예제 #1
0
def generatePassword(length=12):
    chars = string.ascii_letters+string.digits
    password = [random_.choice(chars) for x in range(length - 1)]
    # make sure there is at least one digit
    digitidx = random_.randbelow(length)
    password[digitidx:digitidx] = [random_.choice(string.digits)]
    return ''.join(password)
예제 #2
0
def encodePassword(plaintext, scheme, other=None, config=None):
    """Encrypt the plaintext password.
    """
    if plaintext is None:
        plaintext = ""
    if scheme == "PBKDF2":
        if other:
            rounds, salt, raw_salt, digest = pbkdf2_unpack(other)
        else:
            raw_salt = random_.token_bytes(20)
            salt = h64encode(raw_salt)
            if config:
                rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS
            else:
                rounds = 10000
        if rounds < 1000:
            raise PasswordValueError("invalid PBKDF2 hash (rounds too low)")
        raw_digest = pbkdf2(plaintext, raw_salt, rounds, 20)
        return "%d$%s$%s" % (rounds, salt, h64encode(raw_digest))
    elif scheme == 'SSHA':
        if other:
            raw_other = b64decode(other)
            salt = raw_other[20:]
        else:
            # new password
            # variable salt length
            salt_len = random_.randbelow(52 - 36) + 36
            salt = random_.token_bytes(salt_len)
        s = ssha(s2b(plaintext), salt)
    elif scheme == 'SHA':
        s = sha1(s2b(plaintext)).hexdigest()  # nosec
    elif scheme == 'MD5':
        s = md5(s2b(plaintext)).hexdigest()  # nosec
    elif scheme == 'crypt':
        if crypt is None:
            raise PasswordValueError('Unsupported encryption scheme %r' %
                                     scheme)
        if other is not None:
            salt = other
        else:
            saltchars = './0123456789' + string.ascii_letters
            salt = random_.choice(saltchars) + random_.choice(saltchars)
        s = crypt.crypt(plaintext, salt)
    elif scheme == 'plaintext':
        s = plaintext
    else:
        raise PasswordValueError('Unknown encryption scheme %r' % scheme)
    return s