tlslite.verifierdb module

Class for storing SRP password verifiers.

class tlslite.verifierdb.VerifierDB(filename=None)[source]

Bases: BaseDB

This class represent an in-memory or on-disk database of SRP password verifiers.

A VerifierDB can be passed to a server handshake to authenticate a client based on one of the verifiers.

This class is thread-safe.

__init__(filename=None)[source]

Create a new VerifierDB instance.

Parameters:

filename (str) – Filename for an on-disk database, or None for an in-memory database. If the filename already exists, follow this with a call to open(). To create a new on-disk database, follow this with a call to create().

__setitem__(username, verifierEntry)[source]

Add a verifier entry to the database.

Parameters:

  • username (str) – The username to associate the verifier with. Must be less than 256 characters in length. Must not already be in the database.

  • verifierEntry (tuple) – The verifier entry to add. Use makeVerifier() to create a verifier entry.

static makeVerifier(username, password, bits)[source]

Create a verifier entry which can be stored in a VerifierDB.

Parameters:

  • username (str) – The username for this verifier. Must be less than 256 characters in length.

  • password (str) – The password for this verifier.

  • bits (int) – This values specifies which SRP group parameters to use. It must be one of (1024, 1536, 2048, 3072, 4096, 6144, 8192). Larger values are more secure but slower. 2048 is a good compromise between safety and speed.

Return type:

tuple

Returns:

A tuple which may be stored in a VerifierDB.

tlslite.verifierdb.bytes_to_int(bytes, byteorder='big', *, signed=False)

Return the integer represented by the given array of bytes.

bytes

Holds the array of bytes to convert. The argument must either support the buffer protocol or be an iterable object producing bytes. Bytes and bytearray are examples of built-in objects that support the buffer protocol.

byteorder

The byte order used to represent the integer. If byteorder is ‘big’, the most significant byte is at the beginning of the byte array. If byteorder is ‘little’, the most significant byte is at the end of the byte array. To request the native byte order of the host system, use `sys.byteorder’ as the byte order value. Default is to use ‘big’.

signed

Indicates whether two’s complement is used to represent the integer.