source: python/vendor/current/Doc/library/crypt.rst

Last change on this file was 2, checked in by Yuri Dario, 15 years ago

Initial import for vendor code.
  • Property svn:eol-style set to native
File size: 2.2 KB

:mod:`crypt` --- Function to check Unix passwords

??
.. module:: crypt
   :platform: Unix
   :synopsis: The crypt() function used to check Unix passwords.
?
.. moduleauthor:: Steven D. Majewski <sdm7g@virginia.edu>
?
.. sectionauthor:: Steven D. Majewski <sdm7g@virginia.edu>
?
.. sectionauthor:: Peter Funk <pf@artcom-gmbh.de>
?
.. index::
   single: crypt(3)
   pair: cipher; DES

This module implements an interface to the :manpage:`crypt(3)` routine, which is a one-way hash function based upon a modified DES algorithm; see the Unix man page for further details. Possible uses include allowing Python scripts to accept typed passwords from the user, or attempting to crack Unix passwords with a dictionary.

??
.. index:: single: crypt(3)

Notice that the behavior of this module depends on the actual implementation of the :manpage:`crypt(3)` routine in the running system. Therefore, any extensions available on the current implementation will also be available on this module.

??
.. function:: crypt(word, salt)

   *word* will usually be a user's password as typed at a prompt or  in a graphical
   interface.  *salt* is usually a random two-character string which will be used
   to perturb the DES algorithm in one of 4096 ways.  The characters in *salt* must
   be in the set ``[./a-zA-Z0-9]``.  Returns the hashed password as a string, which
   will be composed of characters from the same alphabet as the salt (the first two
   characters represent the salt itself).

   .. index:: single: crypt(3)

   Since a few :manpage:`crypt(3)` extensions allow different values, with
   different sizes in the *salt*, it is recommended to use  the full crypted
   password as salt when checking for a password.

A simple example illustrating typical use:

import crypt, getpass, pwd

def login():
    username = raw_input('Python login:')
    cryptedpasswd = pwd.getpwnam(username)[1]
    if cryptedpasswd:
        if cryptedpasswd == 'x' or cryptedpasswd == '*':
            raise NotImplementedError(
                "Sorry, currently no support for shadow passwords")
        cleartext = getpass.getpass()
        return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd
    else:
        return 1
Note: See TracBrowser for help on using the repository browser.