def gen_user_pwrd_hash_and_salt(self, user_pass, hash_func=SHA256.new, rand_pool=Random.new()): def gen_user_salt(rand_pool, num_salt_bytes=USR_DB_SALT_SIZE): return (rand_pool.read(num_salt_bytes)) def gen_user_hash(user_pwrd, user_salt, hash_func=SHA256_HASH_FUNC): assert (type(user_pwrd) == str) assert (type(user_salt) == str) user_hash = hash_func(user_pwrd + user_salt) for i in xrange(PWRD_HASH_ROUNDS): user_hash = hash_func(user_hash.digest() + user_salt) return (user_hash.digest()) user_pass = DECODE_FUNC(user_pass.encode("utf-8")) user_salt = gen_user_salt(rand_pool) user_hash = gen_user_hash(user_pass, user_salt, hash_func) assert (type(user_salt) == str) assert (type(user_hash) == str) return (ENCODE_FUNC(user_hash), ENCODE_FUNC(user_salt))
def secure_test_user_pwrd(self, user_inst, user_pwrd, hash_func = SHA256_HASH_FUNC): user_pwrd = DECODE_FUNC(user_pwrd.encode(UNICODE_ENCODING)) user_salt = DECODE_FUNC(user_inst.randsalt.encode(UNICODE_ENCODING)) user_hash = hash_func(user_pwrd + user_salt) for i in xrange(PWRD_HASH_ROUNDS): user_hash = hash_func(user_hash.digest() + user_salt) return (user_inst.password.encode(UNICODE_ENCODING) == ENCODE_FUNC(user_hash.digest()))
def secure_test_user_pwrd(self, user_inst, user_pwrd, hash_func=SHA256.new): user_pwrd = DECODE_FUNC(user_pwrd.encode("utf-8")) user_salt = DECODE_FUNC(user_inst.randsalt.encode("utf-8")) user_hash = hash_func(user_pwrd + user_salt) for i in xrange(PWRD_HASH_ROUNDS): user_hash = hash_func(user_hash.digest() + user_salt) return (user_inst.password.encode("utf-8") == ENCODE_FUNC( user_hash.digest()))
def gen_user_pwrd_hash_and_salt(self, user_pass, hash_func = SHA256_HASH_FUNC, rand_pool = GLOBAL_RAND_POOL): def gen_user_salt(rand_pool, num_salt_bytes = USR_DB_SALT_SIZE): return (rand_pool.read(num_salt_bytes)) def gen_user_hash(user_pwrd, user_salt, hash_func = SHA256_HASH_FUNC): assert(type(user_pwrd) == str) assert(type(user_salt) == str) user_hash = hash_func(user_pwrd + user_salt) for i in xrange(PWRD_HASH_ROUNDS): user_hash = hash_func(user_hash.digest() + user_salt) return (user_hash.digest()) user_pass = DECODE_FUNC(user_pass.encode(UNICODE_ENCODING)) user_salt = gen_user_salt(rand_pool) user_hash = gen_user_hash(user_pass, user_salt, hash_func) assert(type(user_salt) == str) assert(type(user_hash) == str) return (ENCODE_FUNC(user_hash), ENCODE_FUNC(user_salt))