Context Navigation

← Previous Changeset
Next Changeset →

Changeset 2576

Timestamp:

03/12/10 09:10:42 (5 months ago)

Author:

JensDiemer

Message:

update to new SHA implementation.

Files:

: 1 modified

branches/0.9/pylucid_project/pylucid_plugins/auth/js_sha_login_pseudocode.py (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

branches/0.9/pylucid_project/pylucid_plugins/auth/js_sha_login_pseudocode.py

r2575	r2576
1		from md5 import new as md5_new
	1	#!/usr/bin/env python
	2	# coding: utf-8
2	3
	4	"""
	5	Pseudo code of the JS-SHA-Login.
	6	(output is in creole markup)
	7	more info:
	8	http://www.pylucid.org/permalink/42/secure-login-without-https
	9	"""
3	10
4		def md5(txt):
5		return md5_new(txt).hexdigest()
	11	try:
	12	from hashlib import sha1 as sha_constructor
	13	except ImportError:
	14	from sha import new as sha_constructor
	15
	16	def sha1(txt):
	17	return sha_constructor(txt).hexdigest()
6	18
7	19	def encrypt(txt, key): # Pseudo encrypt
…	…
15	27
16	28
17		print "\n\n~~------------ 1. Ein neuer User in der DB anlegen------------~~"
18		print "~~\n 1.1. Server sendet salt zum Client~~:",
	29	print "\n\n=== 1. Create a new User ===\n"
	30	print "# Client get's new, random user salt from server:",
19	31	salt = "s_123"
20		print "'%s'" % salt
	32	print "'//%s//'" % salt
21	33
22		print "~~\n 1.2. Eingabe des Passwortes auf dem C~~lient:",
23		password = "~~Passwort~~"
24		print "'%s'" % password
	34	print "# Password input on the client:",
	35	password = "client_password"
	36	print "'//%s//'" % password
25	37
26		print "~~\n 1.3. md5~~(password + salt):",
27		~~md5sum = md5~~(password + salt)
28		print "'~~%s'" % md5~~sum
	38	print "# sha1(password + salt):",
	39	sha1sum = sha1(password + salt)
	40	print "'//%s//'" % sha1sum
29	41
30		print "~~\n 1.4. �ermittlung der MD5 Summe zum S~~erver."
	42	print "# Client send sha1 hash to the server."
31	43
32	44
33	45
34		print "\n\n~~------------ 2. speichern des Users auf dem Server------------~~"
	46	print "\n\n==== 2. Save user data ====\n"
35	47
36		print "~~\n 2.1. Server trennt die MD5 in~~:",
37		~~md5_a = md5~~sum[:16]
38		~~md5_b = md5~~sum[16:]
39		print "~~md5_a: '%s' md5_b: '%s'" % (md5_a, md5~~_b)
	48	print "# Server split sha1 values:",
	49	sha1_a = sha1sum[:16]
	50	sha1_b = sha1sum[16:]
	51	print "sha1_a: '//%s//' sha1_b: '//%s//'" % (sha1_a, sha1_b)
40	52
41		print "~~\n 2.2. encrypt(md5_a, key=md5~~_b):",
42		~~md5checksum = encrypt(md5_a, key=md5~~_b)
43		print "'~~%s'" % md5~~checksum
	53	print "# encrypt(sha1_a, key=sha1_b):",
	54	sha1checksum = encrypt(sha1_a, key=sha1_b)
	55	print "'//%s//'" % sha1checksum
44	56
45		print "\n 2.3. Speichern nur der verschl�en Checksum + salt\n"
46
47
48		print "_______________________________________________________________________"
	57	print "# Save only encrypted checksum + user salt\n"
49	58
50	59
51	60
52		print "\n\n------------ 3. Login eines Users------------"
53
54		print "\n 3.1. Server sendet salt '%s' + challenge zum client:" % salt,
55		challenge = "c_123"
56		print "'%s'" % challenge
57
58		print "\n 3.2. Eingabe des Passwortes auf dem Client:",
59		password = "Passwort"
60		print "'%s'" % password
61
62		print "\n 3.3. md5(password + salt):",
63		md5sum = md5(password + salt)
64		print "'%s'" % md5sum
65
66		print "\n 3.4. trennen der MD5 in:",
67		md5_a = md5sum[:16]
68		md5_b = md5sum[16:]
69		print "md5_a: '%s' md5_b: '%s'" % (md5_a, md5_b)
70
71		print "\n 3.5. md5_a2 = md5(md5_a + challenge):",
72		md5_a2 = md5(md5_a + challenge)
73		print "'%s'" % md5_a2
74
75		print "\n 3.6. �ermittlung von md5_a2 und md5_b."
	61	print "----"
76	62
77	63
78	64
79		print "\n\n~~------------ 4. check auf dem Server------------~~"
	65	print "\n\n=== 3. Login ===\n"
80	66
81		print "\n 4.1. aus der DB md5checksum: '%s'" % md5checksum
	67	print "# Client request login and get's a random challenge from server:",
	68	challenge = "c_123"
	69	print "'//%s//'" % challenge
82	70
83		print "\n 4.2. decrypt(md5checksum, key=md5_b):",
84		md5checksum = decrypt(md5checksum, key=md5_b)
85		print "'%s'" % md5checksum
	71	print "# User enters username and password: '//%s//'" % password
86	72
87		print "\n 4.3. md5(md5checksum + challenge):",
88		md5check = md5(md5checksum + challenge)
89		print "'%s'" % md5check
	73	print "# Client send username and get's user salt from server via AJAX: '//%s//'" % salt
90	74
91		print "\n 4.4. Vergleich: %s == %s" % (md5check, md5_a2)
	75	print "# on the client: sha1(password + salt):",
	76	sha1sum = sha1(password + salt)
	77	print "'//%s//'" % sha1sum
	78
	79	print "# on the client: split sha1 in:",
	80	sha1_a = sha1sum[:16]
	81	sha1_b = sha1sum[16:]
	82	print "sha1_a: '//%s//' sha1_b: '//%s//'" % (sha1_a, sha1_b)
	83
	84	print "# on the client: sha1_a2 = sha1(sha1_a + challenge):",
	85	sha1_a2 = sha1(sha1_a + challenge)
	86	print "'//%s//'" % sha1_a2
	87
	88	print "# Client send username, sha1_a2 and sha1_b to the server."
	89
	90
	91
	92	print "\n\n==== 4. validation on the server ====\n"
	93
	94	print "# get encrypted checksum for user: '//%s//'" % sha1checksum
	95
	96	print "# decrypt(sha1checksum, key=sha1_b):",
	97	sha1checksum = decrypt(sha1checksum, key=sha1_b)
	98	print "'//%s//'" % sha1checksum
	99
	100	print "# sha1(sha1checksum + challenge):",
	101	sha1check = sha1(sha1checksum + challenge)
	102	print "'//%s//'" % sha1check
	103
	104	print "# compare: //%s// == //%s//" % (sha1check, sha1_a2)

PyLucid

Context Navigation

Changeset 2576

Legend:

branches/0.9/pylucid_project/pylucid_plugins/auth/js_sha_login_pseudocode.py

Download in other formats: