Remove regexp shenanigins (#354)

They aren't required now that we no longer use the OpenBSD library

Remove regexp shenanigins (#354)
9f16bba80ab9 · Alex Gaynor · 17db6eeecdd8 · 9f16bba8 · 9f16bba8
Commit 9f16bba80ab9 authored 3 years ago by Alex Gaynor
--- a/src/_bcrypt/src/lib.rs
+++ b/src/_bcrypt/src/lib.rs
@@ -28,10 +28,11 @@
    if raw_parts.len() != 3 {
        return Err(pyo3::exceptions::PyValueError::new_err("Invalid salt"));
    }
-    if raw_parts[0] != b"2y"
-        && raw_parts[0] != b"2b"
-        && raw_parts[0] != b"2a"
-        && raw_parts[0] != b"2x"
-    {
+    let version = match raw_parts[0] {
+        b"2y" => bcrypt::Version::TwoY,
+        b"2b" => bcrypt::Version::TwoB,
+        b"2a" => bcrypt::Version::TwoA,
+        b"2x" => bcrypt::Version::TwoX,
+        _ => {
            return Err(pyo3::exceptions::PyValueError::new_err("Invalid salt"));
        }
@@ -36,5 +37,6 @@
            return Err(pyo3::exceptions::PyValueError::new_err("Invalid salt"));
        }
+    };
    let cost = std::str::from_utf8(raw_parts[1])
        .map_err(|_| pyo3::exceptions::PyValueError::new_err("Invalid salt"))?
        .parse::<u32>()
@@ -50,7 +52,7 @@
    let hashed = bcrypt::hash_with_salt(password, cost, raw_salt).unwrap();
    Ok(pyo3::types::PyBytes::new(
        py,
-        hashed.format_for_version(bcrypt::Version::TwoB).as_bytes(),
+        hashed.format_for_version(version).as_bytes(),
    ))
 }

@@ -62,8 +64,8 @@
    rounds: u32,
    desired_key_bytes: usize,
 ) -> pyo3::PyResult<&'p pyo3::types::PyBytes> {
-    pyo3::types::PyBytes::new_with(py, desired_key_bytes, |mut output| {
-        bcrypt_pbkdf::bcrypt_pbkdf(password, salt, rounds, &mut output).unwrap();
+    pyo3::types::PyBytes::new_with(py, desired_key_bytes, |output| {
+        bcrypt_pbkdf::bcrypt_pbkdf(password, salt, rounds, output).unwrap();
        Ok(())
    })
 }

--- a/src/bcrypt/__init__.py
+++ b/src/bcrypt/__init__.py
@@ -18,7 +18,6 @@

 import hmac
 import os
-import re
 import warnings

 from .__about__ import (
@@ -50,9 +49,6 @@
 ]


-_normalize_re = re.compile(rb"^\$2y\$")
-
-
 def gensalt(rounds: int = 12, prefix: bytes = b"2b") -> bytes:
    if prefix not in (b"2a", b"2b"):
        raise ValueError("Supported prefixes are b'2a' or b'2b'")
@@ -88,23 +84,7 @@
    # on $2a$, so we do it here to preserve compatibility with 2.0.0
    password = password[:72]

-    # When the original 8bit bug was found the original library we supported
-    # added a new prefix, $2y$, that fixes it. This prefix is exactly the same
-    # as the $2b$ prefix added by OpenBSD other than the name. Since the
-    # OpenBSD library does not support the $2y$ prefix, if the salt given to us
-    # is for the $2y$ prefix, we'll just mugne it so that it's a $2b$ prior to
-    # passing it into the C library.
-    original_salt, salt = salt, _normalize_re.sub(b"$2b$", salt)
-
-    hashed = _bcrypt.hashpass(password, salt)
-
-    # Now that we've gotten our hashed password, we want to ensure that the
-    # prefix we return is the one that was passed in, so we'll use the prefix
-    # from the original salt and concatenate that with the return value (minus
-    # the return value's prefix). This will ensure that if someone passed in a
-    # salt with a $2y$ prefix, that they get back a hash with a $2y$ prefix
-    # even though we munged it to $2b$.
-    return original_salt[:4] + hashed[4:]
+    return _bcrypt.hashpass(password, salt)


 def checkpw(password: bytes, hashed_password: bytes) -> bool: