Skip to content

erlichmen/py-bcrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
__init__.py
__init__.py
 
 
bcrypt.py
bcrypt.py
 
 
blowfish.py
blowfish.py
 
 
readme
readme
 
 
simple_test.py
simple_test.py
 
 
test.py
test.py
 
 

Repository files navigation

The is a native Python implementation of the py-bcrypt package from http://www.mindrot.org/projects/py-bcrypt/ made by Damien Miller.
--- begin excerpt from the original package

py-bcrypt is a Python wrapper of OpenBSD's Blowfish password hashing code, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazières.

This system hashes passwords using a version of Bruce Schneier's Blowfish block cipher with modifications designed to raise the cost of off-line password cracking and frustrate fast hardware implementation. The computation cost of the algorithm is parametised, so it can be increased as computers get faster. The intent is to make a compromise of a password database less likely to result in an attacker gaining knowledge of the plaintext passwords (e.g. using John the Ripper).

py-bcrypt requires Python 2.4. Older versions may work, but the bcrypt.gensalt() method won't - it requires the cryptographic random number generator os.urandom() introduced in 2.4.

py-bcrypt is licensed under a ISC/BSD licence. The underlying Blowfish and hashing code implementation is taken from OpenBSD's libc and is subject to a 4-term BSD license. See the LICENSE file for details.

The API is very simple:

import bcrypt

# Hash a password for the first time, with a randomly-generated salt
hashed = bcrypt.hashpw(password, bcrypt.gensalt())

# gensalt's log_rounds parameter determines the complexity.
# The work factor is 2**log_rounds, and the default is 12
hashed = bcrypt.hashpw(password, bcrypt.gensalt(10))

# Check that an unencrypted password matches one that has
# previously been hashed
if bcrypt.hashpw(password, hashed) == hashed:
        print "It matches"
else:
        print "It does not match"

--- end excerpt from the original package

This excerpt pretty much sums up this package also with two main differences:
1. This package is 100% native python.
2. Is is two orders of magnitude slower!, so gensalt() by default only generate the salt using 1 round instead of 1024 rounds as in the original package.
The hash is still quite strong but not as strong as . 

Use this package when you need to generate a password hash and you can only use native python <cough>Google App Engine</cough>

I did some obvious optimization to speed things up and I will be more then happy if someone will make it go faster

The package comes with the original unittest of the native package and passes all the tests.

About

A native python bcrypt

Resources

Readme
Activity

Stars

67 stars

Watchers

2 watching

Forks

14 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy