Compare commits

...
This repository has been archived on 2023-08-08. You can view files and clone it, but cannot push or open issues or pull requests.

3 Commits

4 changed files with 55 additions and 17 deletions

View File

@ -3,7 +3,8 @@ import string
from .decrypted_account import DecryptedAccount
FORBIDDEN_CHARS = frozenset("`\n\\")
PUNCTUATION = frozenset(string.punctuation).difference(FORBIDDEN_CHARS)
FULL_PUNCTUATION = frozenset(string.punctuation)
PUNCTUATION = FULL_PUNCTUATION.difference(FORBIDDEN_CHARS)
def _base_check(val: str, /) -> bool:
@ -21,9 +22,9 @@ def check_login(login: str) -> bool:
return _base_check(login)
def check_password(passwd: str) -> bool:
def check_password(password: str) -> bool:
"Returns true if password is valid"
return _base_check(passwd)
return _base_check(password)
def check_account(account: DecryptedAccount) -> bool:
@ -37,14 +38,28 @@ def check_account(account: DecryptedAccount) -> bool:
)
def check_gened_password(passwd: str, /) -> bool:
def check_gened_password(password: str, /) -> bool:
"""Retuns true if generated password is valid,
false otherwise.
Password is valid if there is at least one lowercase character,
uppercase character and one punctuation character"""
return (
any(c.islower() for c in passwd)
and any(c.isupper() for c in passwd)
and any(c.isdigit() for c in passwd)
and any(c in PUNCTUATION for c in passwd)
any(c.islower() for c in password)
and any(c.isupper() for c in password)
and any(c.isdigit() for c in password)
and any(c in PUNCTUATION for c in password)
)
def check_master_password(password: str) -> bool:
"""Returns True if master password is valid.
Master password has to have at least one lowercase letter,
one uppercase letter, one digit, one punctuation character
and length must be at least 8"""
return (
len(password) >= 8
and any(c.islower() for c in password)
and any(c.isupper() for c in password)
and any(c.isdigit() for c in password)
and any(c in FULL_PUNCTUATION for c in password)
)

View File

@ -14,6 +14,7 @@ from ..account_checks import (
check_account_name,
check_login,
check_password,
check_master_password,
)
from ..account_parsing import accounts_to_json, json_to_accounts
from ..decrypted_account import DecryptedAccount
@ -82,7 +83,7 @@ async def _delete_all2(
) -> None:
await base_handler(bot, mes, prev_mes)
text = mes.text.strip()
if encryption.master_pass.check_master_pass(text, master_pass):
if encryption.master_pass.verify_master_pass(text, master_pass):
db.delete.purge_accounts(engine, mes.from_user.id)
db.delete.delete_master_pass(engine, mes.from_user.id)
await send_tmp_message(
@ -126,6 +127,17 @@ async def _set_master_pass2(
if text == "/cancel":
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
if not check_master_password(text):
await send_tmp_message(
bot,
mes.chat.id,
"Не подходящий мастер пароль\\. Он должен быть не меньше "
"8 символов, иметь хотя бы один символ в нижнем и "
"верхнем регистре, хотя бы один специальный символ",
sleep_time=10,
)
return
master_password = encryption.master_pass.encrypt_master_pass(
mes.from_user.id,
text,
@ -181,7 +193,7 @@ async def _reset_master_pass2(
if text == "/cancel":
await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
if not encryption.master_pass.check_master_pass(text, master_pass):
if not encryption.master_pass.verify_master_pass(text, master_pass):
await send_tmp_message(bot, mes.chat.id, "Неверный мастер пароль")
return
@ -203,6 +215,17 @@ async def _reset_master_pass3(
if text == "/cancel":
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
if not check_master_password(text):
await send_tmp_message(
bot,
mes.chat.id,
"Не подходящий мастер пароль\\. Он должен быть не меньше "
"8 символов, иметь хотя бы один символ в нижнем и "
"верхнем регистре, хотя бы один специальный символ",
sleep_time=10,
)
return
master_password = encryption.master_pass.encrypt_master_pass(
mes.from_user.id,
text,
@ -334,7 +357,7 @@ async def _add_account5(
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
master_password = db.get.get_master_pass(engine, mes.from_user.id)
if not encryption.master_pass.check_master_pass(text, master_password):
if not encryption.master_pass.verify_master_pass(text, master_password):
return await send_tmp_message(
bot,
mes.chat.id,
@ -424,7 +447,7 @@ async def _get_account3(
mes.from_user.id,
)
if not encryption.master_pass.check_master_pass(text, master_password):
if not encryption.master_pass.verify_master_pass(text, master_password):
return await send_tmp_message(
bot,
mes.chat.id,
@ -518,7 +541,7 @@ async def _delete_account3(
) -> None:
await base_handler(bot, mes, prev_mes)
text = mes.text.strip()
if not encryption.master_pass.check_master_pass(text, master_pass):
if not encryption.master_pass.verify_master_pass(text, master_pass):
await send_tmp_message(bot, mes.chat.id, "Неверный пароль")
return
@ -574,7 +597,7 @@ async def _export2(
engine,
mes.from_user.id,
)
if not encryption.master_pass.check_master_pass(text, master_password):
if not encryption.master_pass.verify_master_pass(text, master_password):
return await send_tmp_message(
bot,
mes.chat.id,
@ -682,7 +705,7 @@ async def _import3(
engine,
mes.from_user.id,
)
if not encryption.master_pass.check_master_pass(text, master_password):
if not encryption.master_pass.verify_master_pass(text, master_password):
return await send_tmp_message(
bot,
mes.chat.id,

View File

@ -20,7 +20,7 @@ class Cipher:
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=100000,
iterations=480000,
)
return cls(kdf.derive(password))

View File

@ -31,7 +31,7 @@ def encrypt_master_pass(user_id: int, password: str) -> MasterPass:
)
def check_master_pass(password: str, master_password: MasterPass) -> bool:
def verify_master_pass(password: str, master_password: MasterPass) -> bool:
"""Checks if the master password is correct"""
kdf = _get_kdf(master_password.salt)
try: