author | Sylvain Thénault <sylvain.thenault@logilab.fr> |
Wed, 21 Oct 2015 16:10:47 +0200 | |
changeset 10853 | de741492538d |
parent 10775 | 4b3c1069bd4e |
permissions | -rw-r--r-- |
0 | 1 |
# md5crypt.py |
2 |
# |
|
3 |
# 0423.2000 by michal wallace http://www.sabren.com/ |
|
4 |
# based on perl's Crypt::PasswdMD5 by Luis Munoz (lem@cantv.net) |
|
5 |
# based on /usr/src/libcrypt/crypt.c from FreeBSD 2.2.5-RELEASE |
|
6 |
# |
|
7 |
# MANY THANKS TO |
|
8 |
# |
|
9 |
# Carey Evans - http://home.clear.net.nz/pages/c.evans/ |
|
10 |
# Dennis Marti - http://users.starpower.net/marti1/ |
|
11 |
# |
|
12 |
# For the patches that got this thing working! |
|
13 |
# |
|
14 |
# modification by logilab: |
|
15 |
# * remove usage of the string module |
|
16 |
# * don't include the magic string in the output string |
|
17 |
# for true crypt.crypt compatibility |
|
5771
c077df1d0333
[md5script] cleanup
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5770
diff
changeset
|
18 |
# * use hashlib module instead of md5 |
0 | 19 |
######################################################### |
20 |
"""md5crypt.py - Provides interoperable MD5-based crypt() function |
|
21 |
||
22 |
SYNOPSIS |
|
23 |
||
24 |
import md5crypt.py |
|
25 |
||
26 |
cryptedpassword = md5crypt.md5crypt(password, salt); |
|
27 |
||
28 |
DESCRIPTION |
|
29 |
||
30 |
unix_md5_crypt() provides a crypt()-compatible interface to the |
|
31 |
rather new MD5-based crypt() function found in modern operating systems. |
|
32 |
It's based on the implementation found on FreeBSD 2.2.[56]-RELEASE and |
|
33 |
contains the following license in it: |
|
34 |
||
35 |
"THE BEER-WARE LICENSE" (Revision 42): |
|
36 |
<phk@login.dknet.dk> wrote this file. As long as you retain this notice you |
|
37 |
can do whatever you want with this stuff. If we meet some day, and you think |
|
38 |
this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp |
|
39 |
""" |
|
40 |
||
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
41 |
MAGIC = b'$1$' # Magic string |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
42 |
ITOA64 = b"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" |
0 | 43 |
|
7879
9aae456abab5
[pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5771
diff
changeset
|
44 |
from hashlib import md5 # pylint: disable=E0611 |
0 | 45 |
|
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
46 |
from six import text_type, indexbytes |
10609
e2d8e81bfe68
[py3k] import range using six.moves
Rémi Cardona <remi.cardona@logilab.fr>
parents:
8317
diff
changeset
|
47 |
from six.moves import range |
e2d8e81bfe68
[py3k] import range using six.moves
Rémi Cardona <remi.cardona@logilab.fr>
parents:
8317
diff
changeset
|
48 |
|
e2d8e81bfe68
[py3k] import range using six.moves
Rémi Cardona <remi.cardona@logilab.fr>
parents:
8317
diff
changeset
|
49 |
|
0 | 50 |
def to64 (v, n): |
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
51 |
ret = bytearray() |
0 | 52 |
while (n - 1 >= 0): |
53 |
n = n - 1 |
|
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
54 |
ret.append(ITOA64[v & 0x3f]) |
0 | 55 |
v = v >> 6 |
56 |
return ret |
|
57 |
||
8317
9c59258e7798
[security] use a stronger encryption algorythm for password, keeping bw compat
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7879
diff
changeset
|
58 |
def crypt(pw, salt): |
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
59 |
if isinstance(pw, text_type): |
3149
c6a85fafb155
note about licence, fix copyright, fix case of unicode argument
Aurelien Campeas
parents:
2172
diff
changeset
|
60 |
pw = pw.encode('utf-8') |
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
61 |
if isinstance(salt, text_type): |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
62 |
salt = salt.encode('ascii') |
0 | 63 |
# Take care of the magic string if present |
8317
9c59258e7798
[security] use a stronger encryption algorythm for password, keeping bw compat
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7879
diff
changeset
|
64 |
if salt.startswith(MAGIC): |
9c59258e7798
[security] use a stronger encryption algorythm for password, keeping bw compat
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7879
diff
changeset
|
65 |
salt = salt[len(MAGIC):] |
0 | 66 |
# salt can have up to 8 characters: |
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
67 |
salt = salt.split(b'$', 1)[0] |
0 | 68 |
salt = salt[:8] |
8317
9c59258e7798
[security] use a stronger encryption algorythm for password, keeping bw compat
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7879
diff
changeset
|
69 |
ctx = pw + MAGIC + salt |
7879
9aae456abab5
[pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5771
diff
changeset
|
70 |
final = md5(pw + salt + pw).digest() |
10609
e2d8e81bfe68
[py3k] import range using six.moves
Rémi Cardona <remi.cardona@logilab.fr>
parents:
8317
diff
changeset
|
71 |
for pl in range(len(pw), 0, -16): |
0 | 72 |
if pl > 16: |
73 |
ctx = ctx + final[:16] |
|
74 |
else: |
|
75 |
ctx = ctx + final[:pl] |
|
76 |
# Now the 'weird' xform (??) |
|
77 |
i = len(pw) |
|
78 |
while i: |
|
79 |
if i & 1: |
|
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
80 |
ctx = ctx + b'\0' #if ($i & 1) { $ctx->add(pack("C", 0)); } |
0 | 81 |
else: |
82 |
ctx = ctx + pw[0] |
|
83 |
i = i >> 1 |
|
7879
9aae456abab5
[pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5771
diff
changeset
|
84 |
final = md5(ctx).digest() |
0 | 85 |
# The following is supposed to make |
2172
cf8f9180e63e
delete-trailing-whitespace
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents:
1977
diff
changeset
|
86 |
# things run slower. |
0 | 87 |
# my question: WTF??? |
10609
e2d8e81bfe68
[py3k] import range using six.moves
Rémi Cardona <remi.cardona@logilab.fr>
parents:
8317
diff
changeset
|
88 |
for i in range(1000): |
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
89 |
ctx1 = b'' |
0 | 90 |
if i & 1: |
91 |
ctx1 = ctx1 + pw |
|
92 |
else: |
|
93 |
ctx1 = ctx1 + final[:16] |
|
94 |
if i % 3: |
|
95 |
ctx1 = ctx1 + salt |
|
96 |
if i % 7: |
|
97 |
ctx1 = ctx1 + pw |
|
98 |
if i & 1: |
|
99 |
ctx1 = ctx1 + final[:16] |
|
100 |
else: |
|
101 |
ctx1 = ctx1 + pw |
|
7879
9aae456abab5
[pylint] fix pylint detected errors and tweak it so that pylint -E will be much less verbose next time (+ update some copyrights on the way)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5771
diff
changeset
|
102 |
final = md5(ctx1).digest() |
0 | 103 |
# Final xform |
10775
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
104 |
passwd = b'' |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
105 |
passwd += to64((indexbytes(final, 0) << 16) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
106 |
|(indexbytes(final, 6) << 8) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
107 |
|(indexbytes(final, 12)),4) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
108 |
passwd += to64((indexbytes(final, 1) << 16) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
109 |
|(indexbytes(final, 7) << 8) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
110 |
|(indexbytes(final, 13)), 4) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
111 |
passwd += to64((indexbytes(final, 2) << 16) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
112 |
|(indexbytes(final, 8) << 8) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
113 |
|(indexbytes(final, 14)), 4) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
114 |
passwd += to64((indexbytes(final, 3) << 16) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
115 |
|(indexbytes(final, 9) << 8) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
116 |
|(indexbytes(final, 15)), 4) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
117 |
passwd += to64((indexbytes(final, 4) << 16) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
118 |
|(indexbytes(final, 10) << 8) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
119 |
|(indexbytes(final, 5)), 4) |
4b3c1069bd4e
Fix md5crypt and crypt_password test for python3
Julien Cristau <julien.cristau@logilab.fr>
parents:
10609
diff
changeset
|
120 |
passwd += to64((indexbytes(final, 11)), 2) |
8317
9c59258e7798
[security] use a stronger encryption algorythm for password, keeping bw compat
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7879
diff
changeset
|
121 |
return passwd |