##// END OF EJS Templates
Add hashed passphrase generation and verification.
Stefan van der Walt -
Show More
@@ -0,0 +1,79 b''
1 """
2 Password generation for the IPython notebook.
3 """
4
5 import hashlib
6 import random
7
8 def passwd(passphrase):
9 """Generate hashed password and salt for use in notebook configuration.
10
11 Parameters
12 ----------
13 passphrase : str
14 Password to hash.
15
16 Returns
17 -------
18 hashed_passphrase : str
19 Hashed password, in the format 'hash_algorithm:salt:passphrase_hash'.
20
21 Examples
22 --------
23 In [1]: passwd('mypassword')
24 Out[1]: 'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12'
25
26 """
27 algorithm = 'sha1'
28
29 h = hashlib.new(algorithm)
30 salt = hex(int(random.getrandbits(16)))[2:]
31 h.update(passphrase + salt)
32
33 return ':'.join((algorithm, salt, h.hexdigest()))
34
35 def passwd_check(hashed_passphrase, passphrase):
36 """Verify that a given passphrase matches its hashed version.
37
38 Parameters
39 ----------
40 hashed_passphrase : str
41 Hashed password, in the format returned by `passwd`.
42 passphrase : str
43 Passphrase to validate.
44
45 Returns
46 -------
47 valid : bool
48 True if the passphrase matches the hash.
49
50 Examples
51 --------
52 In [1]: from IPython.lib.security import passwd_check
53
54 In [2]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
55 ...: 'mypassword')
56 Out[2]: True
57
58 In [3]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
59 ...: 'anotherpassword')
60 Out[3]: False
61
62 """
63 # Algorithm and hash length
64 supported_algorithms = {'sha1': 40}
65
66 try:
67 algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)
68 except (ValueError, TypeError):
69 return False
70
71 if not (algorithm in supported_algorithms and \
72 len(pw_digest) == supported_algorithms[algorithm] and \
73 len(salt) == 4):
74 return False
75
76 h = hashlib.new(algorithm)
77 h.update(passphrase + salt)
78
79 return h.hexdigest() == pw_digest
@@ -0,0 +1,21 b''
1 from IPython.lib import passwd
2 from IPython.lib.security import passwd_check
3 import nose.tools as nt
4
5 def test_passwd_structure():
6 p = passwd('passphrase')
7 algorithm, salt, hashed = p.split(':')
8 nt.assert_equals(algorithm, 'sha1')
9 nt.assert_equals(len(salt), 4)
10 nt.assert_equals(len(hashed), 40)
11
12 def test_roundtrip():
13 p = passwd('passphrase')
14 nt.assert_equals(passwd_check(p, 'passphrase'), True)
15
16 def test_bad():
17 p = passwd('passphrase')
18 nt.assert_equals(passwd_check(p, p), False)
19 nt.assert_equals(passwd_check(p, 'a:b:c:d'), False)
20 nt.assert_equals(passwd_check(p, 'a:b'), False)
21
@@ -1,30 +1,32 b''
1 # encoding: utf-8
1 # encoding: utf-8
2 """
2 """
3 Extra capabilities for IPython
3 Extra capabilities for IPython
4 """
4 """
5
5
6 #-----------------------------------------------------------------------------
6 #-----------------------------------------------------------------------------
7 # Copyright (C) 2008-2009 The IPython Development Team
7 # Copyright (C) 2008-2009 The IPython Development Team
8 #
8 #
9 # Distributed under the terms of the BSD License. The full license is in
9 # Distributed under the terms of the BSD License. The full license is in
10 # the file COPYING, distributed as part of this software.
10 # the file COPYING, distributed as part of this software.
11 #-----------------------------------------------------------------------------
11 #-----------------------------------------------------------------------------
12
12
13 #-----------------------------------------------------------------------------
13 #-----------------------------------------------------------------------------
14 # Imports
14 # Imports
15 #-----------------------------------------------------------------------------
15 #-----------------------------------------------------------------------------
16
16
17 from IPython.lib.inputhook import (
17 from IPython.lib.inputhook import (
18 enable_wx, disable_wx,
18 enable_wx, disable_wx,
19 enable_gtk, disable_gtk,
19 enable_gtk, disable_gtk,
20 enable_qt4, disable_qt4,
20 enable_qt4, disable_qt4,
21 enable_tk, disable_tk,
21 enable_tk, disable_tk,
22 enable_glut, disable_glut,
22 enable_glut, disable_glut,
23 enable_pyglet, disable_pyglet,
23 enable_pyglet, disable_pyglet,
24 set_inputhook, clear_inputhook,
24 set_inputhook, clear_inputhook,
25 current_gui
25 current_gui
26 )
26 )
27
27
28 from IPython.lib.security import passwd
29
28 #-----------------------------------------------------------------------------
30 #-----------------------------------------------------------------------------
29 # Code
31 # Code
30 #-----------------------------------------------------------------------------
32 #-----------------------------------------------------------------------------
General Comments 0
You need to be logged in to leave comments. Login now