des_crypt_2.py 1.1 KB

1234567891011121314151617181920212223242526272829
  1. def _raw_des_crypt(secret, salt):
  2. """pure-python backed for des_crypt"""
  3. assert len(salt) == 2
  4. # NOTE: some OSes will accept non-HASH64 characters in the salt,
  5. # but what value they assign these characters varies wildy,
  6. # so just rejecting them outright.
  7. # the same goes for single-character salts...
  8. # some OSes duplicate the char, some insert a '.' char,
  9. # and openbsd does (something) which creates an invalid hash.
  10. salt_value = h64.decode_int12(salt)
  11. # gotta do something - no official policy since this predates unicode
  12. if isinstance(secret, unicode):
  13. secret = secret.encode("utf-8")
  14. assert isinstance(secret, bytes)
  15. # forbidding NULL char because underlying crypt() rejects them too.
  16. if _BNULL in secret:
  17. raise uh.exc.NullPasswordError(des_crypt)
  18. # convert first 8 bytes of secret string into an integer
  19. key_value = _crypt_secret_to_key(secret)
  20. # run data through des using input of 0
  21. result = des_encrypt_int_block(key_value, 0, salt_value, 25)
  22. # run h64 encode on result
  23. return h64big.encode_int64(result)