1"""Wrapper to the POSIX crypt library call and associated functionality."""
2
3import _crypt
4import string as _string
5from random import SystemRandom as _SystemRandom
6from collections import namedtuple as _namedtuple
7
8
9_saltchars = _string.ascii_letters + _string.digits + './'
10_sr = _SystemRandom()
11
12
13class _Method(_namedtuple('_Method', 'name ident salt_chars total_size')):
14
15    """Class representing a salt method per the Modular Crypt Format or the
16    legacy 2-character crypt method."""
17
18    def __repr__(self):
19        return '<crypt.METHOD_{}>'.format(self.name)
20
21
22def mksalt(method=None):
23    """Generate a salt for the specified method.
24
25    If not specified, the strongest available method will be used.
26
27    """
28    if method is None:
29        method = methods[0]
30    s = '${}$'.format(method.ident) if method.ident else ''
31    s += ''.join(_sr.choice(_saltchars) for char in range(method.salt_chars))
32    return s
33
34
35def crypt(word, salt=None):
36    """Return a string representing the one-way hash of a password, with a salt
37    prepended.
38
39    If ``salt`` is not specified or is ``None``, the strongest
40    available method will be selected and a salt generated.  Otherwise,
41    ``salt`` may be one of the ``crypt.METHOD_*`` values, or a string as
42    returned by ``crypt.mksalt()``.
43
44    """
45    if salt is None or isinstance(salt, _Method):
46        salt = mksalt(salt)
47    return _crypt.crypt(word, salt)
48
49
50#  available salting/crypto methods
51METHOD_CRYPT = _Method('CRYPT', None, 2, 13)
52METHOD_MD5 = _Method('MD5', '1', 8, 34)
53METHOD_SHA256 = _Method('SHA256', '5', 16, 63)
54METHOD_SHA512 = _Method('SHA512', '6', 16, 106)
55
56methods = []
57for _method in (METHOD_SHA512, METHOD_SHA256, METHOD_MD5, METHOD_CRYPT):
58    _result = crypt('', _method)
59    if _result and len(_result) == _method.total_size:
60        methods.append(_method)
61del _result, _method
62