summaryrefslogtreecommitdiffstats
path: root/Lib/crypt.py
blob: dc62dba8a326a8bb9d355342836e21d5643bfcfd (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

'''Wrapper to the POSIX crypt library call and associated functionality.
'''

import _crypt

saltchars = 'abcdefghijklmnopqrstuvwxyz'
saltchars += saltchars.upper()
saltchars += '0123456789./'


class _MethodClass:
    '''Class representing a salt method per the Modular Crypt Format or the
    legacy 2-character crypt method.'''
    def __init__(self, name, ident, salt_chars, total_size):
        self.name = name
        self.ident = ident
        self.salt_chars = salt_chars
        self.total_size = total_size

    def __repr__(self):
        return '<crypt.METHOD_%s>' % self.name


#  available salting/crypto methods
METHOD_CRYPT = _MethodClass('CRYPT', None, 2, 13)
METHOD_MD5 = _MethodClass('MD5', '1', 8, 34)
METHOD_SHA256 = _MethodClass('SHA256', '5', 16, 63)
METHOD_SHA512 = _MethodClass('SHA512', '6', 16, 106)


def methods():
    '''Return a list of methods that are available in the platform ``crypt()``
    library, sorted from strongest to weakest.  This is guaranteed to always
    return at least ``[METHOD_CRYPT]``'''
    method_list = [ METHOD_SHA512, METHOD_SHA256, METHOD_MD5 ]
    ret = [ method for method in method_list
            if len(crypt('', method)) == method.total_size ]
    ret.append(METHOD_CRYPT)
    return ret


def mksalt(method = None):
    '''Generate a salt for the specified method.  If not specified, the
    strongest available method will be used.'''
    import random

    if method == None: method = methods()[0]
    s = '$%s$' % method.ident if method.ident else ''
    s += ''.join([ random.choice(saltchars) for x in range(method.salt_chars) ])
    return(s)


def crypt(word, salt = None):
    '''Return a string representing the one-way hash of a password, preturbed
    by a salt.  If ``salt`` is not specified or is ``None``, the strongest
    available method will be selected and a salt generated.  Otherwise,
    ``salt`` may be one of the ``crypt.METHOD_*`` values, or a string as
    returned by ``crypt.mksalt()``.'''
    if salt == None: salt = mksalt()
    elif isinstance(salt, _MethodClass): salt = mksalt(salt)
    return(_crypt.crypt(word, salt))
generated by cgit v0.12 at 2024-11-22 23:18:24 (GMT)