Skip to content

Add salt #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
sarnthil wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Add salt #16

Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
d03390d
Add a 1st hash version .
sarnthil Jan 20, 2020
0eff83a
Change te pwhash
sarnthil Jan 20, 2020
67ae9f4
Remove salt
sarnthil Jan 20, 2020
db3b5b1
Merge branch 'hashing' into salting
sarnthil Jan 20, 2020
c05fe8f
Salting
sarnthil Jan 20, 2020
78a8dc5
Remove unused import
sarnthil Jan 20, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 34 additions & 21 deletions auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,58 +1,71 @@
import getpass
import pickle
import sys
import hashlib
import secrets


def get_credentials():
username = input('Enter your username: ')
password = getpass.getpass('Enter your password: ')
return username, hash_string(password)

def hash_string(inputstring):
# hash the string
hashed_password = sum(ord(char) for char in inputstring)
return hashed_password

username = input("Enter your username: ")
password = getpass.getpass("Enter your password: ")
return username, password


def authenticate(username, password, pwdb):
if username in pwdb:
if password == pwdb[username]:
salt = pwdb[username][1]
if pwhash(password, salt) == pwdb[username][0]:
return True
return False


def read_pwdb(pwdb_file):
pwdb_file.seek(0)
pwdb = pickle.load(pwdb_file)
return pwdb


def write_pwdb(pwdb, pwdb_file):
pwdb_file.seek(0)
pickle.dump(pwdb, pwdb_file)


def add_user(username, password, pwdb):
pwdb[username] = password
salt = secrets.token_hex(32)
pwdb[username] = pwhash(password, salt), salt
return pwdb

if __name__ == '__main__':
DEFAULT_PWDB = 'pwdb.pkl'

def pwhash(password, salt):
H = hashlib.sha3_512()
H.update(password.encode())
H.update(salt.encode())
return H.hexdigest()


if __name__ == "__main__":
DEFAULT_PWDB = "pwdb.pkl"

try:
pwdb_file = open(DEFAULT_PWDB, 'rb+')
pwdb_file = open(DEFAULT_PWDB, "rb+")
except FileNotFoundError:
pwdb_file = open(DEFAULT_PWDB, 'wb')
pwdb_file = open(DEFAULT_PWDB, "wb")
pickle.dump({}, pwdb_file)
pwdb_file.close()
print('Created empty pw database!')
print("Created empty pw database!")
sys.exit(0)

username, password = get_credentials()
pwdb = read_pwdb(pwdb_file)

if authenticate(username, password, pwdb):
print('Successfull authentication', username, password)
print("Successfull authentication", username, password)
else:
ans = input('User not known or password is wrong. Do you want to add the '
'user to the password database? [y/n]')
ans = input(
"User not known or password is wrong. Do you want to add the "
"user to the password database? [y/n]"
)

if ans == 'y':
if ans == "y":
add_user(username, password, pwdb)
write_pwdb(pwdb, pwdb_file)