Module network_hash_gen.cisco_ios

This module provides hash functions for Cisco IOS and IOS-XE.

Currently only type 5 (md5-based) and type 9 (scrypt-based) are supported.

Expand source code 
"""
This module provides hash functions for Cisco IOS and IOS-XE.

Currently only type 5 (md5-based) and type 9 (scrypt-based) are supported.
"""
from .type_5 import Type5
from .type_9 import Type9

__all__ = ["Type5", "Type9"]

Sub-modules

network_hash_gen.cisco_ios.type_5
network_hash_gen.cisco_ios.type_9

Classes

class Type5

Calculates the md5-crypt based type 5 hashes for Cisco IOS/IOS-XE.

Expand source code 
class Type5(BaseHash):
    """
    Calculates the md5-crypt based type 5 hashes for Cisco IOS/IOS-XE.
    """

    salt_chars = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
    salt_length = 4

    @classmethod
    def hash_salted(cls, password: str, salt: str) -> str:
        """
        Calculates a Cisco IOS/IOS-XE Type 5 hash with the given password and
        salt.

        This function assumes that the given salt is valid for that hash.
        Using an invalid salt leads to undefined behaviour.
        Prefer the `hash` and `hash_seeded` functions over this
        one if possible.
        """

        m = md5_crypt.using(salt=salt).hash(password)
        return m

Ancestors

Subclasses

Class variables

var salt_chars : str

Inherited from: BaseHash.salt_chars

A string containing all characters that can be used in a salt.

var salt_length : int

Inherited from: BaseHash.salt_length

The length of the salt.

Static methods

def hash(password: str) ‑> str

Inherited from: BaseHash.hash

Calculates the hash …

def hash_salted(password: str, salt: str) ‑> str

Calculates a Cisco IOS/IOS-XE Type 5 hash with the given password and salt.

This function assumes that the given salt is valid for that hash. Using an invalid salt leads to undefined behaviour. Prefer the hash and hash_seeded functions over this one if possible.

Expand source code 
@classmethod
def hash_salted(cls, password: str, salt: str) -> str:
    """
    Calculates a Cisco IOS/IOS-XE Type 5 hash with the given password and
    salt.

    This function assumes that the given salt is valid for that hash.
    Using an invalid salt leads to undefined behaviour.
    Prefer the `hash` and `hash_seeded` functions over this
    one if possible.
    """

    m = md5_crypt.using(salt=salt).hash(password)
    return m
def hash_seeded(password: str, seed: str) ‑> str

Inherited from: BaseHash.hash_seeded

Calculates a hash with the given seed used for generating a appropriate salt …

class Type9

A base class that implements salt generation and the hash and hash_seeded functions.

A subclass only needs to specify the salt_length and salt_chars methods and the hash_salted function.

Expand source code 
class Type9(BaseHash):
    salt_length = 14
    salt_chars = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
    _std_b64chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
    _b64table = str.maketrans(_std_b64chars, salt_chars)

    @classmethod
    def hash_salted(cls, password: str, salt: str) -> str:
        """
        Calculates a Cisco IOS/IOS-XE Type 9 hash with the given password and salt.

        This function assumes that the given salt is valid for that hash.
        Using an invalid salt leads to undefined behaviour.
        Prefer the `type_9_hash` and `type_9_hash_seeded` functions over this one
        if possible.
        """

        hash = scrypt.hash(password, salt, 16384, 1, 1, 32)

        # Convert the hash from Standard Base64 to Cisco Base64
        hash = base64.b64encode(hash).decode().translate(cls._b64table)[:-1]

        return f"$9${salt}${hash}"

Ancestors

Class variables

var salt_chars : str

Inherited from: BaseHash.salt_chars

A string containing all characters that can be used in a salt.

var salt_length : int

Inherited from: BaseHash.salt_length

The length of the salt.

Static methods

def hash(password: str) ‑> str

Inherited from: BaseHash.hash

Calculates the hash …

def hash_salted(password: str, salt: str) ‑> str

Calculates a Cisco IOS/IOS-XE Type 9 hash with the given password and salt.

This function assumes that the given salt is valid for that hash. Using an invalid salt leads to undefined behaviour. Prefer the type_9_hash and type_9_hash_seeded functions over this one if possible.

Expand source code 
@classmethod
def hash_salted(cls, password: str, salt: str) -> str:
    """
    Calculates a Cisco IOS/IOS-XE Type 9 hash with the given password and salt.

    This function assumes that the given salt is valid for that hash.
    Using an invalid salt leads to undefined behaviour.
    Prefer the `type_9_hash` and `type_9_hash_seeded` functions over this one
    if possible.
    """

    hash = scrypt.hash(password, salt, 16384, 1, 1, 32)

    # Convert the hash from Standard Base64 to Cisco Base64
    hash = base64.b64encode(hash).decode().translate(cls._b64table)[:-1]

    return f"$9${salt}${hash}"
def hash_seeded(password: str, seed: str) ‑> str

Inherited from: BaseHash.hash_seeded

Calculates a hash with the given seed used for generating a appropriate salt …