"""passlib.utils -- helpers for writing password hashes""" from __future__ import annotations import codecs import hmac import inspect import itertools import math import os import random import stringprep import sys import time import timeit import unicodedata from collections.abc import Iterable, Sequence from typing import AnyStr from passlib.exc import ExpectedStringError, ExpectedTypeError from passlib.utils.binary import ( AB64_CHARS, # [remove these aliases in 2.0] BASE64_CHARS, BCRYPT_CHARS, HASH64_CHARS, Base64Engine, LazyBase64Engine, ab64_decode, ab64_encode, b64s_decode, b64s_encode, bcrypt64, h64, h64big, ) from passlib.utils.compat import ( add_doc, get_method_function, join_bytes, join_unicode, unicode_or_bytes, ) from passlib.utils.decor import ( classproperty, # [remove these aliases in 2.0] deprecated_function, deprecated_method, hybrid_method, memoized_property, ) __all__ = [ "AB64_CHARS", "BASE64_CHARS", "BCRYPT_CHARS", "Base64Engine", "HASH64_CHARS", "LazyBase64Engine", "ab64_decode", "ab64_encode", "b64s_decode", "b64s_encode", "bcrypt64", "classproperty", "consteq", "deprecated_method", "generate_password", "getrandbytes", "getrandstr", "h64", "h64big", "has_crypt", "has_rounds_info", "has_salt_info", "hybrid_method", "is_ascii_safe", "is_crypt_context", "is_crypt_handler", "is_same_codec", "join_bytes", "join_unicode", "memoized_property", "render_bytes", "rng", "rounds_cost_values", "safe_crypt", "saslprep", "sys_bits", "test_crypt", "tick", "to_bytes", "to_native_str", "to_unicode", "unix_crypt_schemes", "xor_bytes", ] # bitsize of system architecture (32 or 64) sys_bits = int(math.log2(sys.maxsize) + 1.5) # list of hashes algs supported by crypt() on at least one OS. # XXX: move to .registry for passlib 2.0? unix_crypt_schemes = [ "sha512_crypt", "sha256_crypt", "sha1_crypt", "bcrypt", "md5_crypt", # "bsd_nthash", "bsdi_crypt", "des_crypt", ] rounds_cost_values = ["linear", "log2"] _BEMPTY = b"" _UEMPTY = "" _USPACE = " " # maximum password size which passlib will allow; see exc.PasswordSizeError MAX_PASSWORD_SIZE = int(os.environ.get("PASSLIB_MAX_PASSWORD_SIZE") or 4096) class SequenceMixin: """ helper which lets result object act like a fixed-length sequence. subclass just needs to provide :meth:`_as_tuple()`. """ def _as_tuple(self): raise NotImplementedError("implement in subclass") def __repr__(self): return repr(self._as_tuple()) def __getitem__(self, idx): return self._as_tuple()[idx] def __iter__(self): return iter(self._as_tuple()) def __len__(self): return len(self._as_tuple()) def __eq__(self, other): return self._as_tuple() == other def __hash__(self) -> int: return hash(self._as_tuple()) def __ne__(self, other): return not self.__eq__(other) # getargspec() is deprecated, use this under py3. # even though it's a lot more awkward to get basic info :| _VAR_KEYWORD = inspect.Parameter.VAR_KEYWORD _VAR_ANY_SET = {_VAR_KEYWORD, inspect.Parameter.VAR_POSITIONAL} def accepts_keyword(func, key): """test if function accepts specified keyword""" params = inspect.signature(get_method_function(func)).parameters if not params: return False arg = params.get(key) if arg and arg.kind not in _VAR_ANY_SET: return True # XXX: annoying what we have to do to determine if VAR_KWDS in use. return params[list(params)[-1]].kind == _VAR_KEYWORD def update_mixin_classes( target, add=None, remove=None, append=False, before=None, after=None, dryrun=False ): """ helper to update mixin classes installed in target class. :param target: target class whose bases will be modified. :param add: class / classes to install into target's base class list. :param remove: class / classes to remove from target's base class list. :param append: by default, prepends mixins to front of list. if True, appends to end of list instead. :param after: optionally make sure all mixins are inserted after this class / classes. :param before: optionally make sure all mixins are inserted before this class / classes. :param dryrun: optionally perform all calculations / raise errors, but don't actually modify the class. """ if isinstance(add, type): add = [add] bases = list(target.__bases__) # strip out requested mixins if remove: if isinstance(remove, type): remove = [remove] for mixin in remove: if add and mixin in add: continue if mixin in bases: bases.remove(mixin) # add requested mixins if add: for mixin in add: # if mixin already present (explicitly or not), leave alone if any(issubclass(base, mixin) for base in bases): continue # determine insertion point if append: for idx, base in enumerate(bases): if issubclass(mixin, base): # don't insert mixin after one of it's own bases break if before and issubclass(base, before): # don't insert mixin after any classes. break else: # append to end idx = len(bases) elif after: for end_idx, base in enumerate(reversed(bases)): if issubclass(base, after): # don't insert mixin before any classes. idx = len(bases) - end_idx assert bases[idx - 1] == base break else: idx = 0 else: # insert at start idx = 0 # insert mixin bases.insert(idx, mixin) # modify class if not dryrun: target.__bases__ = tuple(bases) def batch(source, size): """ split iterable into chunks of elements. """ if size < 1: raise ValueError("size must be positive integer") if isinstance(source, Sequence): end = len(source) i = 0 while i < end: n = i + size yield source[i:n] i = n elif isinstance(source, Iterable): itr = iter(source) while True: chunk_itr = itertools.islice(itr, size) try: first = next(chunk_itr) except StopIteration: break yield itertools.chain((first,), chunk_itr) else: raise TypeError("source must be iterable") def consteq(left, right): if type(left) is not type(right): raise TypeError left = left.encode() if isinstance(left, str) else left right = right.encode() if isinstance(right, str) else right return hmac.compare_digest(left, right) def splitcomma(source, sep=","): """split comma-separated string into list of elements, stripping whitespace. """ source = source.strip() if source.endswith(sep): source = source[:-1] if not source: return [] return [elem.strip() for elem in source.split(sep)] def saslprep(source, param="value"): """Normalizes unicode strings using SASLPrep stringprep profile. The SASLPrep profile is defined in :rfc:`4013`. It provides a uniform scheme for normalizing unicode usernames and passwords before performing byte-value sensitive operations such as hashing. Among other things, it normalizes diacritic representations, removes non-printing characters, and forbids invalid characters such as ``\\n``. Properly internationalized applications should run user passwords through this function before hashing. :arg source: unicode string to normalize & validate :param param: Optional noun identifying source parameter in error messages (Defaults to the string ``"value"``). This is mainly useful to make the caller's error messages make more sense contextually. :raises ValueError: if any characters forbidden by the SASLPrep profile are encountered. :raises TypeError: if input is not :class:`!unicode` :returns: normalized unicode string .. note:: This function is not available under Jython, as the Jython stdlib is missing the :mod:`!stringprep` module (`Jython issue 1758320 `_). .. versionadded:: 1.6 """ # saslprep - http://tools.ietf.org/html/rfc4013 # stringprep - http://tools.ietf.org/html/rfc3454 # http://docs.python.org/library/stringprep.html # validate type # XXX: support bytes (e.g. run through want_unicode)? # might be easier to just integrate this into cryptcontext. if not isinstance(source, str): raise TypeError(f"input must be string, not {type(source)}") # mapping stage # - map non-ascii spaces to U+0020 (stringprep C.1.2) # - strip 'commonly mapped to nothing' chars (stringprep B.1) data = "".join( _USPACE if stringprep.in_table_c12(c) else c for c in source if not stringprep.in_table_b1(c) ) # normalize to KC form data = unicodedata.normalize("NFKC", data) if not data: return _UEMPTY # check for invalid bi-directional strings. # stringprep requires the following: # - chars in C.8 must be prohibited. # - if any R/AL chars in string: # - no L chars allowed in string # - first and last must be R/AL chars # this checks if start/end are R/AL chars. if so, prohibited loop # will forbid all L chars. if not, prohibited loop will forbid all # R/AL chars instead. in both cases, prohibited loop takes care of C.8. is_ral_char = stringprep.in_table_d1 if is_ral_char(data[0]): if not is_ral_char(data[-1]): raise ValueError("malformed bidi sequence in " + param) # forbid L chars within R/AL sequence. is_forbidden_bidi_char = stringprep.in_table_d2 else: # forbid R/AL chars if start not setup correctly; L chars allowed. is_forbidden_bidi_char = is_ral_char # check for prohibited output - stringprep tables A.1, B.1, C.1.2, C.2 - C.9 forbidden_ = [ (stringprep.in_table_a1, "unassigned code points forbidden in "), (stringprep.in_table_c21_c22, "control characters forbidden in "), (stringprep.in_table_c3, "private use characters forbidden in "), (stringprep.in_table_c4, "non-char code points forbidden in "), (stringprep.in_table_c4, "non-char code points forbidden in "), (stringprep.in_table_c4, "non-char code points forbidden in "), (stringprep.in_table_c5, "surrogate codes forbidden in "), (stringprep.in_table_c6, "non-plaintext chars forbidden in "), (stringprep.in_table_c7, "non-canonical chars forbidden in "), ( stringprep.in_table_c8, "display-modifying / deprecated chars forbidden in", ), (stringprep.in_table_c9, "tagged characters forbidden in "), # do bidi constraint check chosen by bidi init, above (is_forbidden_bidi_char, "forbidden bidi character in "), ] for c in data: # check for chars mapping stage should have removed assert not stringprep.in_table_b1(c), "failed to strip B.1 in mapping stage" assert not stringprep.in_table_c12(c), ( "failed to replace C.1.2 in mapping stage" ) for func, err_msg in forbidden_: if func(c): raise ValueError(f"{err_msg} {param}") return data def render_bytes(source, *args): """Peform ``%`` formating using bytes in a uniform manner across Python 2/3. This function is motivated by the fact that :class:`bytes` instances do not support ``%`` or ``{}`` formatting under Python 3. This function is an attempt to provide a replacement: it converts everything to unicode (decoding bytes instances as ``latin-1``), performs the required formatting, then encodes the result to ``latin-1``. Calling ``render_bytes(source, *args)`` should function roughly the same as ``source % args`` under Python 2. .. todo:: python >= 3.5 added back limited support for bytes %, can revisit when 3.3/3.4 is dropped. """ if isinstance(source, bytes): source = source.decode("latin-1") result = source % tuple( arg.decode("latin-1") if isinstance(arg, bytes) else arg for arg in args ) return result.encode("latin-1") def bytes_to_int(value): return int.from_bytes(value, "big") def int_to_bytes(value, count): return value.to_bytes(count, "big") add_doc(bytes_to_int, "decode byte string as single big-endian integer") add_doc(int_to_bytes, "encode integer as single big-endian byte string") def xor_bytes(left: bytes, right: bytes) -> bytes: """Perform bitwise-xor of two byte strings (must be same size)""" return int_to_bytes(bytes_to_int(left) ^ bytes_to_int(right), len(left)) def repeat_string(source: AnyStr, size: int) -> AnyStr: """ repeat or truncate string, so it has length """ mult = 1 + (size - 1) // len(source) return (source * mult)[:size] def utf8_repeat_string(source: bytes, size: int) -> bytes: """ variant of repeat_string() which truncates to nearest UTF8 boundary. """ mult = 1 + (size - 1) // len(source) return utf8_truncate(source * mult, size) _BNULL = b"\x00" _UNULL = "\x00" def right_pad_string(source: AnyStr, size: int, pad: AnyStr | None = None) -> AnyStr: """right-pad or truncate string, so it has length """ if pad is None: pad = _UNULL if isinstance(source, str) else _BNULL length = len(source) if size > length: return source + pad * (size - length) return source[:size] def utf8_truncate(source: bytes, index: int) -> bytes: """ helper to truncate UTF8 byte string to nearest character boundary ON OR AFTER . returned prefix will always have length of at least , and will stop on the first byte that's not a UTF8 continuation byte (128 - 191 inclusive). since utf8 should never take more than 4 bytes to encode known unicode values, we can stop after ``index+3`` is reached. """ # general approach: # # * UTF8 bytes will have high two bits (0xC0) as one of: # 00 -- ascii char # 01 -- ascii char # 10 -- continuation of multibyte char # 11 -- start of multibyte char. # thus we can cut on anything where high bits aren't "10" (0x80; continuation byte) # # * UTF8 characters SHOULD always be 1 to 4 bytes, though they may be unbounded. # so we just keep going until first non-continuation byte is encountered, or end of str. # this should work predictably even for malformed/non UTF8 inputs. if not isinstance(source, bytes): raise ExpectedTypeError(source, bytes, "source") # validate index end = len(source) if index < 0: index = max(0, index + end) if index >= end: return source # can stop search after 4 bytes, won't ever have longer utf8 sequence. end = min(index + 3, end) # loop until we find non-continuation byte while index < end: if source[index] & 0xC0 != 0x80: # found single-char byte, or start-char byte. break # else: found continuation byte. index += 1 else: assert index == end # truncate at final index result = source[:index] def sanity_check(): # try to decode source try: text = source.decode("utf-8") except UnicodeDecodeError: # if source isn't valid utf8, byte level match is enough return True # validate that result was cut on character boundary assert text.startswith(result.decode("utf-8")) return True assert sanity_check() return result _ASCII_TEST_BYTES = b"\x00\n aA:#!\x7f" _ASCII_TEST_UNICODE = _ASCII_TEST_BYTES.decode("ascii") def is_ascii_codec(codec: str) -> bool: """Test if codec is compatible with 7-bit ascii (e.g. latin-1, utf-8; but not utf-16)""" return _ASCII_TEST_UNICODE.encode(codec) == _ASCII_TEST_BYTES def is_same_codec(left: str, right: str) -> bool: """Check if two codec names are aliases for same codec""" if left == right: return True if not (left and right): return False return codecs.lookup(left).name == codecs.lookup(right).name _B80 = b"\x80"[0] _U80 = "\x80" def is_ascii_safe(source: AnyStr) -> bool: """Check if string (bytes or unicode) contains only 7-bit ascii""" r = _B80 if isinstance(source, bytes) else _U80 return all(c < r for c in source) def to_bytes( source: str | bytes, encoding: str = "utf-8", param: str = "value", source_encoding: str | None = None, ) -> bytes: """Helper to normalize input to bytes. :arg source: Source bytes/unicode to process. :arg encoding: Target encoding (defaults to ``"utf-8"``). :param param: Optional name of variable/noun to reference when raising errors :param source_encoding: If this is specified, and the source is bytes, the source will be transcoded from *source_encoding* to *encoding* (via unicode). :raises TypeError: if source is not str or bytes. :returns: * unicode strings will be encoded using *encoding*, and returned. * if *source_encoding* is not specified, byte strings will be returned unchanged. * if *source_encoding* is specified, byte strings will be transcoded to *encoding*. """ assert encoding if isinstance(source, bytes): if source_encoding and not is_same_codec(source_encoding, encoding): return source.decode(source_encoding).encode(encoding) return source if isinstance(source, str): return source.encode(encoding) raise ExpectedStringError(source, param) def to_unicode(source: AnyStr, encoding="utf-8", param="value") -> str: """Helper to normalize input to unicode. :arg source: source bytes/unicode to process. :arg encoding: encoding to use when decoding bytes instances. :param param: optional name of variable/noun to reference when raising errors. :raises TypeError: if source is not str or bytes. :returns: * returns unicode strings unchanged. * returns bytes strings decoded using *encoding* """ assert encoding if isinstance(source, str): return source if isinstance(source, bytes): return source.decode(encoding) raise ExpectedStringError(source, param) def to_native_str(source: AnyStr, encoding="utf-8", param="value") -> str: """Take in str or bytes, returns str. leaves str alone, decodes bytes using specified encoding. :param source: source unicode or bytes string :param encoding: encoding to use when encoding unicode or decoding bytes :param param: optional name of variable/noun to reference when raising errors """ if isinstance(source, bytes): return source.decode(encoding) if isinstance(source, str): return source raise ExpectedStringError(source, param) @deprecated_function(deprecated="1.6", removed="1.7") def to_hash_str(source, encoding="ascii"): # pragma: no cover -- deprecated & unused """deprecated, use to_native_str() instead""" return to_native_str(source, encoding, param="hash") _true_set = set(["true", "t", "yes", "y", "on", "1", "enable", "enabled"]) _false_set = set(["false", "f", "no", "n", "off", "0", "disable", "disabled"]) _none_set = set(["", "none"]) def as_bool( value: str | bytes | None, none: bool | None = None, param="boolean" ) -> bool | None: """ helper to convert value to boolean. recognizes strings such as "true", "false" """ assert none in [True, False, None] if isinstance(value, unicode_or_bytes): clean = value.lower().strip() if clean in _true_set: return True if clean in _false_set: return False if clean in _none_set: return none raise ValueError(f"unrecognized {param} value: {value!r}") if isinstance(value, bool): return value if value is None: return none return bool(value) has_crypt = False timer = timeit.default_timer # legacy alias, will be removed in passlib 2.0 tick = timer # NOTE: # generating salts (e.g. h64_gensalt, below) doesn't require cryptographically # strong randomness. it just requires enough range of possible outputs # that making a rainbow table is too costly. so it should be ok to # fall back on python's builtin mersenne twister prng, as long as it's seeded each time # this module is imported, using a couple of minor entropy sources. try: os.urandom(1) has_urandom = True except NotImplementedError: # pragma: no cover has_urandom = False def genseed(value=None): """generate prng seed value from system resources""" from hashlib import sha512 if hasattr(value, "getstate") and hasattr(value, "getrandbits"): # caller passed in RNG as seed value try: value = value.getstate() except NotImplementedError: # this method throws error for e.g. SystemRandom instances, # so fall back to extracting 4k of state value = value.getrandbits(1 << 15) text = "{} {} {} {:.15f} {:.15f} {}".format( # if caller specified a seed value, mix it in value, # add current process id # NOTE: not available in some environments, e.g. GAE os.getpid() if hasattr(os, "getpid") else None, # id of a freshly created object. # (at least 1 byte of which should be hard to predict) id(object()), # the current time, to whatever precision os uses time.time(), tick(), # if urandom available, might as well mix some bytes in. os.urandom(32).decode("latin-1") if has_urandom else 0, ) # hash it all up and return it as int/long return int(sha512(text.encode("utf-8")).hexdigest(), 16) if has_urandom: # noqa: SIM108 rng: random.Random = random.SystemRandom() else: # pragma: no cover -- runtime detection # NOTE: to reseed use ``rng.seed(genseed(rng))`` # XXX: could reseed on every call rng = random.Random(genseed()) # ------------------------------------------------------------------------ # some rng helpers # ------------------------------------------------------------------------ def getrandbytes(rng, count): """return byte-string containing *count* number of randomly generated bytes, using specified rng""" # NOTE: would be nice if this was present in stdlib Random class ###just in case rng provides this... ##meth = getattr(rng, "getrandbytes", None) ##if meth: ## return meth(count) if not count: return _BEMPTY def helper(): # XXX: break into chunks for large number of bits? value = rng.getrandbits(count << 3) i = 0 while i < count: yield value & 0xFF value >>= 3 i += 1 return bytes(helper()) def getrandstr(rng, charset, count): """return string containing *count* number of chars/bytes, whose elements are drawn from specified charset, using specified rng""" # NOTE: tests determined this is 4x faster than rng.sample(), # which is why that's not being used here. # check alphabet & count if count < 0: raise ValueError("count must be >= 0") letters = len(charset) if letters == 0: raise ValueError("alphabet must not be empty") if letters == 1: return charset * count # get random value, and write out to buffer def helper(): # XXX: break into chunks for large number of letters? value = rng.randrange(0, letters**count) i = 0 while i < count: yield charset[value % letters] value //= letters i += 1 if isinstance(charset, str): return "".join(helper()) return bytes(helper()) _52charset = "2346789ABCDEFGHJKMNPQRTUVWXYZabcdefghjkmnpqrstuvwxyz" @deprecated_function( deprecated="1.7", removed="2.0", replacement="passlib.pwd.genword() / passlib.pwd.genphrase()", ) def generate_password(size=10, charset=_52charset): """generate random password using given length & charset :param size: size of password. :param charset: optional string specified set of characters to draw from. the default charset contains all normal alphanumeric characters, except for the characters ``1IiLl0OoS5``, which were omitted due to their visual similarity. :returns: :class:`!str` containing randomly generated password. .. note:: Using the default character set, on a OS with :class:`!SystemRandom` support, this function should generate passwords with 5.7 bits of entropy per character. """ return getrandstr(rng, charset, size) _handler_attrs = ( "name", "setting_kwds", "context_kwds", "verify", "hash", "identify", ) def is_crypt_handler(obj): """check if object follows the :ref:`password-hash-api`""" # XXX: change to use isinstance(obj, PasswordHash) under py26+? return all(hasattr(obj, name) for name in _handler_attrs) _context_attrs = ( "needs_update", "genconfig", "genhash", "verify", "encrypt", "identify", ) def is_crypt_context(obj): """check if object appears to be a :class:`~passlib.context.CryptContext` instance""" # XXX: change to use isinstance(obj, CryptContext)? return all(hasattr(obj, name) for name in _context_attrs) ##def has_many_backends(handler): ## "check if handler provides multiple baceknds" ## # NOTE: should also provide get_backend(), .has_backend(), and .backends attr ## return hasattr(handler, "set_backend") def has_rounds_info(handler): """check if handler provides the optional :ref:`rounds information ` attributes""" return ( "rounds" in handler.setting_kwds and getattr(handler, "min_rounds", None) is not None ) def has_salt_info(handler): """check if handler provides the optional :ref:`salt information ` attributes""" return ( "salt" in handler.setting_kwds and getattr(handler, "min_salt_size", None) is not None )