calculate
/
calculate-utils-3-lib
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0ee655adf9'
${ noResults }
calculate-utils-3-lib/pym/calculate/lib/encrypt.py

136 lines
4.5 KiB
Raw Blame History

# -*- coding: utf-8 -*-
# Copyright 2008-2016 Mir Calculate. http://www.calculate-linux.org
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import sys
import os
import hashlib
import crypt
import string
from random import choice
from base64 import encodestring as _b64enc
b64encode = lambda x: _b64enc(x).rstrip()
try:
from smbpasswd import lmhash, nthash
except ImportError:
lmhash, nthash = None, None
from cl_print import color_print
import cl_overriding
from calculate.lib.cl_lang import setLocalTranslate
_ = lambda x: x
setLocalTranslate('cl_lib3', sys.modules[__name__])
class encrypt(color_print):
"""Класс хранения общих методов используемых для настройки сервисов
Методы шифрования, создания сертификатов и.т. д
"""
def __GenCryptSalt__(self, len=2):
"""Генерация соли для хеширования пароля (CRYPT)"""
chars = string.letters + string.digits + "./"
salt = ""
for i in range(len):
salt = salt + choice(chars)
return salt
def getHashPasswd(self, password, SecHashAlg):
"""Генерация хеша пароля,
Поддерживаемые алгоритмы шифрования пароля:
plain, md5, smd5, crypt, sha, ssha, lm, nt, shadow_ssha512,
shadow_ssha256, shadow_md5
"""
if not password:
self.printERROR(_("ERROR") + " getHashPasswd: " +
_("empty password"))
return False
if SecHashAlg == "plain":
hash_pwd = password
elif SecHashAlg == "md5":
h = hashlib.md5(password)
hash_pwd = "{MD5}" + b64encode(h.digest())
elif SecHashAlg == "smd5":
salt = os.urandom(4)
h = hashlib.md5(password)
h.update(salt)
hash_pwd = "{SMD5}" + b64encode(h.digest() + salt)
elif SecHashAlg == "shadow_ssha512":
salt = self.__GenCryptSalt__(8)
hash_pwd = crypt.crypt(password, "$6$%s$" % salt)
elif SecHashAlg == "shadow_ssha256":
salt = self.__GenCryptSalt__(8)
hash_pwd = crypt.crypt(password, "$5$%s$" % salt)
elif SecHashAlg == "shadow_md5":
salt = self.__GenCryptSalt__(8)
hash_pwd = crypt.crypt(password, "$1$%s$" % salt)
elif SecHashAlg == "crypt":
salt = self.__GenCryptSalt__()
hash_pwd = "{CRYPT}" + crypt.crypt(password, salt)
elif SecHashAlg == "sha":
h = hashlib.sha1(password)
hash_pwd = "{SHA}" + b64encode(h.digest())
elif SecHashAlg == "ssha":
salt = os.urandom(4)
h = hashlib.sha1(password)
h.update(salt)
hash_pwd = "{SSHA}" + b64encode(h.digest() + salt)
elif SecHashAlg == "lm" and lmhash:
hash_pwd = lmhash(password)
elif SecHashAlg == "nt" and nthash:
hash_pwd = nthash(password)
else:
if SecHashAlg in ("lm", "nt"):
self.printERROR(
_("ERROR") + " getHashPasswd: " +
(_("Failed to support '%s' encryption algorithm")
% SecHashAlg) + " " + _("without py-smbpasswd"))
else:
self.printERROR(_("ERROR") + " getHashPasswd: " +
_("Failed to support '%s' encryption algorithm")
% SecHashAlg)
return False
return hash_pwd
def getHash(password, encr):
"""Получить хеш пароля
password - пароль
encr - алгоритм шифрования, например 'ssha'
"""
encryptObj = encrypt()
hashPwd = encryptObj.getHashPasswd(password, encr.lower())
if hashPwd:
return hashPwd
else:
encryptObj.printERROR(_("Password encryption error, "
"method getHash()"))
cl_overriding.exit(1)
Reference in new issue View Git Blame Copy Permalink