开源 企业版 高校版 私有云 模力方舟 AI 队友
代码拉取完成,页面将自动刷新
捐赠
捐赠前请先登录
扫描微信二维码支付
取消
支付完成
支付提示
将跳转至支付宝完成支付
确定
取消
1 Star 0 Fork 0

source-code-analysis/python3.8.1

加入 Gitee
与超过 1400万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
已有帐号? 立即登录
文件
master
分支 (1)
master
master
分支 (1)
master
克隆/下载
克隆/下载
提示
下载代码请复制以下命令到终端执行
为确保你提交的代码身份被 Gitee 正确识别,请执行以下命令完成配置
初次使用 SSH 协议进行代码克隆、推送等操作时,需按下述提示完成 SSH 配置
1 生成 RSA 密钥
2 获取 RSA 公钥内容,并配置到 SSH公钥
在 Gitee 上使用 SVN,请访问 使用指南
使用 HTTPS 协议时,命令行会出现如下账号密码验证步骤。基于安全考虑,Gitee 建议 配置并使用私人令牌 替代登录密码进行克隆、推送等操作
Username for 'https://gitee.com': userName
Password for 'https://userName@gitee.com': # 私人令牌
master
分支 (1)
master
python3.8.1
/
Doc
/
library
/
crypt.rst
python3.8.1
/
Doc
/
library
/
crypt.rst
crypt.rst 5.64 KB
一键复制 编辑 原始数据 按行查看 历史
zhangweibo 提交于 2021年11月16日 09:46 +08:00 . git init

:mod:`crypt` --- Function to check Unix passwords

.. module:: crypt
 :platform: Unix
 :synopsis: The crypt() function used to check Unix passwords.

.. moduleauthor:: Steven D. Majewski <sdm7g@virginia.edu>
.. sectionauthor:: Steven D. Majewski <sdm7g@virginia.edu>
.. sectionauthor:: Peter Funk <pf@artcom-gmbh.de>

Source code: :source:`Lib/crypt.py`

.. index::
 single: crypt(3)
 pair: cipher; DES


This module implements an interface to the :manpage:`crypt(3)` routine, which is a one-way hash function based upon a modified DES algorithm; see the Unix man page for further details. Possible uses include storing hashed passwords so you can check passwords without storing the actual password, or attempting to crack Unix passwords with a dictionary.

.. index:: single: crypt(3)

Notice that the behavior of this module depends on the actual implementation of the :manpage:`crypt(3)` routine in the running system. Therefore, any extensions available on the current implementation will also be available on this module.

.. availability:: Unix. Not available on VxWorks.

Hashing Methods

.. versionadded:: 3.3

The :mod:`crypt` module defines the list of hashing methods (not all methods are available on all platforms):

.. data:: METHOD_SHA512

 A Modular Crypt Format method with 16 character salt and 86 character
 hash based on the SHA-512 hash function. This is the strongest method.

.. data:: METHOD_SHA256

 Another Modular Crypt Format method with 16 character salt and 43
 character hash based on the SHA-256 hash function.

.. data:: METHOD_BLOWFISH

 Another Modular Crypt Format method with 22 character salt and 31
 character hash based on the Blowfish cipher.

 .. versionadded:: 3.7

.. data:: METHOD_MD5

 Another Modular Crypt Format method with 8 character salt and 22
 character hash based on the MD5 hash function.

.. data:: METHOD_CRYPT

 The traditional method with a 2 character salt and 13 characters of
 hash. This is the weakest method.


Module Attributes

.. versionadded:: 3.3

.. attribute:: methods

 A list of available password hashing algorithms, as
 ``crypt.METHOD_*`` objects. This list is sorted from strongest to
 weakest.


Module Functions

The :mod:`crypt` module defines the following functions:

.. function:: crypt(word, salt=None)

 *word* will usually be a user's password as typed at a prompt or in a graphical
 interface. The optional *salt* is either a string as returned from
 :func:`mksalt`, one of the ``crypt.METHOD_*`` values (though not all
 may be available on all platforms), or a full encrypted password
 including salt, as returned by this function. If *salt* is not
 provided, the strongest method will be used (as returned by
 :func:`methods`).

 Checking a password is usually done by passing the plain-text password
 as *word* and the full results of a previous :func:`crypt` call,
 which should be the same as the results of this call.

 *salt* (either a random 2 or 16 character string, possibly prefixed with
 ``$digit$`` to indicate the method) which will be used to perturb the
 encryption algorithm. The characters in *salt* must be in the set
 ``[./a-zA-Z0-9]``, with the exception of Modular Crypt Format which
 prefixes a ``$digit$``.

 Returns the hashed password as a string, which will be composed of
 characters from the same alphabet as the salt.

 .. index:: single: crypt(3)

 Since a few :manpage:`crypt(3)` extensions allow different values, with
 different sizes in the *salt*, it is recommended to use the full crypted
 password as salt when checking for a password.

 .. versionchanged:: 3.3
 Accept ``crypt.METHOD_*`` values in addition to strings for *salt*.


.. function:: mksalt(method=None, *, rounds=None)

 Return a randomly generated salt of the specified method. If no
 *method* is given, the strongest method available as returned by
 :func:`methods` is used.

 The return value is a string suitable for passing as the *salt* argument
 to :func:`crypt`.

 *rounds* specifies the number of rounds for ``METHOD_SHA256``,
 ``METHOD_SHA512`` and ``METHOD_BLOWFISH``.
 For ``METHOD_SHA256`` and ``METHOD_SHA512`` it must be an integer between
 ``1000`` and ``999_999_999``, the default is ``5000``. For
 ``METHOD_BLOWFISH`` it must be a power of two between ``16`` (2\ :sup:`4`)
 and ``2_147_483_648`` (2\ :sup:`31`), the default is ``4096``
 (2\ :sup:`12`).

 .. versionadded:: 3.3

 .. versionchanged:: 3.7
 Added the *rounds* parameter.


Examples

A simple example illustrating typical use (a constant-time comparison operation is needed to limit exposure to timing attacks. :func:`hmac.compare_digest` is suitable for this purpose):

import pwd
import crypt
import getpass
from hmac import compare_digest as compare_hash

def login():
 username = input('Python login: ')
 cryptedpasswd = pwd.getpwnam(username)[1]
 if cryptedpasswd:
 if cryptedpasswd == 'x' or cryptedpasswd == '*':
 raise ValueError('no support for shadow passwords')
 cleartext = getpass.getpass()
 return compare_hash(crypt.crypt(cleartext, cryptedpasswd), cryptedpasswd)
 else:
 return True

To generate a hash of a password using the strongest available method and check it against the original:

import crypt
from hmac import compare_digest as compare_hash

hashed = crypt.crypt(plaintext)
if not compare_hash(hashed, crypt.crypt(plaintext, hashed)):
 raise ValueError("hashed version doesn't validate against original")
Loading...
举报
举报成功
我们将于2个工作日内通过站内信反馈结果给你!
请认真填写举报原因,尽可能描述详细。
请选择举报类型
取消
发送
误判申诉

此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。

如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。

取消
提交

简介

暂无描述
取消

发行版

暂无发行版

贡献者

全部

近期动态

不能加载更多了
编辑仓库简介
简介内容
主页
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/python_sourcecode/python3.8.1.git
git@gitee.com:python_sourcecode/python3.8.1.git
python_sourcecode
python3.8.1
python3.8.1
master
点此查找更多帮助

搜索帮助

评论
仓库举报
回到顶部
登录提示
该操作需登录 Gitee 帐号,请先登录后再操作。
立即登录
没有帐号,去注册

AltStyle によって変換されたページ (->オリジナル) /