mirror of
https://github.com/haiwen/seahub.git
synced 2025-06-25 14:43:15 +00:00
54 lines
1.8 KiB
Python
54 lines
1.8 KiB
Python
#!/usr/bin/env python
|
|
# encoding: utf-8
|
|
# Copyright (c) 2012-2016 Seafile Ltd.
|
|
|
|
import hashlib
|
|
import random
|
|
import sys
|
|
import time
|
|
|
|
# Use the system PRNG if possible
|
|
try:
|
|
random = random.SystemRandom()
|
|
using_sysrandom = True
|
|
except NotImplementedError:
|
|
import warnings
|
|
warnings.warn('A secure pseudo-random number generator is not available '
|
|
'on your system. Falling back to Mersenne Twister.')
|
|
using_sysrandom = False
|
|
|
|
def get_random_string(length=12,
|
|
allowed_chars='abcdefghijklmnopqrstuvwxyz'
|
|
'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'):
|
|
"""
|
|
Returns a securely generated random string.
|
|
|
|
The default length of 12 with the a-z, A-Z, 0-9 character set returns
|
|
a 71-bit value. log_2((26+26+10)^12) =~ 71 bits
|
|
"""
|
|
if not using_sysrandom:
|
|
# This is ugly, and a hack, but it makes things better than
|
|
# the alternative of predictability. This re-seeds the PRNG
|
|
# using a value that is hard for an attacker to predict, every
|
|
# time a random string is required. This may change the
|
|
# properties of the chosen random sequence slightly, but this
|
|
# is better than absolute predictability.
|
|
random.seed(
|
|
hashlib.sha256(
|
|
("%s%s%s" % (
|
|
random.getstate(),
|
|
time.time(),
|
|
'')).encode('utf-8')
|
|
).digest())
|
|
return ''.join(random.choice(allowed_chars) for i in range(length))
|
|
|
|
if __name__ == "__main__":
|
|
chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
|
|
key = get_random_string(50, chars)
|
|
if len(sys.argv) == 2:
|
|
fp = open(sys.argv[1], 'w')
|
|
fp.write("SECRET_KEY = \"%s\"\n" % key)
|
|
fp.close()
|
|
else:
|
|
print key
|