Verify that a given passphrase matches its hashed version. Parameters ---------- hashed_passphrase : str Hashed password, in the format returned by `passwd`. passphrase : str Passphrase to validate. Returns ------- valid : bool True if the passph
(hashed_passphrase, passphrase)
| 71 | |
| 72 | |
| 73 | def passwd_check(hashed_passphrase, passphrase): |
| 74 | """Verify that a given passphrase matches its hashed version. |
| 75 | |
| 76 | Parameters |
| 77 | ---------- |
| 78 | hashed_passphrase : str |
| 79 | Hashed password, in the format returned by `passwd`. |
| 80 | passphrase : str |
| 81 | Passphrase to validate. |
| 82 | |
| 83 | Returns |
| 84 | ------- |
| 85 | valid : bool |
| 86 | True if the passphrase matches the hash. |
| 87 | |
| 88 | Examples |
| 89 | -------- |
| 90 | >>> from IPython.lib.security import passwd_check |
| 91 | >>> passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a', |
| 92 | ... 'mypassword') |
| 93 | True |
| 94 | |
| 95 | >>> passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a', |
| 96 | ... 'anotherpassword') |
| 97 | False |
| 98 | """ |
| 99 | try: |
| 100 | algorithm, salt, pw_digest = hashed_passphrase.split(':', 2) |
| 101 | except (ValueError, TypeError): |
| 102 | return False |
| 103 | |
| 104 | try: |
| 105 | h = hashlib.new(algorithm) |
| 106 | except ValueError: |
| 107 | return False |
| 108 | |
| 109 | if len(pw_digest) == 0: |
| 110 | return False |
| 111 | |
| 112 | h.update(encode(passphrase, 'utf-8') + encode(salt, 'ascii')) |
| 113 | |
| 114 | return h.hexdigest() == pw_digest |