This repository has been archived on 2023-09-20. You can view files and clone it, but cannot push or open issues or pull requests.
py-libreauth/libreauth/password.py
2017-12-16 19:21:18 +01:00

85 lines
3.1 KiB
Python

# Copyright Rodolphe Breard (2017)
# Author: Rodolphe Breard (2017)
#
# This software is a computer library whose purpose is to offer a
# collection of tools for user authentication.
#
# This software is governed by the CeCILL license under French law and
# abiding by the rules of distribution of free software. You can use,
# modify and/ or redistribute the software under the terms of the CeCILL
# license as circulated by CEA, CNRS and INRIA at the following URL
# "http://www.cecill.info".
#
# As a counterpart to the access to the source code and rights to copy,
# modify and redistribute granted by the license, users are provided only
# with a limited warranty and the software's author, the holder of the
# economic rights, and the successive licensors have only limited
# liability.
#
# In this respect, the user's attention is drawn to the risks associated
# with loading, using, modifying and/or developing or reproducing the
# software by the user in light of its specific status of free software,
# that may mean that it is complicated to manipulate, and that also
# therefore means that it is reserved for developers and experienced
# professionals having in-depth computer knowledge. Users are therefore
# encouraged to load and test the software's suitability as regards their
# requirements in conditions enabling the security of their systems and/or
# data to be ensured and, more generally, to use and operate it in the
# same conditions as regards security.
#
# The fact that you are presently reading this means that you have had
# knowledge of the CeCILL license and that you accept its terms.
from ctypes import *
from . import lib
PASSWORD_MIN_LEN = 8
PASSWORD_MAX_LEN = 128
PASSWORD_STORAGE_LEN = 1024
NOSTANDARD = 0
NIST80063B = 1
class LibreAuthPassError(Exception):
"""Exception raised for errors in the password authentication module.
Attributes:
code -- error code
message -- explanation of the error
"""
def __init__(self, code):
valid_codes = {
0: 'success',
1: 'password is too short',
2: 'password is too long',
10: 'invalid password format',
20: 'not enough space',
}
self.code = code
if code in valid_codes:
self.message = valid_codes[code]
else:
self.message = 'unknown error'
def password_hash(password):
return password_hash_standard(password, NOSTANDARD)
def password_hash_standard(password, standard):
pass_len = len(password)
if pass_len < PASSWORD_MIN_LEN:
raise LibreAuthPassError(1)
if pass_len > PASSWORD_MAX_LEN:
raise LibreAuthPassError(2)
buff = create_string_buffer(b'\000' * PASSWORD_STORAGE_LEN)
c_pass = create_string_buffer(password)
err = lib.libreauth_password_hash(c_pass, buff, PASSWORD_STORAGE_LEN, standard)
if err != 0:
raise LibreAuthPassError(err)
return str(buff.value, encoding="utf-8")
def is_valid(password, reference):
c_pass = create_string_buffer(password)
c_ref = create_string_buffer(bytes(reference, encoding='utf-8'))
return bool(lib.libreauth_password_is_valid(c_pass, c_ref))