Mercurial > hg > easyhg
diff easyhg2.py @ 439:51c5332aa957
Salt passwords
author | Chris Cannam |
---|---|
date | Tue, 28 Jun 2011 13:58:07 +0100 |
parents | a5696a1f2dc5 |
children | 0d779f3cb4bc |
line wrap: on
line diff
--- a/easyhg2.py Tue Jun 28 13:50:49 2011 +0100 +++ b/easyhg2.py Tue Jun 28 13:58:07 2011 +0100 @@ -62,16 +62,18 @@ #!!! should be in a class here -def encrypt(text, key): - text = '%d.%s' % (len(text), text) +def encrypt_salted(text, key): + salt = os.urandom(8) + text = '%d.%s.%s' % (len(text), base64.b64encode(salt), text) text += (16 - len(text) % 16) * ' ' cipher = AES.new(key) return base64.b64encode(cipher.encrypt(text)) -def decrypt(ctext, key): +def decrypt_salted(ctext, key): cipher = AES.new(key) text = cipher.decrypt(base64.b64decode(ctext)) (tlen, d, text) = text.partition('.') + (salt, d, text) = text.partition('.') return text[0:int(tlen)] def monkeypatch_method(cls): @@ -212,7 +214,7 @@ remember_default = get_boolean_from_config(pcfg, 'preferences', 'remember', False) pdata = get_from_config(pcfg, 'auth', remote_key(uri, user)) if pdata: - cachedpwd = decrypt(pdata, pekey) + cachedpwd = decrypt_salted(pdata, pekey) passfield.setText(cachedpwd) remember = QtGui.QCheckBox() remember.setChecked(remember_default) @@ -250,7 +252,7 @@ set_to_config(pcfg, 'preferences', 'remember', remember.isChecked()) if user: if passwd and remember.isChecked(): - pdata = encrypt(passwd, pekey) + pdata = encrypt_salted(passwd, pekey) set_to_config(pcfg, 'auth', remote_key(uri, user), pdata) else: set_to_config(pcfg, 'auth', remote_key(uri, user), '')