Source Code for Module pulp.server.auth.password_util

 1  #!/usr/bin/env python 
 2  # -*- coding: utf-8 -*- 
 3  # 
 4  # Copyright © 2010 Red Hat, Inc. 
 5  # 
 6  # This software is licensed to you under the GNU General Public License, 
 7  # version 2 (GPLv2). There is NO WARRANTY for this software, express or 
 8  # implied, including the implied warranties of MERCHANTABILITY or FITNESS 
 9  # FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 
10  # along with this software; if not, see 
11  # http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. 
12  # 
13  # Red Hat trademarks are not licensed under GPLv2. No permission is 
14  # granted to use or replicate Red Hat trademarks that are incorporated 
15  # in this software or its documentation. 
16   
17  """ 
18  Taken from stackoverflow.com : http://tinyurl.com/2f6gx7s 
19  """ 
20   
21  from hashlib import sha256 
22  from hmac import HMAC 
23  import random 
24   
25   
26  NUM_ITERATIONS = 5000 
27   
28   
29 -def random_bytes(num_bytes): 
30      return "".join(chr(random.randrange(256)) for i in xrange(num_bytes)) 
31   
32 -def pbkdf_sha256(password, salt, iterations): 
33      result = password 
34      for i in xrange(iterations): 
35          result = HMAC(result, salt, sha256).digest() # use HMAC to apply the salt 
36      return result 
37   
38   
39 -def hash_password(plain_password): 
40      salt = random_bytes(8) # 64 bits 
41      hashed_password = pbkdf_sha256(plain_password, salt, NUM_ITERATIONS) 
42      # return the salt and hashed password, encoded in base64 and split with "," 
43      return salt.encode("base64").strip() + "," + hashed_password.encode("base64").strip() 
44   
45 -def check_password(saved_password_entry, plain_password): 
46      salt, hashed_password = saved_password_entry.split(",") 
47      salt = salt.decode("base64") 
48      hashed_password = hashed_password.decode("base64") 
49      pbkdbf = pbkdf_sha256(plain_password, salt, NUM_ITERATIONS) 
50      return hashed_password == pbkdbf 
51