passlib.utils.des
 DES routines¶
Warning
NIST has declared DES to be “inadequate” for cryptographic purposes. These routines, and the password hashes based on them, should not be used in new applications.
This module contains routines for encrypting blocks of data using the DES algorithm.
Note that these functions do not support multiblock operation or decryption,
since they are designed primarily for use in password hash algorithms
(such as des_crypt
and bsdi_crypt
).

passlib.utils.des.
expand_des_key
(key)¶ convert DES from 7 bytes to 8 bytes (by inserting empty parity bits)

passlib.utils.des.
des_encrypt_block
(key, input, salt=0, rounds=1)¶ encrypt single block of data using DES, operates on 8byte strings.
Parameters:  key – DES key as 7 byte string, or 8 byte string with parity bits (parity bit values are ignored).
 input – plaintext block to encrypt, as 8 byte string.
 salt – Optional 24bit integer used to mutate the base DES algorithm in a
manner specific to
des_crypt
and its variants. The default value0
provides the normal (unsalted) DES behavior. The salt functions as follows: if thei
‘th bit ofsalt
is set, bitsi
andi+24
are swapped in the DES Ebox output.  rounds – Optional number of rounds of to apply the DES key schedule.
the default (
rounds=1
) provides the normal DES behavior, butdes_crypt
and its variants use alternate rounds values.
Raises:  TypeError – if any of the provided args are of the wrong type.
 ValueError – if any of the input blocks are the wrong size, or the salt/rounds values are out of range.
Returns: resulting 8byte ciphertext block.

passlib.utils.des.
des_encrypt_int_block
(key, input, salt=0, rounds=1)¶ encrypt single block of data using DES, operates on 64bit integers.
this function is essentially the same as
des_encrypt_block()
, except that it operates on integers, and will NOT automatically expand 56bit keys if provided (since there’s no way to detect them).Parameters:  key – DES key as 64bit integer (the parity bits are ignored).
 input – input block as 64bit integer
 salt – optional 24bit integer used to mutate the base DES algorithm.
defaults to
0
(no mutation applied).  rounds – optional number of rounds of to apply the DES key schedule.
defaults to
1
.
Raises:  TypeError – if any of the provided args are of the wrong type.
 ValueError – if any of the input blocks are the wrong size, or the salt/rounds values are out of range.
Returns: resulting ciphertext as 64bit integer.