------------------
LibreAuth is developed in Rust. If you do not already have the latest stable version of the Rust compiler, you can install it with rustup.
.. code-block:: console
curl https://sh.rustup.rs -sSf | sh
rustc --version
cargo --version
Building LibreAuth
------------------
Now that we have the Rust compiler, let's download and install LibreAuth.
.. code-block:: console
wget 'https://github.com/breard-r/libreauth/archive/v0.6.0.tar.gz' -O '/tmp/libreauth.tar.gz'
tar -xvf '/tmp/libreauth.tar.gz'
cd 'libreauth-0.6.0'
make
sudo make install
It is not mandatory to install it system-wide. You can also copy the file ``target/release/liblibreauth.so`` anywhere and specify its path using the ``LIBREAUTH_LIB_PATH`` environment variable.

View file

@ -1,36 +0,0 @@
@ECHO OFF
pushd %~dp0
REM Command file for Sphinx documentation
if "%SPHINXBUILD%" == "" (
set SPHINXBUILD=sphinx-build
)
set SOURCEDIR=.
set BUILDDIR=_build
set SPHINXPROJ=LibreAuth
if "%1" == "" goto help
%SPHINXBUILD% >NUL 2>NUL
if errorlevel 9009 (
echo.
echo.The 'sphinx-build' command was not found. Make sure you have Sphinx
echo.installed, then set the SPHINXBUILD environment variable to point
echo.to the full path of the 'sphinx-build' executable. Alternatively you
echo.may add the Sphinx directory to PATH.
echo.
echo.If you don't have Sphinx installed, grab it from
echo.http://sphinx-doc.org/
exit /b 1
)
%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
goto end
:help
%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
:end
popd

View file

@ -1,28 +0,0 @@
Password module
===============
Hashing a password
------------------
::
from libreauth.password import *
password = b'my super secret password'
hashed = password_hash(password)
Verifying a password against the hash
-------------------------------------
::
from libreauth.password import *
password = b'user submited password'
hashed = ''
if is_valid(password, hashed):
// Successful authentication
pass
else:
// Failed authentication
pass

View file

@ -63,7 +63,10 @@ class LibreAuthPassError(Exception):
else: else:
self.message = 'unknown error' self.message = 'unknown error'
def password_hash(password, standard=NOSTANDARD): def password_hash(password):
return password_hash_standard(password, NOSTANDARD)
def password_hash_standard(password, standard):
pass_len = len(password) pass_len = len(password)
if pass_len < PASSWORD_MIN_LEN: if pass_len < PASSWORD_MIN_LEN:
raise LibreAuthPassError(1) raise LibreAuthPassError(1)

View file

@ -10,7 +10,7 @@ with open(path.join(here, 'README.rst'), encoding='utf-8') as f:
setup( setup(
name='libreauth', name='libreauth',
version='0.1.0.dev3', version='0.1.0.dev2',
description='Python bindings to the LibreAuth library.', description='Python bindings to the LibreAuth library.',
long_description=long_description, long_description=long_description,
url='https://github.com/breard-r/py-libreauth', url='https://github.com/breard-r/py-libreauth',
@ -20,19 +20,11 @@ setup(
classifiers=[ classifiers=[
'Development Status :: 1 - Planning', 'Development Status :: 1 - Planning',
'License :: OSI Approved :: CEA CNRS Inria Logiciel Libre License, version 2.1 (CeCILL-2.1)', 'License :: OSI Approved :: CEA CNRS Inria Logiciel Libre License, version 2.1 (CeCILL-2.1)',
'Programming Language :: Python :: 3.3',
'Programming Language :: Python :: 3.4',
'Programming Language :: Python :: 3.5',
'Programming Language :: Python :: 3.6',
'Programming Language :: Python :: 3.7',
'Programming Language :: Python :: 3 :: Only', 'Programming Language :: Python :: 3 :: Only',
'Programming Language :: Python :: Implementation :: CPython',
'Programming Language :: Python :: Implementation :: PyPy',
'Topic :: Security', 'Topic :: Security',
], ],
keywords='authentication password oath hotp totp', keywords='authentication password oath hotp totp',
packages=find_packages(exclude=['contrib', 'docs', 'tests']), packages=find_packages(exclude=['contrib', 'docs', 'tests']),
python_requires='~=3.3',
data_files=[ data_files=[
('license', ['LICENSE-EN.txt', 'LICENSE-FR.txt']), ('license', ['LICENSE-EN.txt', 'LICENSE-FR.txt']),
], ],

View file

@ -1,5 +1,5 @@
# Copyright Rodolphe Breard (2017-2018) # Copyright Rodolphe Breard (2017)
# Author: Rodolphe Breard (2017-2018) # Author: Rodolphe Breard (2017)
# #
# This software is a computer library whose purpose is to offer a # This software is a computer library whose purpose is to offer a
# collection of tools for user authentication. # collection of tools for user authentication.
@ -33,57 +33,32 @@
from libreauth.password import * from libreauth.password import *
import unittest import unittest
class PasswordTestCase(unittest.TestCase): class PasswordTestCase(unittest.TestCase):
def test_hash(self): def test_default(self):
p = b'my super password' p = b'my super password'
h = password_hash(p) h = password_hash(p)
self.assertTrue(h.startswith('$')) self.assertTrue(h.startswith('$'))
self.assertEqual(len(h.split('$')), 5) self.assertEqual(len(h.split('$')), 5)
def test_valid(self):
p = b'my super password'
h = password_hash(p)
self.assertTrue(is_valid(p, h))
def test_invalid(self):
p = b'bad password'
h = '$argon2$len=32,passes=3,lanes=4,mem=12$AM4ncnAXFeC9HVVEFhOLeg$' \
'PShZis96oh5lL6AQyjOZMS+nvF4b+B/4Rs7+Pncvub0'
self.assertFalse(is_valid(p, h))
def test_std(self):
p = b'my super password'
for std in (NOSTANDARD, NIST80063B, ):
h = password_hash(p, standard=std)
self.assertTrue(h.startswith('$'))
self.assertEqual(len(h.split('$')), 5)
self.assertTrue(is_valid(p, h)) self.assertTrue(is_valid(p, h))
self.assertFalse(is_valid(b'bad password', h)) self.assertFalse(is_valid(b'bad password', h))
def test_pass_too_short(self): def test_std(self):
p = b'my super password'
for std in (NOSTANDARD, NIST80063B, ):
h = password_hash_standard(p, NIST80063B)
self.assertTrue(h.startswith('$'))
self.assertEqual(len(h.split('$')), 5)
self.assertTrue(is_valid(p, h))
self.assertFalse(is_valid(b'bad password', h))
def test_invalid_pass_len(self):
for p in (b'', b'a', b'1234567'): for p in (b'', b'a', b'1234567'):
with self.assertRaises(LibreAuthPassError) as cm: with self.assertRaises(LibreAuthPassError) as cm:
password_hash(p) password_hash(p)
e = cm.exception e = cm.exception
self.assertEqual(e.code, 1) self.assertEqual(e.code, 1)
def test_pass_too_long(self):
for p in (b'a' * 129, b'1' * 256): for p in (b'a' * 129, b'1' * 256):
with self.assertRaises(LibreAuthPassError) as cm: with self.assertRaises(LibreAuthPassError) as cm:
password_hash(p) password_hash(p)
e = cm.exception e = cm.exception
self.assertEqual(e.code, 2) self.assertEqual(e.code, 2)
def test_invalid_format(self):
p = b'my super password'
refs = (
'',
'plop',
'$argon3$len=32,passes=3,lanes=4,mem=12$AM4ncnAXFeC9HVVEFhOLeg$' \
'PShZis96oh5lL6AQyjOZMS+nvF4b+B/4Rs7+Pncvub0',
'$argon2$len=32,passes=3;lanes=4,mem=12$AM4ncnAXFeC9HVVEFhOLeg$' \
'PShZis96oh5lL6AQyjOZMS+nvF4b+B/4Rs7+Pncvub0',
)
for h in refs:
self.assertFalse(is_valid(p, h))