예제 #1
0
def generate_password_hash(password, salt, N=1 << 14, r=8, p=1, buflen=64):
    """
    Generate password hash givin the password string and salt.

    Args:
        - ``password``: Password string.
        - ``salt`` : Random base64 encoded string.

    Optional args:
        - ``N`` : the CPU cost, must be a power of 2 greater than 1, defaults to 1 << 14.
        - ``r`` : the memory cost, defaults to 8.
        - ``p`` : the parallelization parameter, defaults to 1.

    The parameters r, p, and buflen must satisfy r * p < 2^30 and
    buflen <= (2^32 - 1) * 32.

    The recommended parameters for interactive logins as of 2009 are N=16384,
    r=8, p=1. Remember to use a good random salt.

    Returns:
        - base64 encoded scrypt hash.
    """
    if PYTHON2:
        password = password.encode('utf-8')
        salt = salt.encode('utf-8')
    pw_hash = scrypt_hash(password, salt, N, r, p, buflen)
    return enbase64(pw_hash)
예제 #2
0
 def set_password(self, password):
     salt = base64.b64encode(urandom(64))
     self.passsalt = salt
     self.passhash = base64.b64encode(
             scrypt_hash(
                 password.encode('utf-8'),
                 salt.encode('utf-8')))
예제 #3
0
def generate_password_hash(password, salt, N=1 << 14, r=8, p=1, buflen=64):
    """
    Generate password hash givin the password string and salt.

    Args:
        - ``password``: Password string.
        - ``salt`` : Random base64 encoded string.

    Optional args:
        - ``N`` : the CPU cost, must be a power of 2 greater than 1, defaults to 1 << 14.
        - ``r`` : the memory cost, defaults to 8.
        - ``p`` : the parallelization parameter, defaults to 1.

    The parameters r, p, and buflen must satisfy r * p < 2^30 and
    buflen <= (2^32 - 1) * 32.

    The recommended parameters for interactive logins as of 2009 are N=16384,
    r=8, p=1. Remember to use a good random salt.

    Returns:
        - base64 encoded scrypt hash.
    """
    if PYTHON2:
        password = password.encode('utf-8')
        salt = salt.encode('utf-8')
    pw_hash = scrypt_hash(password, salt, N, r, p, buflen)
    return enbase64(pw_hash)
예제 #4
0
def scrypt(password, salt):
    # Why did we choose the scrypt factors that we did? Well... we at least bothered to read the abstract of the scrypt
    # paper, which is apparently more than the creators of Litecoin (and all its clones) did. As such, we tried to tune
    # the parameters using the super-scientific method of timing it our our local development machines, aiming for
    # 100ms.  N= 1 << 15 turned out to be the magic number, as guessed correctly by mr. Percival himself:
    # https://github.com/golang/go/issues/22082#issuecomment-332983728

    # Having said that, remember that ancient truth of crypto-currency: everything you see is shoddily built, since you
    # can always paper over your mistakes with technobabble. Present coin included.

    # More (fun) reading:
    # https://bitcoin.stackexchange.com/questions/36642/why-did-litecoin-choose-the-scrypt-factors-that-they-did

    # buflen 32 was chosen... because scrypt's output is going to through sha256d anyway, so no sense in a greater
    # output space
    return scrypt_hash(password, salt, N=1 << 15, r=8, p=1, buflen=32)
예제 #5
0
 def check_password(self, password):
     candidate_hash = base64.b64encode(
             scrypt_hash(
                 password.encode('utf-8'),
                 self.passsalt.encode('utf-8')))
     return self.passhash.encode('utf-8') == candidate_hash