-magic_md5 = '$1$'
-magic_sha256 = '$5$'
-
-def gen_salt(length=8, symbols=None):
- if symbols is None:
- symbols = ascii_letters + digits
- return ''.join(sample(symbols, length))
-
-def md5crypt( raw_pw, salt, magic=magic_md5 ):
- """ md5crypt FreeBSD crypt(3) based on but different from md5
-
- The md5crypt is based on Mark Johnson's md5crypt.py, which in turn is
- based on FreeBSD src/lib/libcrypt/crypt.c (1.2) by Poul-Henning Kamp.
- Mark's port can be found in ActiveState ASPN Python Cookbook. Kudos to
- Poul and Mark. -agi
-
- Original license:
-
- * "THE BEER-WARE LICENSE" (Revision 42):
- *
- * <phk@login.dknet.dk> wrote this file. As long as you retain this
- * notice you can do whatever you want with this stuff. If we meet some
- * day, and you think this stuff is worth it, you can buy me a beer in
- * return.
- *
- * Poul-Henning Kamp
- """
- raw_pw = raw_pw.encode('utf-8')
- salt = salt.encode('utf-8')
- hash = hashlib.md5()
- hash.update( raw_pw + magic + salt )
- st = hashlib.md5()
- st.update( raw_pw + salt + raw_pw)
- stretch = st.digest()
-
- for i in range( 0, len( raw_pw ) ):
- hash.update( stretch[i % 16] )
-
- i = len( raw_pw )
-
- while i:
- if i & 1:
- hash.update('\x00')
- else:
- hash.update( raw_pw[0] )
- i >>= 1
-
- saltedmd5 = hash.digest()
-
- for i in range( 1000 ):
- hash = hashlib.md5()
-
- if i & 1:
- hash.update( raw_pw )
- else:
- hash.update( saltedmd5 )
-
- if i % 3:
- hash.update( salt )
- if i % 7:
- hash.update( raw_pw )
- if i & 1:
- hash.update( saltedmd5 )
- else:
- hash.update( raw_pw )
-
- saltedmd5 = hash.digest()
-
- itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
-
- rearranged = ''
- for a, b, c in ((0, 6, 12), (1, 7, 13), (2, 8, 14), (3, 9, 15), (4, 10, 5)):
- v = ord( saltedmd5[a] ) << 16 | ord( saltedmd5[b] ) << 8 | ord( saltedmd5[c] )
-
- for i in range(4):
- rearranged += itoa64[v & 0x3f]
- v >>= 6
-
- v = ord( saltedmd5[11] )
-
- for i in range( 2 ):
- rearranged += itoa64[v & 0x3f]
- v >>= 6
-
- return magic + salt + '$' + rearranged
-
-def sh256crypt(cls, password, salt, magic=magic_sha256):
- iterations = 1000
- # see http://en.wikipedia.org/wiki/PBKDF2
- result = password.encode('utf8')
- for i in xrange(cls.iterations):
- result = hmac.HMAC(result, salt, hashlib.sha256).digest() # uses HMAC (RFC 2104) to apply salt
- result = result.encode('base64') # doesnt seem to be crypt(3) compatible
- return '%s%s$%s' % (magic_sha256, salt, result)