##// END OF EJS Templates
Update docstring to refer to hashlib.
Stefan van der Walt -
Show More
@@ -1,81 +1,82 b''
1 """
1 """
2 Password generation for the IPython notebook.
2 Password generation for the IPython notebook.
3 """
3 """
4
4
5 import hashlib
5 import hashlib
6 import random
6 import random
7
7
8 def passwd(passphrase, algorithm='sha1'):
8 def passwd(passphrase, algorithm='sha1'):
9 """Generate hashed password and salt for use in notebook configuration.
9 """Generate hashed password and salt for use in notebook configuration.
10
10
11 In the notebook configuration, set `c.NotebookApp.password` to
11 In the notebook configuration, set `c.NotebookApp.password` to
12 the generated string.
12 the generated string.
13
13
14 Parameters
14 Parameters
15 ----------
15 ----------
16 passphrase : str
16 passphrase : str
17 Password to hash.
17 Password to hash.
18 algorithm : str
18 algorithm : str
19 Hashing algorithm to use.
19 Hashing algorithm to use (e.g, 'sha1' or any argument supported
20 by :func:`hashlib.new`).
20
21
21 Returns
22 Returns
22 -------
23 -------
23 hashed_passphrase : str
24 hashed_passphrase : str
24 Hashed password, in the format 'hash_algorithm:salt:passphrase_hash'.
25 Hashed password, in the format 'hash_algorithm:salt:passphrase_hash'.
25
26
26 Examples
27 Examples
27 --------
28 --------
28 In [1]: passwd('mypassword')
29 In [1]: passwd('mypassword')
29 Out[1]: 'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12'
30 Out[1]: 'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12'
30
31
31 """
32 """
32 h = hashlib.new(algorithm)
33 h = hashlib.new(algorithm)
33 salt = '%04x' % random.getrandbits(16)
34 salt = '%04x' % random.getrandbits(16)
34 h.update(passphrase + salt)
35 h.update(passphrase + salt)
35
36
36 return ':'.join((algorithm, salt, h.hexdigest()))
37 return ':'.join((algorithm, salt, h.hexdigest()))
37
38
38 def passwd_check(hashed_passphrase, passphrase):
39 def passwd_check(hashed_passphrase, passphrase):
39 """Verify that a given passphrase matches its hashed version.
40 """Verify that a given passphrase matches its hashed version.
40
41
41 Parameters
42 Parameters
42 ----------
43 ----------
43 hashed_passphrase : str
44 hashed_passphrase : str
44 Hashed password, in the format returned by `passwd`.
45 Hashed password, in the format returned by `passwd`.
45 passphrase : str
46 passphrase : str
46 Passphrase to validate.
47 Passphrase to validate.
47
48
48 Returns
49 Returns
49 -------
50 -------
50 valid : bool
51 valid : bool
51 True if the passphrase matches the hash.
52 True if the passphrase matches the hash.
52
53
53 Examples
54 Examples
54 --------
55 --------
55 In [1]: from IPython.lib.security import passwd_check
56 In [1]: from IPython.lib.security import passwd_check
56
57
57 In [2]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
58 In [2]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
58 ...: 'mypassword')
59 ...: 'mypassword')
59 Out[2]: True
60 Out[2]: True
60
61
61 In [3]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
62 In [3]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
62 ...: 'anotherpassword')
63 ...: 'anotherpassword')
63 Out[3]: False
64 Out[3]: False
64
65
65 """
66 """
66 try:
67 try:
67 algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)
68 algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)
68 except (ValueError, TypeError):
69 except (ValueError, TypeError):
69 return False
70 return False
70
71
71 try:
72 try:
72 h = hashlib.new(algorithm)
73 h = hashlib.new(algorithm)
73 except ValueError:
74 except ValueError:
74 return False
75 return False
75
76
76 if len(pw_digest) == 0 or len(salt) != 4:
77 if len(pw_digest) == 0 or len(salt) != 4:
77 return False
78 return False
78
79
79 h.update(passphrase + salt)
80 h.update(passphrase + salt)
80
81
81 return h.hexdigest() == pw_digest
82 return h.hexdigest() == pw_digest
General Comments 0
You need to be logged in to leave comments. Login now