| :mod:`crypt` --- Function to check Unix passwords |
| ================================================= |
| |
| .. module:: crypt |
| :platform: Unix |
| :synopsis: The crypt() function used to check Unix passwords. |
| .. moduleauthor:: Steven D. Majewski <sdm7g@virginia.edu> |
| .. sectionauthor:: Steven D. Majewski <sdm7g@virginia.edu> |
| .. sectionauthor:: Peter Funk <pf@artcom-gmbh.de> |
| |
| |
| .. index:: |
| single: crypt(3) |
| pair: cipher; DES |
| |
| This module implements an interface to the :manpage:`crypt(3)` routine, which is |
| a one-way hash function based upon a modified DES algorithm; see the Unix man |
| page for further details. Possible uses include storing hashed passwords |
| so you can check passwords without storing the actual password, or attempting |
| to crack Unix passwords with a dictionary. |
| |
| .. index:: single: crypt(3) |
| |
| Notice that the behavior of this module depends on the actual implementation of |
| the :manpage:`crypt(3)` routine in the running system. Therefore, any |
| extensions available on the current implementation will also be available on |
| this module. |
| |
| Hashing Methods |
| --------------- |
| |
| .. versionadded:: 3.3 |
| |
| The :mod:`crypt` module defines the list of hashing methods (not all methods |
| are available on all platforms): |
| |
| .. data:: METHOD_SHA512 |
| |
| A Modular Crypt Format method with 16 character salt and 86 character |
| hash. This is the strongest method. |
| |
| .. data:: METHOD_SHA256 |
| |
| Another Modular Crypt Format method with 16 character salt and 43 |
| character hash. |
| |
| .. data:: METHOD_MD5 |
| |
| Another Modular Crypt Format method with 8 character salt and 22 |
| character hash. |
| |
| .. data:: METHOD_CRYPT |
| |
| The traditional method with a 2 character salt and 13 characters of |
| hash. This is the weakest method. |
| |
| |
| Module Attributes |
| ----------------- |
| |
| .. versionadded:: 3.3 |
| |
| .. attribute:: methods |
| |
| A list of available password hashing algorithms, as |
| ``crypt.METHOD_*`` objects. This list is sorted from strongest to |
| weakest. |
| |
| |
| Module Functions |
| ---------------- |
| |
| The :mod:`crypt` module defines the following functions: |
| |
| .. function:: crypt(word, salt=None) |
| |
| *word* will usually be a user's password as typed at a prompt or in a graphical |
| interface. The optional *salt* is either a string as returned from |
| :func:`mksalt`, one of the ``crypt.METHOD_*`` values (though not all |
| may be available on all platforms), or a full encrypted password |
| including salt, as returned by this function. If *salt* is not |
| provided, the strongest method will be used (as returned by |
| :func:`methods`. |
| |
| Checking a password is usually done by passing the plain-text password |
| as *word* and the full results of a previous :func:`crypt` call, |
| which should be the same as the results of this call. |
| |
| *salt* (either a random 2 or 16 character string, possibly prefixed with |
| ``$digit$`` to indicate the method) which will be used to perturb the |
| encryption algorithm. The characters in *salt* must be in the set |
| ``[./a-zA-Z0-9]``, with the exception of Modular Crypt Format which |
| prefixes a ``$digit$``. |
| |
| Returns the hashed password as a string, which will be composed of |
| characters from the same alphabet as the salt. |
| |
| .. index:: single: crypt(3) |
| |
| Since a few :manpage:`crypt(3)` extensions allow different values, with |
| different sizes in the *salt*, it is recommended to use the full crypted |
| password as salt when checking for a password. |
| |
| .. versionchanged:: 3.3 |
| Accept ``crypt.METHOD_*`` values in addition to strings for *salt*. |
| |
| |
| .. function:: mksalt(method=None) |
| |
| Return a randomly generated salt of the specified method. If no |
| *method* is given, the strongest method available as returned by |
| :func:`methods` is used. |
| |
| The return value is a string either of 2 characters in length for |
| ``crypt.METHOD_CRYPT``, or 19 characters starting with ``$digit$`` and |
| 16 random characters from the set ``[./a-zA-Z0-9]``, suitable for |
| passing as the *salt* argument to :func:`crypt`. |
| |
| .. versionadded:: 3.3 |
| |
| Examples |
| -------- |
| |
| A simple example illustrating typical use (a constant-time comparison |
| operation is needed to limit exposure to timing attacks. |
| :func:`hmac.compare_digest` is suitable for this purpose):: |
| |
| import pwd |
| import crypt |
| import getpass |
| from hmac import compare_digest as compare_hash |
| |
| def login(): |
| username = input('Python login: ') |
| cryptedpasswd = pwd.getpwnam(username)[1] |
| if cryptedpasswd: |
| if cryptedpasswd == 'x' or cryptedpasswd == '*': |
| raise ValueError('no support for shadow passwords') |
| cleartext = getpass.getpass() |
| return compare_hash(crypt.crypt(cleartext, cryptedpasswd), cryptedpasswd) |
| else: |
| return True |
| |
| To generate a hash of a password using the strongest available method and |
| check it against the original:: |
| |
| import crypt |
| from hmac import compare_digest as compare_hash |
| |
| hashed = crypt.crypt(plaintext) |
| if not compare_hash(hashed, crypt.crypt(plaintext, hashed)): |
| raise ValueError("hashed version doesn't validate against original") |