Skip to main content

Pure-python implementation of the SHA2 crypt(3) functions

Project description

# python-crypt [![Build Status](](

Pure-python implementation of the crypt(3) SHA2 functions.

Useful for creating crypt-compatible hashes from non-*nixes (like Windows
and OS X), like when creating password hashes to initialize a *nix server

## Install

$ pip install pcrypt

## Usage

API is identical to the [built-in crypt]( module on *nix:

>>> import pcrypt, getpass
>>> print(pcrypt.crypt(getpass.getpass()))

If you want to override the number of rounds used for hashing, you can specify the parameter `rounds` to crypt:

>>> print(pcrypt.crypt(getpass.getpass(), rounds=50000))

The default number of rounds is 5000, same as for crypt(3).

To use SHA256 instead of the default SHA512:

>>> print(pcrypt.crypt(getpass.getpass(), pcrypt.METHOD_SHA256))

If the second argument is given it must be either an existing salt string matching the
format `$<algo>$(rounds=<rounds>$)?<salt>($<hash>)?`, or one of `pcrypt.METHOD_SHA256`
or `pcrypt.METHOD_SHA512`.

Without specifying salt manually the module will generate a new salt and use
the strongest hash function available.

As a little extra nugget, there's also a handy CLI to quickly generate a hash:

$ pcrypt -h
usage: pcrypt [-h] [-r ROUNDS] [-a {sha256,sha512}] [-s]

Compute a password hash for SHA256/SHA512 in crypt(3)-compatible format.
Password will be prompted for.

optional arguments:
-h, --help show this help message and exit
-r ROUNDS, --rounds ROUNDS
How many rounds of hashing to perform. More rounds are
slower, making it harder to reverse a hash through
brute force. Default: 5000
-a {sha256,sha512}, --algo {sha256,sha512}
Which algorithm to use. Default: sha512
-s, --single-prompt Don't ask to repeat the password

**NB**: You'd probably guess from this being a pure-python implementation of a compute-heavy operation, but I just have to say this explicitly: Do not use this for performance-critical applications! Performance is roughly five orders of magnitude slower than the plain C version.

Change log

[1.0.5] - 2018-01-12

### Fixed
- Only print trailing newline in cli when writing to a tty.

[1.0.4] - 2016-02-08

### Added
- Passwords can now be piped in to the pcrypt CLI.

[1.0.3] - 2015-12-19

Practically first release.


Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for pcrypt, version 1.0.5
Filename, size File type Python version Upload date Hashes
Filename, size pcrypt-1.0.5.tar.gz (6.0 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page