| OLD | NEW |
|---|
| (Empty) |
| 1 """Class for storing SRP password verifiers.""" | |
| 2 | |
| 3 from utils.cryptomath import * | |
| 4 from utils.compat import * | |
| 5 import mathtls | |
| 6 from BaseDB import BaseDB | |
| 7 | |
| 8 class VerifierDB(BaseDB): | |
| 9 """This class represent an in-memory or on-disk database of SRP | |
| 10 password verifiers. | |
| 11 | |
| 12 A VerifierDB can be passed to a server handshake to authenticate | |
| 13 a client based on one of the verifiers. | |
| 14 | |
| 15 This class is thread-safe. | |
| 16 """ | |
| 17 def __init__(self, filename=None): | |
| 18 """Create a new VerifierDB instance. | |
| 19 | |
| 20 @type filename: str | |
| 21 @param filename: Filename for an on-disk database, or None for | |
| 22 an in-memory database. If the filename already exists, follow | |
| 23 this with a call to open(). To create a new on-disk database, | |
| 24 follow this with a call to create(). | |
| 25 """ | |
| 26 BaseDB.__init__(self, filename, "verifier") | |
| 27 | |
| 28 def _getItem(self, username, valueStr): | |
| 29 (N, g, salt, verifier) = valueStr.split(" ") | |
| 30 N = base64ToNumber(N) | |
| 31 g = base64ToNumber(g) | |
| 32 salt = base64ToString(salt) | |
| 33 verifier = base64ToNumber(verifier) | |
| 34 return (N, g, salt, verifier) | |
| 35 | |
| 36 def __setitem__(self, username, verifierEntry): | |
| 37 """Add a verifier entry to the database. | |
| 38 | |
| 39 @type username: str | |
| 40 @param username: The username to associate the verifier with. | |
| 41 Must be less than 256 characters in length. Must not already | |
| 42 be in the database. | |
| 43 | |
| 44 @type verifierEntry: tuple | |
| 45 @param verifierEntry: The verifier entry to add. Use | |
| 46 L{tlslite.VerifierDB.VerifierDB.makeVerifier} to create a | |
| 47 verifier entry. | |
| 48 """ | |
| 49 BaseDB.__setitem__(self, username, verifierEntry) | |
| 50 | |
| 51 | |
| 52 def _setItem(self, username, value): | |
| 53 if len(username)>=256: | |
| 54 raise ValueError("username too long") | |
| 55 N, g, salt, verifier = value | |
| 56 N = numberToBase64(N) | |
| 57 g = numberToBase64(g) | |
| 58 salt = stringToBase64(salt) | |
| 59 verifier = numberToBase64(verifier) | |
| 60 valueStr = " ".join( (N, g, salt, verifier) ) | |
| 61 return valueStr | |
| 62 | |
| 63 def _checkItem(self, value, username, param): | |
| 64 (N, g, salt, verifier) = value | |
| 65 x = mathtls.makeX(salt, username, param) | |
| 66 v = powMod(g, x, N) | |
| 67 return (verifier == v) | |
| 68 | |
| 69 | |
| 70 def makeVerifier(username, password, bits): | |
| 71 """Create a verifier entry which can be stored in a VerifierDB. | |
| 72 | |
| 73 @type username: str | |
| 74 @param username: The username for this verifier. Must be less | |
| 75 than 256 characters in length. | |
| 76 | |
| 77 @type password: str | |
| 78 @param password: The password for this verifier. | |
| 79 | |
| 80 @type bits: int | |
| 81 @param bits: This values specifies which SRP group parameters | |
| 82 to use. It must be one of (1024, 1536, 2048, 3072, 4096, 6144, | |
| 83 8192). Larger values are more secure but slower. 2048 is a | |
| 84 good compromise between safety and speed. | |
| 85 | |
| 86 @rtype: tuple | |
| 87 @return: A tuple which may be stored in a VerifierDB. | |
| 88 """ | |
| 89 return mathtls.makeVerifier(username, password, bits) | |
| 90 makeVerifier = staticmethod(makeVerifier) | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 211173006:
Perform tlslite 0.3.8 -> 0.4.6 renames ahead of time. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src