root / snf-image-helper / hashpwd.py @ master
History | View | Annotate | Download (2.4 kB)
1 |
#!/usr/bin/env python
|
---|---|
2 |
|
3 |
# Copyright (C) 2011, 2013 GRNET S.A.
|
4 |
#
|
5 |
# This program is free software; you can redistribute it and/or modify
|
6 |
# it under the terms of the GNU General Public License as published by
|
7 |
# the Free Software Foundation; either version 2 of the License, or
|
8 |
# (at your option) any later version.
|
9 |
#
|
10 |
# This program is distributed in the hope that it will be useful, but
|
11 |
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
13 |
# General Public License for more details.
|
14 |
#
|
15 |
# You should have received a copy of the GNU General Public License
|
16 |
# along with this program; if not, write to the Free Software
|
17 |
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
18 |
# 02110-1301, USA.
|
19 |
|
20 |
"""Generate a hash from a given password
|
21 |
|
22 |
This program takes a password as an argument and returns to standard output a
|
23 |
hash followed by a newline.
|
24 |
|
25 |
"""
|
26 |
|
27 |
import sys |
28 |
|
29 |
import passlib.hash |
30 |
|
31 |
from string import ascii_letters, digits |
32 |
from random import choice |
33 |
from os.path import basename |
34 |
from optparse import OptionParser |
35 |
|
36 |
|
37 |
def random_salt(length=8): |
38 |
pool = ascii_letters + digits + "/" + "." |
39 |
return ''.join(choice(pool) for i in range(length)) |
40 |
|
41 |
|
42 |
METHOD = { |
43 |
# Name: (algoritm, options)
|
44 |
'md5': (passlib.hash.md5_crypt, {}),
|
45 |
'blowfish': (passlib.hash.bcrypt, {}),
|
46 |
'sha256': (
|
47 |
passlib.hash.sha256_crypt, |
48 |
{'rounds': 5000, 'implicit_rounds': True, 'salt': random_salt()}), |
49 |
'sha512': (
|
50 |
passlib.hash.sha512_crypt, |
51 |
{'rounds': 5000, 'implicit_rounds': True, 'salt': random_salt()}), |
52 |
'sha1': (passlib.hash.sha1_crypt, {})
|
53 |
} |
54 |
|
55 |
|
56 |
def parse_arguments(input_args): |
57 |
usage = "usage: %prog [-h] [-m encrypt-method] <password>"
|
58 |
parser = OptionParser(usage=usage) |
59 |
parser.add_option( |
60 |
"-m", "--encrypt-method", dest="encrypt_method", type='choice', |
61 |
default="sha512", choices=METHOD.keys(),
|
62 |
help="encrypt password with ENCRYPT_METHOD [%default] (supported: " +
|
63 |
", ".join(METHOD.keys()) + ")" |
64 |
) |
65 |
|
66 |
(opts, args) = parser.parse_args(input_args) |
67 |
|
68 |
if len(args) != 1: |
69 |
parser.error('password is missing')
|
70 |
|
71 |
return (args[0], opts.encrypt_method) |
72 |
|
73 |
|
74 |
def main(): |
75 |
(passwd, method) = parse_arguments(sys.argv[1:])
|
76 |
|
77 |
algorithm, options = METHOD[method] |
78 |
print algorithm.encrypt(passwd, **options)
|
79 |
|
80 |
return 0 |
81 |
|
82 |
if __name__ == "__main__": |
83 |
sys.exit(main()) |
84 |
|
85 |
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai :
|