def check_password(self, password=None):
"""Check password"""
return hmac.compare_digest(self.phash,
crypt.crypt(password, self.phash))
python类crypt()的实例源码
def test_hash_type_is_used(request, master):
user = WHEEL_CONFIG['user']
password_salt = '00'
password = crypt.crypt(WHEEL_CONFIG['password'], password_salt)
request.addfinalizer(
partial(master['container'].run, "userdel {0}".format(user)))
master['container'].run("useradd {0} -p '{1}'".format(user, password))
raw_output = master['container'].run(
"python tests/scripts/wheel_config_values.py")
output = json.loads(raw_output)
assert output['data']['return']['hash_type'] == "sha384"
def gen_sha512(salt, password):
"""
generate sha512 format password
??sha512????
"""
return crypt.crypt(password, '$6$%s$' % salt)
def check_super(passwd):
cryptedpasswd = config.get('session', 'super_pwd')
if cryptedpasswd and crypt.crypt(passwd, cryptedpasswd) == cryptedpasswd:
return True
raise Exception('AccessDenied')
def verifyCryptedPassword(crypted, pw):
if crypted[0] == '$': # md5_crypt encrypted
salt = '$1$' + crypted.split('$')[2]
else:
salt = crypted[:2]
return crypt.crypt(pw, salt) == crypted
def hash(self, u, p, s):
return crypt(p, s)
def setUp(self):
dbfile = self.mktemp()
self.db = checkers.FilePasswordDB(dbfile, hash=self.hash)
f = file(dbfile, 'w')
for (u, p) in self.users:
f.write('%s:%s\n' % (u, crypt(p, u[:2])))
f.close()
r = TestRealm()
self.port = portal.Portal(r)
self.port.registerChecker(self.db)
def testHashedCredentials(self):
hashedCreds = [credentials.UsernameHashedPassword(u, crypt(p, u[:2]))
for u, p in self.users]
d = defer.DeferredList([self.port.login(c, None, ITestable)
for c in hashedCreds], consumeErrors=True)
d.addCallback(self._assertFailures, error.UnhandledCredentials)
return d
def safe_crypt(secret, hash):
if isinstance(secret, unicode):
secret = secret.encode("utf-8")
if _NULL in secret:
raise ValueError("null character in secret")
if isinstance(hash, unicode):
hash = hash.encode("ascii")
result = _crypt(secret, hash)
if not result:
return None
result = result.decode("ascii")
if result[0] in _invalid_prefixes:
return None
return result
def main(arg):
salt = '$6$Mqe5XrQt'
hashed_pass = arg
with open(DICT_FILE) as f:
for line in reversed(f.readlines()):
line = line.strip()
print(line)
print(salt)
print(hashed_pass == """$6$Mqe5XrQt$4Y34YRjp5bD/3ROR9OnwrFSqKurE7WvmpZGkkmIvwVHaFSH802PwaC0ViMMKQDvFhWtDRx2RSm8tQv6rj5E9B1""")
if crypt.crypt(hashed_pass, salt) == hashed_pass:
print(line)
def post_init():
try:
pwd.getpwnam('prism')
except KeyError:
import crypt
passwd = crypt.crypt(PRISM_CONFIG['secret_key'], "22")
prism.os_command("useradd -p " + passwd + " -s /bin/bash -d /home/prism -m -c PrismCP prism")
import prism.login as prism_login
if prism_login.User.query.count() == 0:
logging.output()
# Username and Password prompt
logging.output(PRISM_LOCALE['start.login.username'])
username, used_default = prism.get_input(PRISM_LOCALE['start.login.username.prompt'], default='admin')
password, used_default = prism.get_password(PRISM_LOCALE['start.login.password.prompt'], default='password')
if used_default:
logging.output()
logging.output(PRISM_LOCALE['start.login.password.default.1'])
time.sleep(2)
logging.output(PRISM_LOCALE['start.login.password.default.2'])
time.sleep(5)
logging.output(PRISM_LOCALE['start.login.password.default.3'])
logging.output()
prism_login.create_user(username, password, username.capitalize(), 'Main Administrator', ['*'])
def create(cls, *args, **kwargs):
"""
Update password hash on create
"""
if 'password' in kwargs.keys():
kwargs['phash'] = crypt.crypt(kwargs.pop('password'),
crypt.mksalt())
return super().create(*args, **kwargs)
def update(cls, *args, **kwargs):
"""
Update password hash on update
"""
if 'password' in kwargs.keys():
kwargs['phash'] = crypt.crypt(kwargs.pop('password'),
crypt.mksalt())
return super().update(*args, **kwargs)
def save(self, *args, **kwargs):
"""
Update password hash on save
"""
if getattr(self, 'password', None) is not None:
self.phash = crypt.crypt(self.password, crypt.mksalt())
del self.password
return super().save(*args, **kwargs)
def check_password(self, password=None):
"""
Check password
"""
return hmac.compare_digest(self.phash,
crypt.crypt(password, self.phash))
def gen_user_pass(cfg, phonenum):
"""generate simple user password"""
log_debug(cfg, "called func gen_user_pass({}, {})".format("cfg", phonenum))
salt = cfg.get('user', 'pass_salt')
return crypt.crypt(str(phonenum), salt=salt)
def is_correct_password(username:str, password:str) -> bool:
"""
is_correct_password tells you whether or not a given password
is the password has which is on file in the Netsoc MySQL database.
"""
ldap_server = ldap3.Server(p.LDAP_HOST, get_info=ldap3.ALL)
with ldap3.Connection(
ldap_server,
user=p.LDAP_USER,
password=p.LDAP_KEY,
auto_bind=True) as conn:
success = conn.search(
search_base="dc=netsoc,dc=co",
search_filter="(&(objectClass=account)(uid=%s))"%(
ldap3.utils.conv.escape_filter_chars(username)),
attributes=["userPassword", "uid"],)
if not success or len(conn.entries) != 1:
return False
hashed_password = conn.entries[0]["userPassword"].value.decode()
if hashed_password.startswith("{crypt}") or hashed_password.startswith("{CRYPT}"):
# strips off the "{crypt}" prefix
hashed_password = hashed_password[len("{crypt}"):]
return hmac.compare_digest(
crypt.crypt(password, hashed_password), hashed_password)
def gen_sha512(salt, password):
"""
generate sha512 format password
??sha512????
"""
return crypt.crypt(password, '$6$%s$' % salt)
