1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
=================================================================================
:mod:`passlib.hash.ext_des_crypt` - BSDi (Extended DES) Crypt
=================================================================================
.. module:: passlib.hash.ext_des_crypt
:synopsis: BSDi (Extended DES) Crypt
This algorithm was developed by BSDi for their BSD/OS distribution.
It's based on :mod:`~passlib.hash.des_crypt`, and contains a larger
salt and a variable number of rounds. Nonetheless, since it's based on DES,
and still shares many of des-crypt's other flaws,
it should not be used in new applications.
Usage
=====
Aside from differences in format and salt size,
ext-des-crypt usage is exactly the same as :mod:`~passlib.hash.des_crypt`.
.. todo::
this needs separate usage, showing rounds parameter.
Functions
=========
.. autofunction:: genconfig
.. autofunction:: genhash
.. autofunction:: encrypt
.. autofunction:: identify
.. autofunction:: verify
Format
======
An example hash (of ``password``) is ``_EQ0.jzhSVeUyoSqLupI``.
An ext_des_crypt hash string consists of a 21 character string of the form ``_{rounds}{salt}{checksum}``.
All characters except the underscore prefix are drawn from ``[./0-9A-Za-z]``.
* ``_`` - the underscore is used to distinguish this scheme from others, such as des-crypt.
* ``{rounds>`` is the number of rounds, stored as a 4 character :mod:`hash64 <passlib.utils.h64>`-encoded 24-bit integer (``EQ0.`` in the example).
* ``{salt}`` is the salt, stored as as a 4 character hash64-encoded 24-bit integer (``jzhS`` in the example).
* ``{checksum}`` is the checksum, stored as an 11 character hash64-encoded 64-bit integer (``VeUyoSqLupI`` in the example).
A ext_des_crypt configuration string is also accepted by this module;
and has the same format as the hash string, but with the checksum portion omitted.
Algorithm
=========
The checksum is formed by a modified version of the DES cipher in encrypt mode:
* First, the lower 7 bits of the first 8 characters of the password are used
to form a 56-bit DES key, in the same manner as des-crypt.
* Unlike des-crypt, the remainder of the password is also used. For every additional
8 characters in the password, the key is encrypted using a single round of DES,
with itself as the input block. It is then xor'ed against the lower 7 bits
of the next 8 characters in the password. This is repeated until the password
is used up.
* The checksum is then generated by recursively performing a variable number rounds of DES encryption
starting with a null input block. The 24 bits of salt are used to mutate
the action performed by each block of the DES key schedule (see the source
of :func:`~passlib.utils.des.mdes_encrypt_int_block` for details).
* The rounds, salt, and checksum are then encoded according the format as described above.
Deviations
==========
This implementation of ext-des-crypt differs from others in one way:
* Before generating a hash, PassLib encodes unicode passwords using UTF-8.
The original ext-des-crypt was designed for 7-bit us-ascii, so this should not
conflict with most existing hashes. As of this writing, the authors
know of no specification defining the official behavior that should be used
in this situtation.
References
==========
* `<http://fuse4bsd.creo.hu/localcgi/man-cgi.cgi?crypt+3>`_ - primary source used for description of ext-des-crypt format & algorithm
|
