better base64 validation

[GoogleCodeExporter]

many of the hashes in passlib rely on stdlib's base64.b64decode() to perform 
validation of base64 sequences. but b64decode() is way more tolerant than I'd 
like for a password hash parser - it cheerfully accepts things like 
b64decode('Zm9v==Z\n Xk====='); which while useful in most contexts, is not so 
much here. 

since passlib 1.6 is close to release, this will probably have to wait til 1.7, 
but would like to wrap / replace the decoder with a stricter one, just to 
prevent malformed hashes from being accepted in certain border cases. 

Original issue reported on code.google.com by elic@astllc.org on 13 Apr 2012 at 1:58

[GoogleCodeExporter]

Original comment by elic@astllc.org on 13 Apr 2012 at 2:05

[GoogleCodeExporter]

Original comment by elic@astllc.org on 27 Jun 2012 at 10:07

• Added labels: Type-Enhancement
• Removed labels: Type-Defect

[GoogleCodeExporter]

This hasn't ever been an issue in the real world, and adding a base64 decoding 
wrapper would add a (admittedly minor) increasing in processing time. Currently 
unsure if this level of strictness is worth it, so demoting this to wishlist 
for now. 

Original comment by elic@astllc.org on 27 Dec 2013 at 9:07

• Changed state: Discussing
• Added labels: Milestone-Wishlist
• Removed labels: Milestone-Release1.7