1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
|
=============================================
:mod:`passlib.utils` - Helper Functions
=============================================
.. module:: passlib.utils
:synopsis: internal helpers for implementing password hashes
.. warning::
This module is primarily used as an internal support module.
It's interface has not been finalized yet, and may be changed somewhat
between major releases of Passlib, as the internal code is cleaned up
and simplified.
This module primarily contains utility functions used interally by Passlib.
However, end-user applications may find some of the functions useful,
in particular:
* :func:`consteq`
* :func:`saslprep`
* :func:`generate_password`
Constants
=========
..
.. data:: sys_bits
Native bit size of host architecture (either 32 or 64 bit).
used for various purposes internally.
.. data:: unix_crypt_schemes
List of the names of all the hashes in :mod:`passlib.hash`
which are natively supported by :func:`crypt` on at least one operating
system.
For all hashes in this list, the expression
:samp:`passlib.hash.{alg}.has_backend("os_crypt")`
will return ``True`` if the host OS natively supports the hash.
This list is used by :data:`~passlib.hosts.host_context`
and :data:`~passlib.apps.ldap_context` to determine
which hashes are supported by the host.
.. seealso:: :ref:`mcf-identifiers` for a table of which OSes are known to support which hashes.
..
PYPY
JYTHON
rounds_cost_values
..
Decorators
==========
.. autofunction:: classproperty
Unicode Helpers
===============
.. autofunction:: consteq
.. autofunction:: saslprep
Bytes Helpers
=============
.. autofunction:: xor_bytes
.. autofunction:: render_bytes
.. autofunction:: int_to_bytes
.. autofunction:: bytes_to_int
Encoding Helpers
================
.. autofunction:: is_same_codec
.. autofunction:: is_ascii_codec
.. autofunction:: is_ascii_safe
.. autofunction:: to_bytes
.. autofunction:: to_unicode
.. autofunction:: to_native_str
Base64 Encoding
===============
Base64Engine Class
------------------
Passlib has to deal with a number of different Base64 encodings,
with varying endianness, as well as wildly different character <-> value
mappings. This is all encapsulated in the :class:`Base64Engine` class,
which provides common encoding actions for an arbitrary base64-style encoding
scheme. There are also a couple of predefined instances which are commonly
used by the hashes in Passlib.
.. autoclass:: Base64Engine
Common Character Maps
---------------------
.. data:: BASE64_CHARS
Character map used by standard MIME-compatible Base64 encoding scheme.
.. data:: HASH64_CHARS
Base64 character map used by a number of hash formats;
the ordering is wildly different from the standard base64 character map.
This encoding system appears to have originated with
:class:`~passlib.hash.des_crypt`, but is used by
:class:`~passlib.hash.md5_crypt`, :class:`~passlib.hash.sha256_crypt`,
and others. Within Passlib, this encoding is referred as the "hash64" encoding,
to distinguish it from normal base64 and others.
.. data:: BCRYPT_CHARS
Base64 character map used by :class:`~passlib.hash.bcrypt`.
The ordering is wildly different from both the standard base64 character map,
and the common hash64 character map.
Predefined Instances
--------------------
.. data:: h64
Predefined instance of :class:`Base64Engine` which uses
the :data:`!HASH64_CHARS` character map and little-endian encoding.
(see :data:`HASH64_CHARS` for more details).
.. data:: h64big
Predefined variant of :data:`h64` which uses big-endian encoding.
This is mainly used by :class:`~passlib.hash.des_crypt`.
.. versionchanged:: 1.6
Previous versions of Passlib contained
a module named :mod:`!passlib.utils.h64`; As of Passlib 1.6 this
was replaced by the the ``h64`` and ``h64big`` instances of
the :class:`Base64Engine` class;
the interface remains mostly unchanged.
Other
-----
.. autofunction:: ab64_encode
.. autofunction:: ab64_decode
..
.. data:: AB64_CHARS
Variant of standard Base64 character map used by some
custom Passlib hashes (see :func:`ab64_encode`).
..
Host OS
=======
.. autofunction:: safe_crypt
.. autofunction:: tick
Randomness
==========
.. data:: rng
The random number generator used by Passlib to generate
salt strings and other things which don't require a
cryptographically strong source of randomness.
If :func:`os.urandom` support is available,
this will be an instance of :class:`!random.SystemRandom`,
otherwise it will use the default python PRNG class,
seeded from various sources at startup.
.. autofunction:: getrandbytes
.. autofunction:: getrandstr
.. autofunction:: generate_password(size=10, charset=<default charset>)
Interface Tests
===============
.. autofunction:: is_crypt_handler
.. autofunction:: is_crypt_context
.. autofunction:: has_rounds_info
.. autofunction:: has_salt_info
Submodules
==========
There are also a few sub modules which provide additional utility functions:
.. toctree::
:maxdepth: 1
passlib.utils.handlers
passlib.utils.des
passlib.utils.pbkdf2
..
passlib.utils.compat
|
