1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
#####################################################################
#
# SSHA A module implementing the SSHA encryption algorithm
#
# This software is governed by a license. See
# LICENSE.txt for the terms of this license.
#
#####################################################################
import sha
from binascii import b2a_base64, a2b_base64
from random import randrange
"""
SSHA is a modification of the SHA digest scheme with a salt
starting at byte 20 of the base64-encoded string.
This module contributed by Dirk Datzert
"""
# Source: [11]http://developer.netscape.com/docs/technote/ldap/pass_sha.html
def generate_salt():
# Salt can be any length, but not more than about 37 characters
# because of limitations of the binascii module.
# 7 is what Netscape's example used and should be enough.
# All 256 characters are available.
salt = ''
for n in range(7):
salt += chr(randrange(256))
return salt
def encrypt(password):
password = str(password)
salt = generate_salt()
return b2a_base64(sha.new(password + salt).digest() + salt)[:-1]
def validate(reference, attempt):
try:
ref = a2b_base64(reference)
except binascii.Error:
# Not valid base64.
return 0
salt = ref[20:]
compare = b2a_base64(sha.new(attempt + salt).digest() + salt)[:-1]
return (compare == reference)
|
