17db96d56Sopenharmony_ci:mod:`crypt` --- Function to check Unix passwords 27db96d56Sopenharmony_ci================================================= 37db96d56Sopenharmony_ci 47db96d56Sopenharmony_ci.. module:: crypt 57db96d56Sopenharmony_ci :platform: Unix 67db96d56Sopenharmony_ci :synopsis: The crypt() function used to check Unix passwords. 77db96d56Sopenharmony_ci :deprecated: 87db96d56Sopenharmony_ci 97db96d56Sopenharmony_ci.. moduleauthor:: Steven D. Majewski <sdm7g@virginia.edu> 107db96d56Sopenharmony_ci.. sectionauthor:: Steven D. Majewski <sdm7g@virginia.edu> 117db96d56Sopenharmony_ci.. sectionauthor:: Peter Funk <pf@artcom-gmbh.de> 127db96d56Sopenharmony_ci 137db96d56Sopenharmony_ci**Source code:** :source:`Lib/crypt.py` 147db96d56Sopenharmony_ci 157db96d56Sopenharmony_ci.. index:: 167db96d56Sopenharmony_ci single: crypt(3) 177db96d56Sopenharmony_ci pair: cipher; DES 187db96d56Sopenharmony_ci 197db96d56Sopenharmony_ci.. deprecated-removed:: 3.11 3.13 207db96d56Sopenharmony_ci The :mod:`crypt` module is deprecated 217db96d56Sopenharmony_ci (see :pep:`PEP 594 <594#crypt>` for details and alternatives). 227db96d56Sopenharmony_ci The :mod:`hashlib` module is a potential replacement for certain use cases. 237db96d56Sopenharmony_ci 247db96d56Sopenharmony_ci-------------- 257db96d56Sopenharmony_ci 267db96d56Sopenharmony_ciThis module implements an interface to the :manpage:`crypt(3)` routine, which is 277db96d56Sopenharmony_cia one-way hash function based upon a modified DES algorithm; see the Unix man 287db96d56Sopenharmony_cipage for further details. Possible uses include storing hashed passwords 297db96d56Sopenharmony_ciso you can check passwords without storing the actual password, or attempting 307db96d56Sopenharmony_cito crack Unix passwords with a dictionary. 317db96d56Sopenharmony_ci 327db96d56Sopenharmony_ci.. index:: single: crypt(3) 337db96d56Sopenharmony_ci 347db96d56Sopenharmony_ciNotice that the behavior of this module depends on the actual implementation of 357db96d56Sopenharmony_cithe :manpage:`crypt(3)` routine in the running system. Therefore, any 367db96d56Sopenharmony_ciextensions available on the current implementation will also be available on 377db96d56Sopenharmony_cithis module. 387db96d56Sopenharmony_ci 397db96d56Sopenharmony_ci.. availability:: Unix, not VxWorks. 407db96d56Sopenharmony_ci 417db96d56Sopenharmony_ci.. include:: ../includes/wasm-notavail.rst 427db96d56Sopenharmony_ci 437db96d56Sopenharmony_ciHashing Methods 447db96d56Sopenharmony_ci--------------- 457db96d56Sopenharmony_ci 467db96d56Sopenharmony_ci.. versionadded:: 3.3 477db96d56Sopenharmony_ci 487db96d56Sopenharmony_ciThe :mod:`crypt` module defines the list of hashing methods (not all methods 497db96d56Sopenharmony_ciare available on all platforms): 507db96d56Sopenharmony_ci 517db96d56Sopenharmony_ci.. data:: METHOD_SHA512 527db96d56Sopenharmony_ci 537db96d56Sopenharmony_ci A Modular Crypt Format method with 16 character salt and 86 character 547db96d56Sopenharmony_ci hash based on the SHA-512 hash function. This is the strongest method. 557db96d56Sopenharmony_ci 567db96d56Sopenharmony_ci.. data:: METHOD_SHA256 577db96d56Sopenharmony_ci 587db96d56Sopenharmony_ci Another Modular Crypt Format method with 16 character salt and 43 597db96d56Sopenharmony_ci character hash based on the SHA-256 hash function. 607db96d56Sopenharmony_ci 617db96d56Sopenharmony_ci.. data:: METHOD_BLOWFISH 627db96d56Sopenharmony_ci 637db96d56Sopenharmony_ci Another Modular Crypt Format method with 22 character salt and 31 647db96d56Sopenharmony_ci character hash based on the Blowfish cipher. 657db96d56Sopenharmony_ci 667db96d56Sopenharmony_ci .. versionadded:: 3.7 677db96d56Sopenharmony_ci 687db96d56Sopenharmony_ci.. data:: METHOD_MD5 697db96d56Sopenharmony_ci 707db96d56Sopenharmony_ci Another Modular Crypt Format method with 8 character salt and 22 717db96d56Sopenharmony_ci character hash based on the MD5 hash function. 727db96d56Sopenharmony_ci 737db96d56Sopenharmony_ci.. data:: METHOD_CRYPT 747db96d56Sopenharmony_ci 757db96d56Sopenharmony_ci The traditional method with a 2 character salt and 13 characters of 767db96d56Sopenharmony_ci hash. This is the weakest method. 777db96d56Sopenharmony_ci 787db96d56Sopenharmony_ci 797db96d56Sopenharmony_ciModule Attributes 807db96d56Sopenharmony_ci----------------- 817db96d56Sopenharmony_ci 827db96d56Sopenharmony_ci.. versionadded:: 3.3 837db96d56Sopenharmony_ci 847db96d56Sopenharmony_ci.. attribute:: methods 857db96d56Sopenharmony_ci 867db96d56Sopenharmony_ci A list of available password hashing algorithms, as 877db96d56Sopenharmony_ci ``crypt.METHOD_*`` objects. This list is sorted from strongest to 887db96d56Sopenharmony_ci weakest. 897db96d56Sopenharmony_ci 907db96d56Sopenharmony_ci 917db96d56Sopenharmony_ciModule Functions 927db96d56Sopenharmony_ci---------------- 937db96d56Sopenharmony_ci 947db96d56Sopenharmony_ciThe :mod:`crypt` module defines the following functions: 957db96d56Sopenharmony_ci 967db96d56Sopenharmony_ci.. function:: crypt(word, salt=None) 977db96d56Sopenharmony_ci 987db96d56Sopenharmony_ci *word* will usually be a user's password as typed at a prompt or in a graphical 997db96d56Sopenharmony_ci interface. The optional *salt* is either a string as returned from 1007db96d56Sopenharmony_ci :func:`mksalt`, one of the ``crypt.METHOD_*`` values (though not all 1017db96d56Sopenharmony_ci may be available on all platforms), or a full encrypted password 1027db96d56Sopenharmony_ci including salt, as returned by this function. If *salt* is not 1037db96d56Sopenharmony_ci provided, the strongest method available in :attr:`methods` will be used. 1047db96d56Sopenharmony_ci 1057db96d56Sopenharmony_ci Checking a password is usually done by passing the plain-text password 1067db96d56Sopenharmony_ci as *word* and the full results of a previous :func:`crypt` call, 1077db96d56Sopenharmony_ci which should be the same as the results of this call. 1087db96d56Sopenharmony_ci 1097db96d56Sopenharmony_ci *salt* (either a random 2 or 16 character string, possibly prefixed with 1107db96d56Sopenharmony_ci ``$digit$`` to indicate the method) which will be used to perturb the 1117db96d56Sopenharmony_ci encryption algorithm. The characters in *salt* must be in the set 1127db96d56Sopenharmony_ci ``[./a-zA-Z0-9]``, with the exception of Modular Crypt Format which 1137db96d56Sopenharmony_ci prefixes a ``$digit$``. 1147db96d56Sopenharmony_ci 1157db96d56Sopenharmony_ci Returns the hashed password as a string, which will be composed of 1167db96d56Sopenharmony_ci characters from the same alphabet as the salt. 1177db96d56Sopenharmony_ci 1187db96d56Sopenharmony_ci .. index:: single: crypt(3) 1197db96d56Sopenharmony_ci 1207db96d56Sopenharmony_ci Since a few :manpage:`crypt(3)` extensions allow different values, with 1217db96d56Sopenharmony_ci different sizes in the *salt*, it is recommended to use the full crypted 1227db96d56Sopenharmony_ci password as salt when checking for a password. 1237db96d56Sopenharmony_ci 1247db96d56Sopenharmony_ci .. versionchanged:: 3.3 1257db96d56Sopenharmony_ci Accept ``crypt.METHOD_*`` values in addition to strings for *salt*. 1267db96d56Sopenharmony_ci 1277db96d56Sopenharmony_ci 1287db96d56Sopenharmony_ci.. function:: mksalt(method=None, *, rounds=None) 1297db96d56Sopenharmony_ci 1307db96d56Sopenharmony_ci Return a randomly generated salt of the specified method. If no 1317db96d56Sopenharmony_ci *method* is given, the strongest method available in :attr:`methods` is 1327db96d56Sopenharmony_ci used. 1337db96d56Sopenharmony_ci 1347db96d56Sopenharmony_ci The return value is a string suitable for passing as the *salt* argument 1357db96d56Sopenharmony_ci to :func:`crypt`. 1367db96d56Sopenharmony_ci 1377db96d56Sopenharmony_ci *rounds* specifies the number of rounds for ``METHOD_SHA256``, 1387db96d56Sopenharmony_ci ``METHOD_SHA512`` and ``METHOD_BLOWFISH``. 1397db96d56Sopenharmony_ci For ``METHOD_SHA256`` and ``METHOD_SHA512`` it must be an integer between 1407db96d56Sopenharmony_ci ``1000`` and ``999_999_999``, the default is ``5000``. For 1417db96d56Sopenharmony_ci ``METHOD_BLOWFISH`` it must be a power of two between ``16`` (2\ :sup:`4`) 1427db96d56Sopenharmony_ci and ``2_147_483_648`` (2\ :sup:`31`), the default is ``4096`` 1437db96d56Sopenharmony_ci (2\ :sup:`12`). 1447db96d56Sopenharmony_ci 1457db96d56Sopenharmony_ci .. versionadded:: 3.3 1467db96d56Sopenharmony_ci 1477db96d56Sopenharmony_ci .. versionchanged:: 3.7 1487db96d56Sopenharmony_ci Added the *rounds* parameter. 1497db96d56Sopenharmony_ci 1507db96d56Sopenharmony_ci 1517db96d56Sopenharmony_ciExamples 1527db96d56Sopenharmony_ci-------- 1537db96d56Sopenharmony_ci 1547db96d56Sopenharmony_ciA simple example illustrating typical use (a constant-time comparison 1557db96d56Sopenharmony_cioperation is needed to limit exposure to timing attacks. 1567db96d56Sopenharmony_ci:func:`hmac.compare_digest` is suitable for this purpose):: 1577db96d56Sopenharmony_ci 1587db96d56Sopenharmony_ci import pwd 1597db96d56Sopenharmony_ci import crypt 1607db96d56Sopenharmony_ci import getpass 1617db96d56Sopenharmony_ci from hmac import compare_digest as compare_hash 1627db96d56Sopenharmony_ci 1637db96d56Sopenharmony_ci def login(): 1647db96d56Sopenharmony_ci username = input('Python login: ') 1657db96d56Sopenharmony_ci cryptedpasswd = pwd.getpwnam(username)[1] 1667db96d56Sopenharmony_ci if cryptedpasswd: 1677db96d56Sopenharmony_ci if cryptedpasswd == 'x' or cryptedpasswd == '*': 1687db96d56Sopenharmony_ci raise ValueError('no support for shadow passwords') 1697db96d56Sopenharmony_ci cleartext = getpass.getpass() 1707db96d56Sopenharmony_ci return compare_hash(crypt.crypt(cleartext, cryptedpasswd), cryptedpasswd) 1717db96d56Sopenharmony_ci else: 1727db96d56Sopenharmony_ci return True 1737db96d56Sopenharmony_ci 1747db96d56Sopenharmony_ciTo generate a hash of a password using the strongest available method and 1757db96d56Sopenharmony_cicheck it against the original:: 1767db96d56Sopenharmony_ci 1777db96d56Sopenharmony_ci import crypt 1787db96d56Sopenharmony_ci from hmac import compare_digest as compare_hash 1797db96d56Sopenharmony_ci 1807db96d56Sopenharmony_ci hashed = crypt.crypt(plaintext) 1817db96d56Sopenharmony_ci if not compare_hash(hashed, crypt.crypt(plaintext, hashed)): 1827db96d56Sopenharmony_ci raise ValueError("hashed version doesn't validate against original") 183