diff options
author | Eli Collins <elic@assurancetechnologies.com> | 2011-02-16 23:05:21 -0500 |
---|---|---|
committer | Eli Collins <elic@assurancetechnologies.com> | 2011-02-16 23:05:21 -0500 |
commit | e08e43f15f8f9d46e36958c07d51ac209f9392fa (patch) | |
tree | 51063876b8f2f362476e79b954bcf8a5206e55a1 /docs/lib | |
parent | 0598f260cd96274eac99041178a1c37f61a3478e (diff) | |
download | passlib-e08e43f15f8f9d46e36958c07d51ac209f9392fa.tar.gz |
doc cleanup - changed hash descriptions from modules -> classes
Diffstat (limited to 'docs/lib')
-rw-r--r-- | docs/lib/passlib.hash.apr_md5_crypt.rst | 23 | ||||
-rw-r--r-- | docs/lib/passlib.hash.bcrypt.rst | 13 | ||||
-rw-r--r-- | docs/lib/passlib.hash.bsdi_crypt.rst | 15 | ||||
-rw-r--r-- | docs/lib/passlib.hash.des_crypt.rst | 33 | ||||
-rw-r--r-- | docs/lib/passlib.hash.md5_crypt.rst | 15 | ||||
-rw-r--r-- | docs/lib/passlib.hash.mysql323.rst (renamed from docs/lib/passlib.hash.mysql_323.rst) | 15 | ||||
-rw-r--r-- | docs/lib/passlib.hash.mysql41.rst (renamed from docs/lib/passlib.hash.mysql_41.rst) | 15 | ||||
-rw-r--r-- | docs/lib/passlib.hash.nthash.rst | 13 | ||||
-rw-r--r-- | docs/lib/passlib.hash.phpass.rst | 11 | ||||
-rw-r--r-- | docs/lib/passlib.hash.postgres_md5.rst | 13 | ||||
-rw-r--r-- | docs/lib/passlib.hash.rst | 15 | ||||
-rw-r--r-- | docs/lib/passlib.hash.sha1_crypt.rst | 13 | ||||
-rw-r--r-- | docs/lib/passlib.hash.sha256_crypt.rst | 11 | ||||
-rw-r--r-- | docs/lib/passlib.hash.sha512_crypt.rst | 13 | ||||
-rw-r--r-- | docs/lib/passlib.hash.sun_md5_crypt.rst | 21 | ||||
-rw-r--r-- | docs/lib/passlib.sqldb.rst | 10 | ||||
-rw-r--r-- | docs/lib/passlib.unix.rst | 46 | ||||
-rw-r--r-- | docs/lib/passlib.utils.des.rst | 2 |
18 files changed, 126 insertions, 171 deletions
diff --git a/docs/lib/passlib.hash.apr_md5_crypt.rst b/docs/lib/passlib.hash.apr_md5_crypt.rst index 017ff31..58de5eb 100644 --- a/docs/lib/passlib.hash.apr_md5_crypt.rst +++ b/docs/lib/passlib.hash.apr_md5_crypt.rst @@ -1,17 +1,20 @@ -================================================================== -:mod:`passlib.hash.apr_md5_crypt` - Apache MD5-Crypt password hash -================================================================== +==================================================================== +:class:`passlib.hash.apr_md5_crypt` - Apache MD5-Crypt password hash +==================================================================== -.. module:: passlib.hash.apr_md5_crypt - :synopsis: Apache MD5-Crypt variant +.. currentmodule:: passlib.hash -This format is a variation of :mod:`~passlib.hash.md5_crypt`, +This format is a variation of :class:`~passlib.hash.md5_crypt`, primarily used by the Apache webserver in ``htpasswd`` files. It contains only minor changes to md5-crypt, and should be considered just as strong / weak as md5-crypt itself. -Format & Algorithm -================== +Functions +========= +.. autoclass:: apr_md5_crypt + +Format +====== This format is identical to md5-crypt, except for two things: it uses ``$apr1$`` as a prefix where md5-crypt uses ``$1$``, and inserts ``$apr1$`` where md5-crypt inserts ``$1$`` into @@ -19,7 +22,9 @@ it's internal hash calculation. Thus, hashes generated by this and md5-crypt are in no way compatible with eachother (they will not even have the same checksum for the same salt). -For details about usage & algorithm, see :mod:`~passlib.hash.md5_crypt`. +Usage & Algorithm +================= +For details about usage & algorithm, see :class:`~passlib.hash.md5_crypt`. References ========== diff --git a/docs/lib/passlib.hash.bcrypt.rst b/docs/lib/passlib.hash.bcrypt.rst index 32842fc..190bece 100644 --- a/docs/lib/passlib.hash.bcrypt.rst +++ b/docs/lib/passlib.hash.bcrypt.rst @@ -1,11 +1,10 @@ ================================================================== -:mod:`passlib.hash.bcrypt` - BCrypt +:class:`passlib.hash.bcrypt` - BCrypt ================================================================== -.. module:: passlib.hash.bcrypt - :synopsis: BCrypt +.. currentmodule:: passlib.hash -BCrypt was developed to replace :mod:`~passlib.hash.md5_crypt` for BSD systems. +BCrypt was developed to replace :class:`~passlib.hash.md5_crypt` for BSD systems. It uses a modified version of the Blowfish stream cipher. Featuring a large salt and variable number of rounds, it's currently the default password hash for many systems (notably BSD), and has no known weaknesses. @@ -24,11 +23,7 @@ Usage Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: bcrypt Format & Algorithm ================== diff --git a/docs/lib/passlib.hash.bsdi_crypt.rst b/docs/lib/passlib.hash.bsdi_crypt.rst index 09991cc..a39cfd8 100644 --- a/docs/lib/passlib.hash.bsdi_crypt.rst +++ b/docs/lib/passlib.hash.bsdi_crypt.rst @@ -1,12 +1,11 @@ ================================================================================= -:mod:`passlib.hash.bsdi_crypt` - BSDi (Extended DES) Crypt +:class:`passlib.hash.bsdi_crypt` - BSDi (Extended DES) Crypt ================================================================================= -.. module:: passlib.hash.bsdi_crypt - :synopsis: BSDi (Extended DES) Crypt +.. currentmodule:: passlib.hash This algorithm was developed by BSDi for their BSD/OS distribution. -It's based on :mod:`~passlib.hash.des_crypt`, and contains a larger +It's based on :class:`~passlib.hash.des_crypt`, and contains a larger salt and a variable number of rounds. Nonetheless, since it's based on DES, and still shares many of des-crypt's other flaws, it should not be used in new applications. @@ -14,7 +13,7 @@ it should not be used in new applications. Usage ===== Aside from differences in format and salt size, -ext-des-crypt usage is exactly the same as :mod:`~passlib.hash.des_crypt`. +ext-des-crypt usage is exactly the same as :class:`~passlib.hash.des_crypt`. .. todo:: @@ -22,11 +21,7 @@ ext-des-crypt usage is exactly the same as :mod:`~passlib.hash.des_crypt`. Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: bsdi_crypt Format ====== diff --git a/docs/lib/passlib.hash.des_crypt.rst b/docs/lib/passlib.hash.des_crypt.rst index c67394d..b75a107 100644 --- a/docs/lib/passlib.hash.des_crypt.rst +++ b/docs/lib/passlib.hash.des_crypt.rst @@ -1,9 +1,8 @@ ======================================================================= -:mod:`passlib.hash.des_crypt` - Tradtional Unix (DES) Crypt +:class:`passlib.hash.des_crypt` - Tradtional Unix (DES) Crypt ======================================================================= -.. module:: passlib.hash.des_crypt - :synopsis: Traditional Unix (DES) Crypt +.. currentmodule:: passlib.hash .. warning:: @@ -12,15 +11,15 @@ It suffers from it's use of the DES cipher, a small number of salt bits, and fact that it uses only the first 8 characters of the password. -This module implements the original DES-based Unix Crypt algorithm. +This class implements the original DES-based Unix Crypt algorithm. While no longer in active use, it is supported for legacy purposes by many unix variants. Usage ===== -This module can be used directly as follows:: +This class can be used directly as follows:: - >>> from passlib.hash.import des_crypt as dc + >>> from passlib.hash import des_crypt as dc >>> dc.encrypt("password") #generate new salt, encrypt password 'JQMuyS6H.AGMo' @@ -37,11 +36,7 @@ This module can be used directly as follows:: Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: des_crypt Format ====== @@ -61,10 +56,12 @@ The checksum is formed by a modified version of the DES cipher in encrypt mode: * First, the lower 7 bits of the first 8 characters of the password are used to form a 56-bit DES key. The remainder of the password is ignored. + Passwords less than 8 characters are null-padded. * The checksum is then generated by recursively performing 25 rounds of DES encryption, - starting with a null input block. The 12 bits of salt are used to mutate - the action performed by each block of the DES key schedule (see the source + starting with a null input block. The 12 bit salt is used to mutate + the action performed by each block of the DES key schedule, + in a manner dependant on the previous block (see the source of :func:`~passlib.utils.des.mdes_encrypt_int_block` for details). * The checksum and salt are then encoded according the format, as described above. @@ -79,11 +76,11 @@ This implementation of des-crypt differs from others in a few ways: know of no specification defining the official behavior that should be used in this situtation. -* Some implementations (eg: linux) accept empty and single-character salt strings, - as well as salt strings containing other characters. The behavior for these - implementations is not immediately obvious, desirable, and/or correct. - Lacking even a de facto standard, this implementation will throw - a "invalid salt" ValueError for such inputs. +* Some implementations accept empty and single-character salt strings, + as well as salt strings containing other characters. The various + implementation of des-crypt vary wildy in how they deal with these + border cases, including errors, non-standard algorithms, and unpredicateble results. + To avoid all this, Passlib will throw an "invalid salt" ValueError for these cases. References ========== diff --git a/docs/lib/passlib.hash.md5_crypt.rst b/docs/lib/passlib.hash.md5_crypt.rst index eaa6edd..380b9e9 100644 --- a/docs/lib/passlib.hash.md5_crypt.rst +++ b/docs/lib/passlib.hash.md5_crypt.rst @@ -1,9 +1,8 @@ ================================================================== -:mod:`passlib.hash.md5_crypt` - MD5 Crypt +:class:`passlib.hash.md5_crypt` - MD5 Crypt ================================================================== -.. module:: passlib.hash.md5_crypt - :synopsis: MD5 Crypt +.. currentmodule:: passlib.hash This algorithm was developed to replace the aging des-crypt. It is supported by a wide variety of unix flavors, and is found @@ -13,13 +12,13 @@ algorithm which it's based around is considered broken, though pre-image attacks are currently only theoretical. Despite this, MD5-Crypt itself is not considered broken, and is still considered ok to use, though new applications -should use a stronger scheme (eg :mod:`~passlib.hash.sha512_crypt`) if possible. +should use a stronger scheme (eg :class:`~passlib.hash.sha512_crypt`) if possible. Usage ===== This module can be used directly as follows:: - >>> from passlib.hash.import md5_crypt as mc + >>> from passlib.hash import md5_crypt as mc >>> mc.encrypt("password") #generate new salt, encrypt password '$1$3azHgidD$SrJPt7B.9rekpmwJwtON31' @@ -36,11 +35,7 @@ This module can be used directly as follows:: Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: md5_crypt Format ====== diff --git a/docs/lib/passlib.hash.mysql_323.rst b/docs/lib/passlib.hash.mysql323.rst index 0d668d3..310b770 100644 --- a/docs/lib/passlib.hash.mysql_323.rst +++ b/docs/lib/passlib.hash.mysql323.rst @@ -1,9 +1,8 @@ ======================================================================== -:mod:`passlib.hash.mysql_323` - MySQL 3.2.3 password hash +:class:`passlib.hash.mysql323` - MySQL 3.2.3 password hash ======================================================================== -.. module:: passlib.hash.mysql_323 - :synopsis: MySQL 3.2.3 password hash +.. currentmodule:: passlib.hash .. warning:: @@ -15,7 +14,7 @@ This module implements the first of MySQL's password hash functions, used to store it's user account passwords. Introduced in MySQL 3.2.3 under the function ``PASSWORD()``, this function was renamed to ``OLD_PASSWORD()`` under MySQL 4.1, when a newer password -hash algorithm was introduced (see :mod:`~passlib.hash.mysql_41`). +hash algorithm was introduced (see :class:`~passlib.hash.mysql41`). Lacking any sort of salt, it's simplistic algorithm amounts to little more than a checksum, and should not be used for *any* purpose but verifying existing MySQL 3.2.3 - 4.0 password hashes. @@ -26,7 +25,7 @@ Users will most likely find the frontends provided by :mod:`passlib.sqldb` to be more useful than accessing this module directly. That aside, this module can be used directly as follows:: - >>> from passlib.hash.import mysql_323 as mold + >>> from passlib.hash import mysql323 as mold >>> mold.encrypt("password") #encrypt password '5d2e19393cc5ef67' @@ -43,11 +42,7 @@ That aside, this module can be used directly as follows:: Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: mysql323 Format & Algorithm ================== diff --git a/docs/lib/passlib.hash.mysql_41.rst b/docs/lib/passlib.hash.mysql41.rst index 85a0b71..ed5666a 100644 --- a/docs/lib/passlib.hash.mysql_41.rst +++ b/docs/lib/passlib.hash.mysql41.rst @@ -1,9 +1,8 @@ ===================================================================== -:mod:`passlib.hash.mysql_41` - MySQL 4.1 password hash +:class:`passlib.hash.mysql41` - MySQL 4.1 password hash ===================================================================== -.. module:: passlib.hash.mysql_41 - :synopsis: MySQL 4.1 password hash +.. currentmodule:: passlib.hash .. warning:: @@ -14,7 +13,7 @@ This module implements the second of MySQL's password hash functions, used to store it's user account passwords. Introduced in MySQL 4.1.1 under the function ``PASSWORD()``, it replaced the previous -algorithm (:mod:`~passlib.hash.mysql_323`) as the default +algorithm (:class:`~passlib.hash.mysql323`) as the default used by MySQL, and is still in active use under MySQL 5. Lacking any sort of salt, and using only 2 rounds of the common SHA1 message digest, it's not very secure, @@ -26,15 +25,11 @@ Usage Users will most likely find the frontends provided by :mod:`passlib.sqldb` to be more useful than accessing this module directly. That aside, this module can be used directly in the same manner -as :mod:`~passlib.hash.mysql_323`. +as :class:`~passlib.hash.mysql323`. Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: mysql41 Format & Algorithm ================== diff --git a/docs/lib/passlib.hash.nthash.rst b/docs/lib/passlib.hash.nthash.rst index bb35415..130db53 100644 --- a/docs/lib/passlib.hash.nthash.rst +++ b/docs/lib/passlib.hash.nthash.rst @@ -1,9 +1,8 @@ ================================================================== -:mod:`passlib.hash.nthash` - Windows NT-HASH for Unix +:class:`passlib.hash.nthash` - Windows NT-HASH for Unix ================================================================== -.. module:: passlib.hash.nthash - :synopsis: Windows NT-HASH for Unix +.. currentmodule:: passlib.hash .. warning:: @@ -26,14 +25,10 @@ Usage Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: nthash In addition to the normal password hash api, this module also exposes -the following method: +the following: .. function:: raw_nthash(secret, hex=False) diff --git a/docs/lib/passlib.hash.phpass.rst b/docs/lib/passlib.hash.phpass.rst index 01e2690..2237e53 100644 --- a/docs/lib/passlib.hash.phpass.rst +++ b/docs/lib/passlib.hash.phpass.rst @@ -1,9 +1,8 @@ ================================================================== -:mod:`passlib.hash.phpass` - PHPass Portable Hash +:class:`passlib.hash.phpass` - PHPass Portable Hash ================================================================== -.. module:: passlib.hash.phpass - :synopsis: PHPass Portable Hash +.. currentmodule:: passlib.hash This algorithm is used primarily by PHP software which uses the `PHPass <http://www.openwall.com/phpass/>`_ library, @@ -21,11 +20,7 @@ Usage Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: phpass Format ================== diff --git a/docs/lib/passlib.hash.postgres_md5.rst b/docs/lib/passlib.hash.postgres_md5.rst index 2294506..a0cc793 100644 --- a/docs/lib/passlib.hash.postgres_md5.rst +++ b/docs/lib/passlib.hash.postgres_md5.rst @@ -1,9 +1,8 @@ ================================================================== -:mod:`passlib.hash.postgres_md5` - PostgreSQL MD5 password hash +:class:`passlib.hash.postgres_md5` - PostgreSQL MD5 password hash ================================================================== -.. module:: passlib.hash.postgres_md5 - :synopsis: PostgreSQL MD5 password hash +.. currentmodule:: passlib.hash .. warning:: @@ -24,7 +23,7 @@ Users will most likely find the frontend provided by :mod:`passlib.sqldb` to be more useful than accessing this module directly. That aside, this module can be used directly as follows:: - >>> from passlib.hash.import postgres_md5 as pm + >>> from passlib.hash import postgres_md5 as pm >>> pm.encrypt("password", "username") #encrypt password using specified username 'md55a231fcdb710d73268c4f44283487ba2' @@ -43,11 +42,7 @@ That aside, this module can be used directly as follows:: Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: postgres_md5 Format & Algorithm ================== diff --git a/docs/lib/passlib.hash.rst b/docs/lib/passlib.hash.rst index b243d05..78cd721 100644 --- a/docs/lib/passlib.hash.rst +++ b/docs/lib/passlib.hash.rst @@ -15,11 +15,14 @@ While many applications may find it easier to use a :class:`CryptContext` instance, or retreive handlers via :func:`get_crypt_handler`, they can also be imported and used directly from this package: - >>> from passlib.hash.import md5_crypt + >>> from passlib.hash import md5_crypt >>> hash = md5_crypt.encrypt("password") Passlib contains the following builtin password algorithms: +.. + XXX: should we have an "archaic" section for des/bsdi/bigcrypt/crypt16? + Standard Unix Schemes --------------------- All these schemes are/were used by various unix flavors to store user passwords. @@ -40,13 +43,17 @@ the :ref:`modular crypt format <modular-crypt-format>`. .. toctree:: :hidden: + passlib.hash.bigcrypt + passlib.hash.crypt16 passlib.hash.sun_md5_crypt .. todo:: These aren't fully implemented / tested yet: - * :mod:`~passlib.hash.sun_md5_crypt` - MD5-based scheme used by Solaris 10 (NOT related to md5-crypt above). + * :class:`~passlib.hash.bigcrypt` + * :class:`~passlib.hash.crypt16` + * :class:`~passlib.hash.sun_md5_crypt` - MD5-based scheme used by Solaris 10 (NOT related to md5-crypt above). Non-Standard Unix-Compatible Schemes ------------------------------------ @@ -71,6 +78,6 @@ not seen outside those specific contexts: .. toctree:: :maxdepth: 1 - passlib.hash.mysql_323 - passlib.hash.mysql_41 + passlib.hash.mysql323 + passlib.hash.mysql41 passlib.hash.postgres_md5 diff --git a/docs/lib/passlib.hash.sha1_crypt.rst b/docs/lib/passlib.hash.sha1_crypt.rst index e9b01b5..3c242dd 100644 --- a/docs/lib/passlib.hash.sha1_crypt.rst +++ b/docs/lib/passlib.hash.sha1_crypt.rst @@ -1,9 +1,8 @@ =================================================================== -:mod:`passlib.hash.sha1_crypt` - SHA-1 Crypt +:class:`passlib.hash.sha1_crypt` - SHA-1 Crypt =================================================================== -.. module:: passlib.hash.sha1_crypt - :synopsis: SHA-1 Crypt +.. currentmodule:: passlib.hash SHA1-Crypt is a hash algorithm introduced by NetBSD in 2004. It's based on a variation of the PBKDF1 algorithm, @@ -12,15 +11,11 @@ and supports a large salt and variable number of rounds. Usage ===== Supporting a variable sized salt and variable number of rounds, -this scheme is used in exactly the same way as :mod:`~passlib.hash.sha512_crypt`. +this scheme is used in exactly the same way as :class:`~passlib.hash.sha512_crypt`. Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass: sha1_crypt Format ====== diff --git a/docs/lib/passlib.hash.sha256_crypt.rst b/docs/lib/passlib.hash.sha256_crypt.rst index d709c84..0b3595f 100644 --- a/docs/lib/passlib.hash.sha256_crypt.rst +++ b/docs/lib/passlib.hash.sha256_crypt.rst @@ -1,11 +1,10 @@ ================================================================== -:mod:`passlib.hash.sha256_crypt` - SHA-256 Crypt +:class:`passlib.hash.sha256_crypt` - SHA-256 Crypt ================================================================== -.. module:: passlib.hash.sha526_crypt - :synopsis: SHA-256 Crypt +.. currentmodule:: passlib.hash -This scheme is identical to :mod:`~passlib.hash.sha512_crypt` in almost every way, +This scheme is identical to :class:`~passlib.hash.sha512_crypt` in almost every way, they are defined by the same specification and have the same design and structure, except the following differences: @@ -13,4 +12,6 @@ except the following differences: * it uses SHA-256 as it's internal hash function instead of SHA-512. * it's output hash is correspondingly smaller. -For details about this module, see :mod:`~passlib.hash.sha512_crypt`. +For details about this module, see :class:`~passlib.hash.sha512_crypt`. + +.. autoclass:: sha256_crypt diff --git a/docs/lib/passlib.hash.sha512_crypt.rst b/docs/lib/passlib.hash.sha512_crypt.rst index cdf4e23..d5987c7 100644 --- a/docs/lib/passlib.hash.sha512_crypt.rst +++ b/docs/lib/passlib.hash.sha512_crypt.rst @@ -1,12 +1,11 @@ =================================================================== -:mod:`passlib.hash.sha512_crypt` - SHA-512 Crypt +:class:`passlib.hash.sha512_crypt` - SHA-512 Crypt =================================================================== -.. module:: passlib.hash.sha512_crypt - :synopsis: SHA-512 Crypt +.. currentmodule:: passlib.hash SHA-512 Crypt and SHA-256 Crypt were developed as a response -to :mod:`~passlib.hash.bcrypt`. They are descendants of :mod:`~passlib.hash.md5_crypt`, +to :class:`~passlib.hash.bcrypt`. They are descendants of :class:`~passlib.hash.md5_crypt`, and incorporate many changes: replaced MD5 with newer message digest algorithms, some internal cleanups in MD5-Crypt's rounds algorithm, and the introduction of a variable rounds parameter. @@ -22,11 +21,7 @@ Usage Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: sha512_crypt Format & Algorithm ================== diff --git a/docs/lib/passlib.hash.sun_md5_crypt.rst b/docs/lib/passlib.hash.sun_md5_crypt.rst index 393c9c2..84b209d 100644 --- a/docs/lib/passlib.hash.sun_md5_crypt.rst +++ b/docs/lib/passlib.hash.sun_md5_crypt.rst @@ -1,9 +1,8 @@ -=============================================================== -:mod:`passlib.hash.sun_md5_crypt` - Sun MD5 Crypt password hash -=============================================================== +================================================================= +:class:`passlib.hash.sun_md5_crypt` - Sun MD5 Crypt password hash +================================================================= -.. module:: passlib.hash.sun_md5_crypt - :synopsis: Sun MD5 Crypt +.. currentmodule:: passlib.hash .. warning:: @@ -16,7 +15,7 @@ This algorithm is used by Solaris, as a replacement for the aging des-crypt. It is mainly used on later versions of Solaris, and is not found many other places. While based on the MD5 message digest, it has very little at all -in common with the :mod:`~passlib.hash.md5_crypt` algorithm. It supports +in common with the :class:`~passlib.hash.md5_crypt` algorithm. It supports 32 bit variable rounds and an 8 character salt. Due to a theoretic pre-image attacks on the MD5 message digest, this algorithm should probably not be used in new deploys. @@ -25,15 +24,11 @@ Usage ===== This module supports both rounds and salts, and so can be used in the exact same manner -as :mod:`~passlib.hash.sha512_crypt`. +as :class:`~passlib.hash.sha512_crypt`. Functions ========= -.. autofunction:: genconfig -.. autofunction:: genhash -.. autofunction:: encrypt -.. autofunction:: identify -.. autofunction:: verify +.. autoclass:: sun_md5_crypt Format ====== @@ -74,7 +69,7 @@ by one of the creators). Given a password, the number of rounds, and a salt... - if a 0, the same as 1, except that magic constant data is not included. * The final checksum is then encoded into :mod:`hash64 <~passlib.hash.h64>` using the same - transposed byte order that :mod:`~passlib.hash.md5_crypt` uses. + transposed byte order that :class:`~passlib.hash.md5_crypt` uses. The constant data string is referenced above is a 1517 byte ascii string... an excerpt from Hamlet, starting with ``To be, or not to be...`` and ending with ``...all my sins remember'd.\n``, diff --git a/docs/lib/passlib.sqldb.rst b/docs/lib/passlib.sqldb.rst index 0520f30..282d1e3 100644 --- a/docs/lib/passlib.sqldb.rst +++ b/docs/lib/passlib.sqldb.rst @@ -13,7 +13,7 @@ which should be capable of recognizing passwords in modern postgres systems: .. object:: postgres_context This object should recognize password hashes stores in postgres' pg_shadow table. - it can recognize :mod:`~passlib.hash.postgres_md5` hashes, + it can recognize :class:`~passlib.hash.postgres_md5` hashes, as well as plaintext hashes. It defaults to postgres_md5 when generating new hashes. @@ -26,11 +26,11 @@ for handling MySQL user passwords: .. object:: mysql_context - This object should recognize the new :mod:`~passlib.hash.mysql_41` hashes, - as well as any legacy :mod:`~passlib.hash.mysql_323` hashes. - It defaults to mysql_41 when generating new hashes. + This object should recognize the new :class:`~passlib.hash.mysql41` hashes, + as well as any legacy :class:`~passlib.hash.mysql323` hashes. + It defaults to mysql41 when generating new hashes. .. object:: mysql3_context This object is for use with older MySQL deploys which only recognize - the :mod:`~passlib.hash.mysql_323` hash. + the :class:`~passlib.hash.mysql323` hash. diff --git a/docs/lib/passlib.unix.rst b/docs/lib/passlib.unix.rst index 4e59714..0c6eed2 100644 --- a/docs/lib/passlib.unix.rst +++ b/docs/lib/passlib.unix.rst @@ -13,19 +13,19 @@ tailor to the hashes supported on various unix systems. .. object:: linux_context this should recognize the hashes used on most linux systems: - :mod:`~passlib.hash.des_crypt`, - :mod:`~passlib.hash.md5_crypt`, - :mod:`~passlib.hash.sha256_crypt`, and - :mod:`~passlib.hash.sha512_crypt` (used as the default). + :class:`~passlib.hash.des_crypt`, + :class:`~passlib.hash.md5_crypt`, + :class:`~passlib.hash.sha256_crypt`, and + :class:`~passlib.hash.sha512_crypt` (used as the default). .. object:: bsd_context this should recognize the hashes used on most bsd systems: - :mod:`~passlib.hash.des_crypt`, - :mod:`~passlib.hash.ext_des_crypt`, - :mod:`~passlib.hash.nthash`, - :mod:`~passlib.hash.md5_crypt`, - :mod:`~passlib.hash.bcrypt` (used as the default). + :class:`~passlib.hash.des_crypt`, + :class:`~passlib.hash.ext_des_crypt`, + :class:`~passlib.hash.nthash`, + :class:`~passlib.hash.md5_crypt`, + :class:`~passlib.hash.bcrypt` (used as the default). .. note:: @@ -47,7 +47,7 @@ Usage Modular Crypt Format ==================== A vast majority of the schemes used on unix systems (and supported by this library) -follow the "Modular Crypt Format", introduced around the time :mod:`~passlib.hash.md5_crypt` was developed. +follow the "Modular Crypt Format", introduced around the time :class:`~passlib.hash.md5_crypt` was developed. This scheme allows hashes generates by multiple schemes to co-exist within a database, by requiring that all hash string begin with a unique prefix ``$identifier$``; where ``identifier`` is a short alphanumeric string globally identifying @@ -63,7 +63,7 @@ In fact, for the most part they avoid using any characters except this can be violated on some systems if the user intervenes. .. note:: - :mod:`passlib.hash.des_crypt` and :mod:`passlib.hash.ext_des_crypt` + :class:`passlib.hash.des_crypt` and :class:`passlib.hash.ext_des_crypt` do not follow this protocol, since they predate it by many years. OS Format Support @@ -71,15 +71,15 @@ OS Format Support The following table details which operating systems are known to support which schemes: -=================================== =========== =========== =========== =========== -Scheme Linux FreeBSD NetBSD OpenBSD -=================================== =========== =========== =========== =========== -:mod:`~passlib.hash.nthash` y -:mod:`~passlib.hash.des_crypt` y y y y -:mod:`~passlib.hash.ext_des_crypt` y y -:mod:`~passlib.hash.md5_crypt` y y y y -:mod:`~passlib.hash.bcrypt` y y y -:mod:`~passlib.hash.sha1_crypt` y -:mod:`~passlib.hash.sha256_crypt` y -:mod:`~passlib.hash.sha512_crypt` y -=================================== =========== =========== =========== =========== +==================================== =========== =========== =========== =========== +Scheme Linux FreeBSD NetBSD OpenBSD +==================================== =========== =========== =========== =========== +:class:`~passlib.hash.nthash` y +:class:`~passlib.hash.des_crypt` y y y y +:class:`~passlib.hash.bsdi_crypt` y y +:class:`~passlib.hash.md5_crypt` y y y y +:class:`~passlib.hash.bcrypt` y y y +:class:`~passlib.hash.sha1_crypt` y +:class:`~passlib.hash.sha256_crypt` y +:class:`~passlib.hash.sha512_crypt` y +==================================== =========== =========== =========== =========== diff --git a/docs/lib/passlib.utils.des.rst b/docs/lib/passlib.utils.des.rst index 337e4d1..fbd68ca 100644 --- a/docs/lib/passlib.utils.des.rst +++ b/docs/lib/passlib.utils.des.rst @@ -15,7 +15,7 @@ This module contains routines for encrypting blocks of data using the DES algori They do not support multi-block operation or decryption, since they are designed for use in password hash algorithms -such as :mod:`~passlib.hash.des_crypt` and :mod:`~passlib.hash.ext_des_crypt`. +such as :class:`~passlib.hash.des_crypt` and :class:`~passlib.hash.ext_des_crypt`. .. autofunction:: expand_des_key .. autofunction:: des_encrypt_block |