mix
/
kea_for_miners
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
9.7 MiB
Tree: 4759d3f703
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4759d3f703'
${ noResults }
kea_for_miners/venv/lib/python3.5/site-packages/bcrypt-3.1.4.dist-info/DESCRIPTION.rst

181 lines
4.8 KiB
Raw Normal View History

initial commit
8 years ago
 
  1. bcrypt

  2. ======

  3. 

  4. .. image:: https://img.shields.io/pypi/v/bcrypt.svg

  5.     :target: https://pypi.python.org/pypi/bcrypt/

  6.     :alt: Latest Version

  7. 

  8. .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master

  9.     :target: https://travis-ci.org/pyca/bcrypt

  10. 

  11. Modern password hashing for your software and your servers

  12. 

  13. 

  14. Installation

  15. ============

  16. 

  17. To install bcrypt, simply:

  18. 

  19. .. code:: bash

  20. 

  21.     $ pip install bcrypt

  22. 

  23. Note that bcrypt should build very easily on Linux provided you have a C compiler, headers for Python (if you're not using pypy), and headers for the libffi libraries available on your system.

  24. 

  25. For Debian and Ubuntu, the following command will ensure that the required dependencies are installed:

  26. 

  27. .. code:: bash

  28. 

  29.     $ sudo apt-get install build-essential libffi-dev python-dev

  30. 

  31. For Fedora and RHEL-derivatives, the following command will ensure that the required dependencies are installed:

  32. 

  33. .. code:: bash

  34. 

  35.     $ sudo yum install gcc libffi-devel python-devel

  36. 

  37. Changelog

  38. =========

  39. 

  40. 3.1.4

  41. -----

  42. 

  43. * Fixed compilation with mingw and on illumos.

  44. 

  45. 3.1.3

  46. -----

  47. * Fixed a compilation issue on Solaris.

  48. * Added a warning when using too few rounds with ``kdf``.

  49. 

  50. 3.1.2

  51. -----

  52. * Fixed a compile issue affecting big endian platforms.

  53. * Fixed invalid escape sequence warnings on Python 3.6.

  54. * Fixed building in non-UTF8 environments on Python 2.

  55. 

  56. 3.1.1

  57. -----

  58. * Resolved a ``UserWarning`` when used with ``cffi`` 1.8.3.

  59. 

  60. 3.1.0

  61. -----

  62. * Added support for ``checkpw``, a convenience method for verifying a password.

  63. * Ensure that you get a ``$2y$`` hash when you input a ``$2y$`` salt.

  64. * Fixed a regression where ``$2a`` hashes were vulnerable to a wraparound bug.

  65. * Fixed compilation under Alpine Linux.

  66. 

  67. 3.0.0

  68. -----

  69. * Switched the C backend to code obtained from the OpenBSD project rather than

  70.   openwall.

  71. * Added support for ``bcrypt_pbkdf`` via the ``kdf`` function.

  72. 

  73. 2.0.0

  74. -----

  75. * Added support for an adjustible prefix when calling ``gensalt``.

  76. * Switched to CFFI 1.0+

  77. 

  78. Usage

  79. -----

  80. 

  81. Password Hashing

  82. ~~~~~~~~~~~~~~~~

  83. 

  84. Hashing and then later checking that a password matches the previous hashed

  85. password is very simple:

  86. 

  87. .. code:: pycon

  88. 

  89.     >>> import bcrypt

  90.     >>> password = b"super secret password"

  91.     >>> # Hash a password for the first time, with a randomly-generated salt

  92.     >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())

  93.     >>> # Check that an unhashed password matches one that has previously been

  94.     >>> # hashed

  95.     >>> if bcrypt.checkpw(password, hashed):

  96.     ...     print("It Matches!")

  97.     ... else:

  98.     ...     print("It Does not Match :(")

  99. 

  100. KDF

  101. ~~~

  102. 

  103. As of 3.0.0 ``bcrypt`` now offers a ``kdf`` function which does ``bcrypt_pbkdf``.

  104. This KDF is used in OpenSSH's newer encrypted private key format.

  105. 

  106. .. code:: pycon

  107. 

  108.     >>> import bcrypt

  109.     >>> key = bcrypt.kdf(

  110.     ...     password=b'password',

  111.     ...     salt=b'salt',

  112.     ...     desired_key_bytes=32,

  113.     ...     rounds=100)

  114. 

  115. 

  116. Adjustable Work Factor

  117. ~~~~~~~~~~~~~~~~~~~~~~

  118. One of bcrypt's features is an adjustable logarithmic work factor. To adjust

  119. the work factor merely pass the desired number of rounds to

  120. ``bcrypt.gensalt(rounds=12)`` which defaults to 12):

  121. 

  122. .. code:: pycon

  123. 

  124.     >>> import bcrypt

  125.     >>> password = b"super secret password"

  126.     >>> # Hash a password for the first time, with a certain number of rounds

  127.     >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))

  128.     >>> # Check that a unhashed password matches one that has previously been

  129.     >>> #   hashed

  130.     >>> if bcrypt.checkpw(password, hashed):

  131.     ...     print("It Matches!")

  132.     ... else:

  133.     ...     print("It Does not Match :(")

  134. 

  135. 

  136. Adjustable Prefix

  137. ~~~~~~~~~~~~~~~~~

  138. 

  139. Another one of bcrypt's features is an adjustable prefix to let you define what

  140. libraries you'll remain compatible with. To adjust this, pass either ``2a`` or

  141. ``2b`` (the default) to ``bcrypt.gensalt(prefix=b"2b")`` as a bytes object.

  142. 

  143. As of 3.0.0 the ``$2y$`` prefix is still supported in ``hashpw`` but deprecated.

  144. 

  145. Maximum Password Length

  146. ~~~~~~~~~~~~~~~~~~~~~~~

  147. 

  148. The bcrypt algorithm only handles passwords up to 72 characters, any characters

  149. beyond that are ignored. To work around this, a common approach is to hash a

  150. password with a cryptographic hash (such as ``sha256``) and then base64

  151. encode it to prevent NULL byte problems before hashing the result with

  152. ``bcrypt``:

  153. 

  154. .. code:: pycon

  155. 

  156.     >>> password = b"an incredibly long password" * 10

  157.     >>> hashed = bcrypt.hashpw(

  158.     ...     base64.b64encode(hashlib.sha256(password).digest()),

  159.     ...     bcrypt.gensalt()

  160.     ... )

  161. 

  162. Compatibility

  163. -------------

  164. 

  165. This library should be compatible with py-bcrypt and it will run on Python

  166. 2.6+, 3.3+, and PyPy 2.6+.

  167. 

  168. C Code

  169. ------

  170. 

  171. This library uses code from OpenBSD.

  172. 

  173. Security

  174. --------

  175. 

  176. ``bcrypt`` follows the `same security policy as cryptography`_, if you

  177. identify a vulnerability, we ask you to contact us privately.

  178. 

  179. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/

  180. 

  181.

Powered by TurnKey Linux.