##// END OF EJS Templates
Allow any hashing algorithm.
Stefan van der Walt -
Show More
@@ -1,82 +1,81 b''
1 1 """
2 2 Password generation for the IPython notebook.
3 3 """
4 4
5 5 import hashlib
6 6 import random
7 7
8 def passwd(passphrase):
8 def passwd(passphrase, algorithm='sha1'):
9 9 """Generate hashed password and salt for use in notebook configuration.
10 10
11 11 In the notebook configuration, set `c.NotebookApp.password` to
12 12 the generated string.
13 13
14 14 Parameters
15 15 ----------
16 16 passphrase : str
17 17 Password to hash.
18 algorithm : str
19 Hashing algorithm to use.
18 20
19 21 Returns
20 22 -------
21 23 hashed_passphrase : str
22 24 Hashed password, in the format 'hash_algorithm:salt:passphrase_hash'.
23 25
24 26 Examples
25 27 --------
26 28 In [1]: passwd('mypassword')
27 29 Out[1]: 'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12'
28 30
29 31 """
30 algorithm = 'sha1'
31
32 32 h = hashlib.new(algorithm)
33 33 salt = hex(int(random.getrandbits(16)))[2:]
34 34 h.update(passphrase + salt)
35 35
36 36 return ':'.join((algorithm, salt, h.hexdigest()))
37 37
38 38 def passwd_check(hashed_passphrase, passphrase):
39 39 """Verify that a given passphrase matches its hashed version.
40 40
41 41 Parameters
42 42 ----------
43 43 hashed_passphrase : str
44 44 Hashed password, in the format returned by `passwd`.
45 45 passphrase : str
46 46 Passphrase to validate.
47 47
48 48 Returns
49 49 -------
50 50 valid : bool
51 51 True if the passphrase matches the hash.
52 52
53 53 Examples
54 54 --------
55 55 In [1]: from IPython.lib.security import passwd_check
56 56
57 57 In [2]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
58 58 ...: 'mypassword')
59 59 Out[2]: True
60 60
61 61 In [3]: passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',
62 62 ...: 'anotherpassword')
63 63 Out[3]: False
64 64
65 65 """
66 # Algorithm and hash length
67 supported_algorithms = {'sha1': 40}
68
69 66 try:
70 67 algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)
71 68 except (ValueError, TypeError):
72 69 return False
73 70
74 if not (algorithm in supported_algorithms and \
75 len(pw_digest) == supported_algorithms[algorithm] and \
76 len(salt) == 4):
71 try:
72 h = hashlib.new(algorithm)
73 except ValueError:
74 return False
75
76 if len(pw_digest) == 0 or len(salt) != 4:
77 77 return False
78 78
79 h = hashlib.new(algorithm)
80 79 h.update(passphrase + salt)
81 80
82 81 return h.hexdigest() == pw_digest
General Comments 0
You need to be logged in to leave comments. Login now