# [AuthAlpha]((https://pypi.org/project/AuthAlpha/))
[](https://pepy.tech/project/authalpha)
## Description
A python abstraction to generate and authenticate hashes of passwords and files of any type.
The package can also be used to implement classic and Time Based OTPs.
## Getting Started
### Installation:
* Use the package manager [pip](https://pip.pypa.io/en/stable/) to install the python modules required.
```bash
$ pip install AuthAlpha
```
* By default, `AuthAlpha` does NOT download all of its dependencies. This is the expected behaviour.
* In almost all use-cases a user only utilizes a single hash function. `AuthAlpha` leaves this choice to the user.
* `Password_Hashing.py->PassHashing` supports `argon2id`, `pbkdf2`, `bcrypt` and `scrypt`.
* None of these will be downloaded by default. Add them to your environemnt as you please.
```bash
$ pip install argon2-cffi
```
```bash
$ pip install bcrypt
```
```bash
$ pip install scrypt
```
* `PBKDF2` and its dependencies are already in the in-built `hashlib` module.
* `OTPMethods.py` requires `pyotp` and `pycryptodome` packages to generate `TOTPs`.
```bash
$ pip install pyotp
$ pip install pycryptodome
```
### Usage:
* See the [Tests](https://github.com/Theorist-Git/AuthAlpha/tree/master/Tests)
directory to see the detailed usage of every class and method.
### Supported hash types:
#### For passwords:
1. [argon2id](https://en.wikipedia.org/wiki/Argon2)
2. [PBKDF2:SHA family](https://en.wikipedia.org/wiki/PBKDF2)
3. [bcrypt](https://en.wikipedia.org/wiki/Bcrypt)
4. [scrypt](https://en.wikipedia.org/wiki/Scrypt)
#### For Files and other strings:
1. [SHA1](https://en.wikipedia.org/wiki/SHA-1)
2. [SHA2](https://en.wikipedia.org/wiki/SHA-2)
3. [SHA3](https://en.wikipedia.org/wiki/SHA-3)
## Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Addition of a new algorithm/class/method must be documented. Add a file named like 'Test_[Algorithm].py' under 'Tests' directory to demonstrate and test the working of the algorithm.
## Author(s)
Contributor names and contact info
* Mayank vats : [Theorist-git](https://github.com/Theorist-Git)
* Email: dev-theorist.e5xna@simplelogin.com
## Version History
See [commit history](https://github.com/Theorist-Git/AuthAlpha/commits/master)
* **0.8.6a**
* `bcrypt` salts now do not need to be formatted to `AuthAlpha` style hashes.
* Refactored code. Removed redundant code.
* Removed redundant install dependencies. The end user now controls the packages required. See `Installation` section.
* **0.8.5a**
* `Non_Password_Hashing` class can now generate hashes for strings as well.
* Added new test for `Non_Password_Hashing`.
* Minor enhancements to `Test_FileHashing.py`. Fixed `PEP` Warnings in `Password_hashing.py`
* **0.8.4a**
* Added check for correct salt in custom salt.(For some reason the salt must end with `.`, `O`, `e` or `u` in`bcrypt`)
* With a `16 bytes` salt, `2 padding bytes` are appended. Of the `128 bits` of the salt, `126 bits` can be grouped into `21 blocks of 6 bits` each. The last two bits can only form the blocks `000000`, `010000`, `100000` and `110000`, which are mapped to the chars `.`, `O`, `e` and `u` in the `bcrypt Base64 variant`. All following blocks consist of zero bits due to padding and are ignored by the bcrypt Base64 variant. This is the reason why all salts generated with `gensalt()` contain one of these 4 chars at the end. The salt with any other ending sequence is not a regular bcrypt Base64 encoding and thus not valid.
* `P.S`: Bug couldn't be replicated on Windows, AuthAlpha for now imposes that bcrypt salts must end with aforementioned characters.
* See [Stackoverflow-link/0.8.4a-Bug](https://stackoverflow.com/questions/69531552/missing-salt-why-is-the-salt-not-complete-after-using-hashpw-bcrypt)
* Added [pycryptodome](https://pypi.org/project/pycryptodome/) to project requirements. It will now be downloaded automatically
by pip during installation.
* **0.8.3a**
* Added support for custom salts to `bcrypt`.
* Added `__repr__` and `__str__` methods to all classes.
* Fixed bug in `bcrypt` hash checks where entire `hash+salt` was being passed as salt.
* Minor code enhancements.
* **0.8.2a**
* Introduced stricter type casting to `PassHashing` class resulting in cleaner code
and lower chances of runtime errors.
* **0.8.1a**
* `pbkdf2` code optimizations, re-wrote tests.
* **0.8.0a**
* Added `Encryption` and `Decryption` support in `OTPMethods.py` for TOTP tokens.
* **0.7.0a**
* Added OTP methods, updated email and README.md.
* **0.6.3a**
* Added project to PyPI.
* **0.6.2a**
* Fixed `scrypt` non-custom-hash, split the class into two to improve performance
* **0.6.1a**
* Minor Code Optimizations
* **0.6a**
* Added functionality to generate and check hashes of files.
* `AuthAlpha.py` SHA256 hash of this commit are in the file `Integrity.txt`. It will be updated with every commit.
* **0.5a**
* Added customizable cost parameters for `bcrypt`, `scrypt` and `PBKDF2:SHA` family.
* **0.4a**
* Added support for `scrypt`
* **0.3a**
* Added support for `bcrypt`
* **0.2a**
* Added support for `PBKDF2:SHA` family
* Enhanced and optimized code
* **0.1a**
* Initial Release
* **P.S: 0.1a means version 0.1 alpha**
## Documentation
**TBD**
In the meanwhile you can review the code, it is fully commented.
## PS
* After downloading, make sure you have the un-tampered files with you, check Integrity.txt to check the hashes of the
AuthAlpha file match with the ones you have. If they do not match, contact the author(s) immediately at
dev-theorist.e5xna@simplelogin.com.
## License
This project is licensed under the [GNU GPLv3](https://choosealicense.com/licenses/gpl-3.0/#) License - see LICENSE.txt file for more details.
Copyright (C) 2021-2023 Mayank Vats
Raw data
{
"_id": null,
"home_page": "https://github.com/Theorist-Git/AuthAlpha",
"name": "AuthAlpha",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "AUTHENTICATION,CRYPTOGRAPHY,HASHING,TWO FACTOR AUTHENTICATION",
"author": "Mayank Vats",
"author_email": "dev-theorist.e5xna@simplelogin.com",
"download_url": "https://files.pythonhosted.org/packages/8d/fa/edab0cb260efd331a0aa598477537e33a71c17f38238bdb1b5fcca8a270d/AuthAlpha-0.8.6a0.tar.gz",
"platform": null,
"description": "# [AuthAlpha]((https://pypi.org/project/AuthAlpha/))\n[](https://pepy.tech/project/authalpha)\n## Description\n\nA python abstraction to generate and authenticate hashes of passwords and files of any type.\nThe package can also be used to implement classic and Time Based OTPs.\n\n## Getting Started\n\n### Installation:\n\n* Use the package manager [pip](https://pip.pypa.io/en/stable/) to install the python modules required.\n```bash\n$ pip install AuthAlpha\n```\n* By default, `AuthAlpha` does NOT download all of its dependencies. This is the expected behaviour.\n* In almost all use-cases a user only utilizes a single hash function. `AuthAlpha` leaves this choice to the user.\n* `Password_Hashing.py->PassHashing` supports `argon2id`, `pbkdf2`, `bcrypt` and `scrypt`.\n * None of these will be downloaded by default. Add them to your environemnt as you please.\n ```bash\n $ pip install argon2-cffi\n ```\n ```bash\n $ pip install bcrypt\n ```\n ```bash\n $ pip install scrypt\n ```\n* `PBKDF2` and its dependencies are already in the in-built `hashlib` module.\n\n* `OTPMethods.py` requires `pyotp` and `pycryptodome` packages to generate `TOTPs`.\n ```bash\n $ pip install pyotp\n $ pip install pycryptodome\n ``` \n\n### Usage:\n* See the [Tests](https://github.com/Theorist-Git/AuthAlpha/tree/master/Tests)\ndirectory to see the detailed usage of every class and method.\n\n### Supported hash types:\n\n#### For passwords:\n1. [argon2id](https://en.wikipedia.org/wiki/Argon2)\n2. [PBKDF2:SHA family](https://en.wikipedia.org/wiki/PBKDF2)\n3. [bcrypt](https://en.wikipedia.org/wiki/Bcrypt)\n4. [scrypt](https://en.wikipedia.org/wiki/Scrypt)\n\n#### For Files and other strings:\n1. [SHA1](https://en.wikipedia.org/wiki/SHA-1)\n2. [SHA2](https://en.wikipedia.org/wiki/SHA-2)\n3. [SHA3](https://en.wikipedia.org/wiki/SHA-3)\n\n## Contributing\nPull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.\n\nAddition of a new algorithm/class/method must be documented. Add a file named like 'Test_[Algorithm].py' under 'Tests' directory to demonstrate and test the working of the algorithm.\n\n## Author(s)\n\nContributor names and contact info\n* Mayank vats : [Theorist-git](https://github.com/Theorist-Git)\n * Email: dev-theorist.e5xna@simplelogin.com\n\n## Version History\nSee [commit history](https://github.com/Theorist-Git/AuthAlpha/commits/master)\n* **0.8.6a**\n * `bcrypt` salts now do not need to be formatted to `AuthAlpha` style hashes.\n * Refactored code. Removed redundant code.\n * Removed redundant install dependencies. The end user now controls the packages required. See `Installation` section.\n* **0.8.5a**\n * `Non_Password_Hashing` class can now generate hashes for strings as well.\n * Added new test for `Non_Password_Hashing`.\n * Minor enhancements to `Test_FileHashing.py`. Fixed `PEP` Warnings in `Password_hashing.py`\n* **0.8.4a**\n * Added check for correct salt in custom salt.(For some reason the salt must end with `.`, `O`, `e` or `u` in`bcrypt`)\n * With a `16 bytes` salt, `2 padding bytes` are appended. Of the `128 bits` of the salt, `126 bits` can be grouped into `21 blocks of 6 bits` each. The last two bits can only form the blocks `000000`, `010000`, `100000` and `110000`, which are mapped to the chars `.`, `O`, `e` and `u` in the `bcrypt Base64 variant`. All following blocks consist of zero bits due to padding and are ignored by the bcrypt Base64 variant. This is the reason why all salts generated with `gensalt()` contain one of these 4 chars at the end. The salt with any other ending sequence is not a regular bcrypt Base64 encoding and thus not valid.\n * `P.S`: Bug couldn't be replicated on Windows, AuthAlpha for now imposes that bcrypt salts must end with aforementioned characters.\n * See [Stackoverflow-link/0.8.4a-Bug](https://stackoverflow.com/questions/69531552/missing-salt-why-is-the-salt-not-complete-after-using-hashpw-bcrypt)\n * Added [pycryptodome](https://pypi.org/project/pycryptodome/) to project requirements. It will now be downloaded automatically\n by pip during installation.\n* **0.8.3a**\n * Added support for custom salts to `bcrypt`.\n * Added `__repr__` and `__str__` methods to all classes.\n * Fixed bug in `bcrypt` hash checks where entire `hash+salt` was being passed as salt.\n * Minor code enhancements.\n* **0.8.2a**\n * Introduced stricter type casting to `PassHashing` class resulting in cleaner code\n and lower chances of runtime errors.\n* **0.8.1a**\n * `pbkdf2` code optimizations, re-wrote tests.\n* **0.8.0a**\n * Added `Encryption` and `Decryption` support in `OTPMethods.py` for TOTP tokens.\n* **0.7.0a**\n * Added OTP methods, updated email and README.md.\n* **0.6.3a**\n * Added project to PyPI.\n* **0.6.2a**\n * Fixed `scrypt` non-custom-hash, split the class into two to improve performance\n* **0.6.1a**\n * Minor Code Optimizations \n* **0.6a**\n * Added functionality to generate and check hashes of files.\n * `AuthAlpha.py` SHA256 hash of this commit are in the file `Integrity.txt`. It will be updated with every commit.\n* **0.5a**\n * Added customizable cost parameters for `bcrypt`, `scrypt` and `PBKDF2:SHA` family.\n* **0.4a**\n * Added support for `scrypt`\n* **0.3a**\n * Added support for `bcrypt`\n* **0.2a**\n * Added support for `PBKDF2:SHA` family\n * Enhanced and optimized code\n* **0.1a**\n * Initial Release\n\n* **P.S: 0.1a means version 0.1 alpha**\n\n## Documentation\n**TBD**\nIn the meanwhile you can review the code, it is fully commented.\n\n## PS\n\n* After downloading, make sure you have the un-tampered files with you, check Integrity.txt to check the hashes of the\nAuthAlpha file match with the ones you have. If they do not match, contact the author(s) immediately at\ndev-theorist.e5xna@simplelogin.com.\n\n## License\n\nThis project is licensed under the [GNU GPLv3](https://choosealicense.com/licenses/gpl-3.0/#) License - see LICENSE.txt file for more details.\n\nCopyright (C) 2021-2023 Mayank Vats\n\n\n",
"bugtrack_url": null,
"license": "GNU GPLv3",
"summary": "A python abstraction to generate and authenticate hashes of passwords and files of any type. The",
"version": "0.8.6a0",
"project_urls": {
"Download": "https://github.com/Theorist-Git/AuthAlpha/archive/refs/tags/v0.8.6-alpha.tar.gz",
"Homepage": "https://github.com/Theorist-Git/AuthAlpha"
},
"split_keywords": [
"authentication",
"cryptography",
"hashing",
"two factor authentication"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "8dfaedab0cb260efd331a0aa598477537e33a71c17f38238bdb1b5fcca8a270d",
"md5": "22c0b48a81e99f01926abd9920834a29",
"sha256": "742a0df282e0921069d07a5f39295930c18bf7bfd7dd4a51962df48ad57bb6fb"
},
"downloads": -1,
"filename": "AuthAlpha-0.8.6a0.tar.gz",
"has_sig": false,
"md5_digest": "22c0b48a81e99f01926abd9920834a29",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 20663,
"upload_time": "2023-11-13T13:44:30",
"upload_time_iso_8601": "2023-11-13T13:44:30.168060Z",
"url": "https://files.pythonhosted.org/packages/8d/fa/edab0cb260efd331a0aa598477537e33a71c17f38238bdb1b5fcca8a270d/AuthAlpha-0.8.6a0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-11-13 13:44:30",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "Theorist-Git",
"github_project": "AuthAlpha",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "authalpha"
}
JSON
