tlslite.verifierdb module¶
Class for storing SRP password verifiers.
-
class
tlslite.verifierdb.
VerifierDB
(filename=None)¶ Bases:
tlslite.basedb.BaseDB
This class represent an in-memory or on-disk database of SRP password verifiers.
A VerifierDB can be passed to a server handshake to authenticate a client based on one of the verifiers.
This class is thread-safe.
-
__init__
(filename=None)¶ Create a new VerifierDB instance.
Parameters: filename (str) – Filename for an on-disk database, or None for an in-memory database. If the filename already exists, follow this with a call to open(). To create a new on-disk database, follow this with a call to create().
-
__setitem__
(username, verifierEntry)¶ Add a verifier entry to the database.
Parameters: - username (str) – The username to associate the verifier with. Must be less than 256 characters in length. Must not already be in the database.
- verifierEntry (tuple) – The verifier entry to add. Use
makeVerifier()
to create a verifier entry.
-
static
makeVerifier
(username, password, bits)¶ Create a verifier entry which can be stored in a VerifierDB.
Parameters: - username (str) – The username for this verifier. Must be less than 256 characters in length.
- password (str) – The password for this verifier.
- bits (int) – This values specifies which SRP group parameters to use. It must be one of (1024, 1536, 2048, 3072, 4096, 6144, 8192). Larger values are more secure but slower. 2048 is a good compromise between safety and speed.
Return type: tuple
Returns: A tuple which may be stored in a VerifierDB.
-