Context Navigation

Ticket #13969: better_salting.diff

File better_salting.diff, 1.5 KB (added by Craig Younkins, 14 years ago)

         return sha_constructor(salt + raw_password).hexdigest()
     raise ValueError("Got unknown password algorithm type in password.")
+def gen_salt(length=12):
+    """
+    Returns a random string of length characters from the set of a-z, A-Z, 0-9
+    for use as a salt.
+    The default length of 12 with the a-z, A-Z, 0-9 character set returns a
+-bit salt. log_2((26+26+10)^12) =~ 71 bits
+    """
+    allowed_chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
+    import random
+    try:
+        random = random.SystemRandom()
+    except NotImplementedError:
+        import random
+    ret = []
+    for i in xrange(length):
+        ret.append(random.choice(allowed_chars))
+    return ''.join(ret)
 def check_password(raw_password, enc_password):
     """
     Returns a boolean of whether the raw_password was correct. Handles
 …
         return full_name.strip()
     def set_password(self, raw_password):
-        import random
         algo = 'sha1'
         salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
+        salt = gen_salt()
         hsh = get_hexdigest(algo, salt, raw_password)
         self.password = '%s$%s$%s' % (algo, salt, hsh)