Comments (4)
As you noted, it was added for compatibility, but also to allow users to do OpenSSH private key encryption (#56). The bcrypt_pbkdf is almost pbkdf2, but changes a few small details and uses a "bcrypt hash" (see: https://github.com/pyca/bcrypt/blob/master/src/_csrc/bcrypt_pbkdf.c#L29-L49).
So it isn't using bcrypt the KDF, but it is using the expanded blowfish key schedule. Blame OpenBSD 😄. I definitely agree that we should document this function much better and steer users away from it since it is of limited utility unless you're looking for compatibility with OpenSSH private key encryption. A warning on low iteration count is probably also a good idea in general and I'd be happy to review a PR if you're interested in submitting one!
from bcrypt.
I'd be happy to review a PR if you're interested in submitting one!
Sure, it doesn't sound like much work. Would you say a warning (to sys.stderr) is better or should it throw an exception (since it shouldn't happen: any code doing that is broken crypto)?
from bcrypt.
I think a warning is appropriate. I'm concerned about using an exception because if a user has a pre-existing openssh key then deriving the key using bcrypt.kdf
should not fail even if their iteration count was unwisely low.
from bcrypt.
Fixed in pull request #104
from bcrypt.
Related Issues (20)
- Python2.7 ImportError: cannot import name _bcrypt HOT 3
- Document packages bundled inside wheels HOT 2
- python 3.7.3 HOT 4
- "Illegal instruction" on Raspberry Pi Zero HOT 10
- new release needed for python 3.12 compatibility at build time HOT 9
- New release results in bcrypt break HOT 22
- I use `bcrypt` with `passlib` HOT 2
- Install [email protected]. 400 bad request HOT 1
- AttributeError: module 'bcrypt' has no attribute '__about__' with new 4.1.1 version HOT 16
- install 4.1.1 on M2 chip failed HOT 1
- Why is the macOS 11/12 wheel dropped? HOT 3
- The bcrypt.hashpw(val1, val2) function always produces the same output even if the values are different. HOT 4
- [4.1.1] ImportError: PyO3 modules compiled for CPython 3.8 or older may only be initialized once per interpreter process HOT 14
- new version on mipsel 32 bit Atomic error HOT 4
- Is BSD license applicable?
- RFE: is it possible to start making github releases?🤔 HOT 2
- TypeError in checkpw HOT 1
- AttributeError: module 'bcrypt' has no attribute '__about__' with new 4.1.3 version HOT 4
- Error !! HOT 1
- cannot import name '__author__' from 'bcrypt._bcrypt' HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bcrypt.