traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make Lib/crypt.py meet PEP 8 standards. This also led to a tweak in the new API 

by making methods() into a module attribute as it is statically calculated.
This commit is contained in:
Brett Cannon 2011-02-22 21:48:06 +00:00
parent 543b7f3ee9
commit daa5799cb8
3 changed files with 67 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Doc/library/crypt.rst
View File

@ -60,6 +60,20 @@ are available on all platforms):
.. versionadded:: 3.3 .. versionadded:: 3.3
Module Attributes
-----------------
.. attribute:: methods
A list of available password hashing algorithms, as
``crypt.METHOD_*`` objects. This list is sorted from strongest to
weakest, and is guaranteed to have at least ``crypt.METHOD_CRYPT``.
.. versionadded:: 3.3
Module Functions Module Functions
---------------- ----------------
@ -98,13 +112,6 @@ The :mod:`crypt` module defines the following functions:
Before version 3.3, *salt* must be specified as a string and cannot Before version 3.3, *salt* must be specified as a string and cannot
accept ``crypt.METHOD_*`` values (which don't exist anyway). accept ``crypt.METHOD_*`` values (which don't exist anyway).
.. function:: methods()
Return a list of available password hashing algorithms, as
``crypt.METHOD_*`` objects. This list is sorted from strongest to
weakest, and is guaranteed to have at least ``crypt.METHOD_CRYPT``.
.. versionadded:: 3.3
.. function:: mksalt(method=None) .. function:: mksalt(method=None)

98
Lib/crypt.py
View File

@ -1,61 +1,57 @@
'''Wrapper to the POSIX crypt library call and associated functionality. """Wrapper to the POSIX crypt library call and associated functionality."""
'''
import _crypt import _crypt
import string
saltchars = 'abcdefghijklmnopqrstuvwxyz' from random import choice
saltchars += saltchars.upper() from collections import namedtuple
saltchars += '0123456789./'
class _MethodClass: _saltchars = string.ascii_letters + string.digits + './'
'''Class representing a salt method per the Modular Crypt Format or the
legacy 2-character crypt method.'''
def __init__(self, name, ident, salt_chars, total_size): class _Method(namedtuple('_Method', 'name ident salt_chars total_size')):
self.name = name
self.ident = ident """Class representing a salt method per the Modular Crypt Format or the
self.salt_chars = salt_chars legacy 2-character crypt method."""
self.total_size = total_size
def __repr__(self): def __repr__(self):
return '<crypt.METHOD_%s>' % self.name return '<crypt.METHOD_{}>'.format(self.name)
def mksalt(method=None):
"""Generate a salt for the specified method.
If not specified, the strongest available method will be used.
"""
if method is None:
method = methods[0]
s = '${}$'.format(method.ident) if method.ident else ''
s += ''.join(choice(_saltchars) for _ in range(method.salt_chars))
return s
def crypt(word, salt=None):
"""Return a string representing the one-way hash of a password, with a salt
prepended.
If ``salt`` is not specified or is ``None``, the strongest
available method will be selected and a salt generated. Otherwise,
``salt`` may be one of the ``crypt.METHOD_*`` values, or a string as
returned by ``crypt.mksalt()``.
"""
if salt is None or isinstance(salt, _Method):
salt = mksalt(salt)
return _crypt.crypt(word, salt)
# available salting/crypto methods # available salting/crypto methods
METHOD_CRYPT = _MethodClass('CRYPT', None, 2, 13) METHOD_CRYPT = _Method('CRYPT', None, 2, 13)
METHOD_MD5 = _MethodClass('MD5', '1', 8, 34) METHOD_MD5 = _Method('MD5', '1', 8, 34)
METHOD_SHA256 = _MethodClass('SHA256', '5', 16, 63) METHOD_SHA256 = _Method('SHA256', '5', 16, 63)
METHOD_SHA512 = _MethodClass('SHA512', '6', 16, 106) METHOD_SHA512 = _Method('SHA512', '6', 16, 106)
methods = [METHOD_SHA512, METHOD_SHA256, METHOD_MD5, METHOD_CRYPT]
def methods(): methods[:-1] = [m for m in methods[:-1] if len(crypt('', m)) == m.total_size]
'''Return a list of methods that are available in the platform ``crypt()``
library, sorted from strongest to weakest. This is guaranteed to always
return at least ``[METHOD_CRYPT]``'''
method_list = [ METHOD_SHA512, METHOD_SHA256, METHOD_MD5 ]
ret = [ method for method in method_list
if len(crypt('', method)) == method.total_size ]
ret.append(METHOD_CRYPT)
return ret
def mksalt(method = None):
'''Generate a salt for the specified method. If not specified, the
strongest available method will be used.'''
import random
if method == None: method = methods()[0]
s = '$%s$' % method.ident if method.ident else ''
s += ''.join([ random.choice(saltchars) for x in range(method.salt_chars) ])
return(s)
def crypt(word, salt = None):
'''Return a string representing the one-way hash of a password, preturbed
by a salt. If ``salt`` is not specified or is ``None``, the strongest
available method will be selected and a salt generated. Otherwise,
``salt`` may be one of the ``crypt.METHOD_*`` values, or a string as
returned by ``crypt.mksalt()``.'''
if salt == None: salt = mksalt()
elif isinstance(salt, _MethodClass): salt = mksalt(salt)
return(_crypt.crypt(word, salt))

13
Lib/test/test_crypt.py
View File

@ -11,24 +11,23 @@ class CryptTestCase(unittest.TestCase):
print('Test encryption: ', c) print('Test encryption: ', c)
def test_salt(self): def test_salt(self):
self.assertEqual(len(crypt.saltchars), 64) self.assertEqual(len(crypt._saltchars), 64)
for method in crypt.methods(): for method in crypt.methods:
salt = crypt.mksalt(method) salt = crypt.mksalt(method)
self.assertEqual(len(salt), self.assertEqual(len(salt),
method.salt_chars + (3 if method.ident else 0)) method.salt_chars + (3 if method.ident else 0))
def test_saltedcrypt(self): def test_saltedcrypt(self):
for method in crypt.methods(): for method in crypt.methods:
pw = crypt.crypt('assword', method) pw = crypt.crypt('assword', method)
self.assertEqual(len(pw), method.total_size) self.assertEqual(len(pw), method.total_size)
pw = crypt.crypt('assword', crypt.mksalt(method)) pw = crypt.crypt('assword', crypt.mksalt(method))
self.assertEqual(len(pw), method.total_size) self.assertEqual(len(pw), method.total_size)
def test_methods(self): def test_methods(self):
# Gurantee that METHOD_CRYPT is the last method in crypt.methods(). # Gurantee that METHOD_CRYPT is the last method in crypt.methods.
methods = crypt.methods() self.assertTrue(len(crypt.methods) >= 1)
self.assertTrue(len(methods) >= 1) self.assertEqual(crypt.METHOD_CRYPT, crypt.methods[-1])
self.assertEqual(crypt.METHOD_CRYPT, methods[-1])
def test_main(): def test_main():
support.run_unittest(CryptTestCase) support.run_unittest(CryptTestCase)