ige.Authentication.verify() - Code Metrics - Inspection of "Merge pull request #252 from dahaic/update_passwor..." - ospaceteam/outerspace - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 56c97c...2e9e0c )

by Marek

created 2018-09-01 21:26 UTC

ige.Authentication.verify() A

↳ Parent: Project

Complexity

Conditions

Size

Total Lines	6
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	4
nop	3
dl	0
loc	6
rs	10
c	0
b	0
f	0

import binascii
from ige import SecurityException, log
import hashlib
import os
import rsa
import time

defaultMethod = "rsa"

# support for RSA keys
publicKey = None
privateKey = None

def init(authMethod, size=2048):
    # RSA needs init
    if authMethod == "rsa":
        initRSAKeys(size)

def _generateKeys(size):
    global publicKey, privateKey
    # no keys, let's generate them
    log.message("Generating RSA keys of size {0}, please wait...".format(size))
    publicKey, privateKey = rsa.newkeys(size)

def initRSAKeys(size):
    """Load or generate and save RSA keys"""
    _generateKeys(size)

def getPublicKey():
    """Get current RSA public key"""
    assert publicKey is not None
    return publicKey

def getPrivateKey():
    """Get current RSA private key"""
    assert privateKey is not None
    return privateKey

#
def getMethod(challenge):
    return challenge.split(":")[0]

def getWelcomeString(method = "rsa"):
    """Return welcome string (typically a challenge)"""
    if method == "sha256":
        return "sha256:" + hashlib.sha256(str(time.time())).hexdigest()
    elif method == "rsa":
        publicKey = getPublicKey()
        return "rsa:%s:%s" % (publicKey.n, publicKey.e)
    raise SecurityException("Unsupported authentication method %s" % str(method))

def encode(password, challenge):
    """Encode password using auth method specified in the challenge"""
    method = getMethod(challenge)
    if method == "sha256":
        return hashlib.sha256(password + challenge).hexdigest()
    elif method == "rsa":
        dummy, n, e = challenge.split(":")
        key = rsa.PublicKey(int(n), int(e))
        return binascii.hexlify(rsa.encrypt(password.encode('utf-8'), key))
    raise SecurityException("Unsupported authentication method %s" % str(method))

def unwrapUserPassword(password, challenge):
    """Decode password according to auth method (if possible)"""
    method = getMethod(challenge)
    if method == "sha256":
        return password
    elif method == "rsa":
        return rsa.decrypt(binascii.unhexlify(password), getPrivateKey())
    raise SecurityException("Unsupported authentication method %s" % str(method))



1			import binascii
2			from ige import SecurityException, log
3			import hashlib
4			import os
5			import rsa
6			import time
7
8			defaultMethod = "rsa"
9
10			# support for RSA keys
11			publicKey = None
12			privateKey = None
13
14			def init(authMethod, size=2048):
15			# RSA needs init
16			if authMethod == "rsa":
17			initRSAKeys(size)
18
19			def _generateKeys(size):
20			global publicKey, privateKey
21			# no keys, let's generate them
22			log.message("Generating RSA keys of size {0}, please wait...".format(size))
23			publicKey, privateKey = rsa.newkeys(size)
24
25			def initRSAKeys(size):
26			"""Load or generate and save RSA keys"""
27			_generateKeys(size)
28
29			def getPublicKey():
30			"""Get current RSA public key"""
31			assert publicKey is not None
32			return publicKey
33
34			def getPrivateKey():
35			"""Get current RSA private key"""
36			assert privateKey is not None
37			return privateKey
38
39			#
40			def getMethod(challenge):
41			return challenge.split(":")[0]
42
43			def getWelcomeString(method = "rsa"):
44			"""Return welcome string (typically a challenge)"""
45			if method == "sha256":
46			return "sha256:" + hashlib.sha256(str(time.time())).hexdigest()
47			elif method == "rsa":
48			publicKey = getPublicKey()
49			return "rsa:%s:%s" % (publicKey.n, publicKey.e)
50			raise SecurityException("Unsupported authentication method %s" % str(method))
51
52			def encode(password, challenge):
53			"""Encode password using auth method specified in the challenge"""
54			method = getMethod(challenge)
55			if method == "sha256":
56			return hashlib.sha256(password + challenge).hexdigest()
57			elif method == "rsa":
58			dummy, n, e = challenge.split(":")
59			key = rsa.PublicKey(int(n), int(e))
60			return binascii.hexlify(rsa.encrypt(password.encode('utf-8'), key))
61			raise SecurityException("Unsupported authentication method %s" % str(method))
62
63			def unwrapUserPassword(password, challenge):
64			"""Decode password according to auth method (if possible)"""
65			method = getMethod(challenge)
66			if method == "sha256":
67			return password
68			elif method == "rsa":
69			return rsa.decrypt(binascii.unhexlify(password), getPrivateKey())
70			raise SecurityException("Unsupported authentication method %s" % str(method))
71
72

ospaceteam / outerspace

Push — master ( 56c97c...2e9e0c )

ige.Authentication.verify() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like