sql_app: crypto: added crypto python helper fucntions
Idea is to isolate cryptography from database managment code. Signed-off-by: HeshamTB <hishaminv@gmail.com>
This commit is contained in:
parent
3922d659da
commit
75984d1f1f
29
sql_app/crypto.py
Normal file
29
sql_app/crypto.py
Normal file
@ -0,0 +1,29 @@
|
||||
|
||||
import os
|
||||
from hashlib import pbkdf2_hmac
|
||||
|
||||
PASS_ENCODING='utf-8'
|
||||
HASH_FUNC='sha256'
|
||||
NUM_ITIRATIONS=100000
|
||||
|
||||
def get_new_salt(n_bytes : int = 32) -> bytes:
|
||||
|
||||
if type(n_bytes) != int:
|
||||
n_bytes = 32 # Forece in case of misuse
|
||||
|
||||
return os.urandom(n_bytes)
|
||||
|
||||
"""
|
||||
Generate a new key and salt to store.
|
||||
Returns (key, salt)
|
||||
"""
|
||||
def gen_new_key(plain_passwd : str) -> tuple:
|
||||
salt = get_new_salt(32)
|
||||
return (calc_key(plain_passwd, salt), salt)
|
||||
|
||||
def verify_key(plain_passwd : str, salt : bytes, stored_key : bytes) -> bool:
|
||||
key_tmp = calc_key(plain_passwd, salt)
|
||||
return (stored_key == key_tmp)
|
||||
|
||||
def calc_key(passwd: str, salt : bytes) -> bytes:
|
||||
return pbkdf2_hmac(HASH_FUNC, passwd.encode(PASS_ENCODING), salt, NUM_ITIRATIONS)
|
Loading…
Reference in New Issue
Block a user