1234567891011121314151617181920212223242526272829 |
- def _raw_des_crypt(secret, salt):
- """pure-python backed for des_crypt"""
- assert len(salt) == 2
- # NOTE: some OSes will accept non-HASH64 characters in the salt,
- # but what value they assign these characters varies wildy,
- # so just rejecting them outright.
- # the same goes for single-character salts...
- # some OSes duplicate the char, some insert a '.' char,
- # and openbsd does (something) which creates an invalid hash.
- salt_value = h64.decode_int12(salt)
- # gotta do something - no official policy since this predates unicode
- if isinstance(secret, unicode):
- secret = secret.encode("utf-8")
- assert isinstance(secret, bytes)
- # forbidding NULL char because underlying crypt() rejects them too.
- if _BNULL in secret:
- raise uh.exc.NullPasswordError(des_crypt)
- # convert first 8 bytes of secret string into an integer
- key_value = _crypt_secret_to_key(secret)
- # run data through des using input of 0
- result = des_encrypt_int_block(key_value, 0, salt_value, 25)
- # run h64 encode on result
- return h64big.encode_int64(result)
|