seahub/tools/secret_key_generator.py

#!/usr/bin/env python
# encoding: utf-8
"""Lifted from https://github.com/django/django/blob/master/django/core/management/commands/startproject.py#L30
"""
import hashlib
import random
import sys
import time

# Use the system PRNG if possible
try:
    random = random.SystemRandom()
    using_sysrandom = True
except NotImplementedError:
    import warnings
    warnings.warn('A secure pseudo-random number generator is not available '
                  'on your system. Falling back to Mersenne Twister.')
    using_sysrandom = False

def get_random_string(length=12,
                      allowed_chars='abcdefghijklmnopqrstuvwxyz'
                                    'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'):
    """
    Returns a securely generated random string.

    The default length of 12 with the a-z, A-Z, 0-9 character set returns
    a 71-bit value. log_2((26+26+10)^12) =~ 71 bits
    """
    if not using_sysrandom:
        # This is ugly, and a hack, but it makes things better than
        # the alternative of predictability. This re-seeds the PRNG
        # using a value that is hard for an attacker to predict, every
        # time a random string is required. This may change the
        # properties of the chosen random sequence slightly, but this
        # is better than absolute predictability.
        random.seed(
            hashlib.sha256(
                ("%s%s%s" % (
                    random.getstate(),
                    time.time(),
                    '')).encode('utf-8')
            ).digest())
    return ''.join(random.choice(allowed_chars) for i in range(length))

if __name__ == "__main__":
    chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
    key = get_random_string(50, chars)
    if len(sys.argv) == 2:
        fp = open(sys.argv[1], 'w')
        fp.write("SECRET_KEY = \"%s\"\n" % key)
        fp.close()
    else:
        print key
Add secret key generator 2012-07-05 13:07:49 +00:00			`#!/usr/bin/env python`
			`# encoding: utf-8`
Update secret key generator 2015-06-15 02:44:54 +00:00			`"""Lifted from https://github.com/django/django/blob/master/django/core/management/commands/startproject.py#L30`
			`"""`
			`import hashlib`
Add secret key generator 2012-07-05 13:07:49 +00:00			`import random`
Update secret key generator 2015-06-15 02:44:54 +00:00			`import sys`
			`import time`
Add secret key generator 2012-07-05 13:07:49 +00:00
Update secret key generator 2015-06-15 02:44:54 +00:00			`# Use the system PRNG if possible`
			`try:`
			`random = random.SystemRandom()`
			`using_sysrandom = True`
			`except NotImplementedError:`
			`import warnings`
			`warnings.warn('A secure pseudo-random number generator is not available '`
			`'on your system. Falling back to Mersenne Twister.')`
			`using_sysrandom = False`
Add secret key generator 2012-07-05 13:07:49 +00:00
Update secret key generator 2015-06-15 02:44:54 +00:00			`def get_random_string(length=12,`
			`allowed_chars='abcdefghijklmnopqrstuvwxyz'`
			`'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'):`
Add secret key generator 2012-07-05 13:07:49 +00:00			`"""`
Update secret key generator 2015-06-15 02:44:54 +00:00			`Returns a securely generated random string.`

			`The default length of 12 with the a-z, A-Z, 0-9 character set returns`
			`a 71-bit value. log_2((26+26+10)^12) =~ 71 bits`
Add secret key generator 2012-07-05 13:07:49 +00:00			`"""`
Update secret key generator 2015-06-15 02:44:54 +00:00			`if not using_sysrandom:`
			`# This is ugly, and a hack, but it makes things better than`
			`# the alternative of predictability. This re-seeds the PRNG`
			`# using a value that is hard for an attacker to predict, every`
			`# time a random string is required. This may change the`
			`# properties of the chosen random sequence slightly, but this`
			`# is better than absolute predictability.`
			`random.seed(`
			`hashlib.sha256(`
			`("%s%s%s" % (`
			`random.getstate(),`
			`time.time(),`
			`'')).encode('utf-8')`
			`).digest())`
			`return ''.join(random.choice(allowed_chars) for i in range(length))`
Add secret key generator 2012-07-05 13:07:49 +00:00
Move out secret_key_generator from settings 2012-07-06 11:14:07 +00:00			`if __name__ == "__main__":`
Update secret key generator 2015-06-15 02:44:54 +00:00			`chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'`
			`key = get_random_string(50, chars)`
Update script for init seahub_settings.py in Windows 2013-04-20 18:17:25 +00:00			`if len(sys.argv) == 2:`
			`fp = open(sys.argv[1], 'w')`
			`fp.write("SECRET_KEY = \"%s\"\n" % key)`
			`fp.close()`
			`else:`
			`print key`