1"""Wrapper to the POSIX crypt library call and associated functionality.""" 2 3import _crypt 4import string as _string 5from random import SystemRandom as _SystemRandom 6from collections import namedtuple as _namedtuple 7 8 9_saltchars = _string.ascii_letters + _string.digits + './' 10_sr = _SystemRandom() 11 12 13class _Method(_namedtuple('_Method', 'name ident salt_chars total_size')): 14 15 """Class representing a salt method per the Modular Crypt Format or the 16 legacy 2-character crypt method.""" 17 18 def __repr__(self): 19 return '<crypt.METHOD_{}>'.format(self.name) 20 21 22def mksalt(method=None): 23 """Generate a salt for the specified method. 24 25 If not specified, the strongest available method will be used. 26 27 """ 28 if method is None: 29 method = methods[0] 30 s = '${}$'.format(method.ident) if method.ident else '' 31 s += ''.join(_sr.choice(_saltchars) for char in range(method.salt_chars)) 32 return s 33 34 35def crypt(word, salt=None): 36 """Return a string representing the one-way hash of a password, with a salt 37 prepended. 38 39 If ``salt`` is not specified or is ``None``, the strongest 40 available method will be selected and a salt generated. Otherwise, 41 ``salt`` may be one of the ``crypt.METHOD_*`` values, or a string as 42 returned by ``crypt.mksalt()``. 43 44 """ 45 if salt is None or isinstance(salt, _Method): 46 salt = mksalt(salt) 47 return _crypt.crypt(word, salt) 48 49 50# available salting/crypto methods 51METHOD_CRYPT = _Method('CRYPT', None, 2, 13) 52METHOD_MD5 = _Method('MD5', '1', 8, 34) 53METHOD_SHA256 = _Method('SHA256', '5', 16, 63) 54METHOD_SHA512 = _Method('SHA512', '6', 16, 106) 55 56methods = [] 57for _method in (METHOD_SHA512, METHOD_SHA256, METHOD_MD5, METHOD_CRYPT): 58 _result = crypt('', _method) 59 if _result and len(_result) == _method.total_size: 60 methods.append(_method) 61del _result, _method 62