pollutri
/
res_levis_API
1
0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 0 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
203 MiB
 
 
 
 
Branch: master
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van 'master'
${ noResults }
res_levis_API/lib/python3.6/site-packages/bcrypt-3.1.7.dist-info/METADATA

239 regels
7.1 KiB
Ruw Permalink Blame Geschiedenis 

  1. Metadata-Version: 2.1

  2. Name: bcrypt

  3. Version: 3.1.7

  4. Summary: Modern password hashing for your software and your servers

  5. Home-page: https://github.com/pyca/bcrypt/

  6. Author: The Python Cryptographic Authority developers

  7. Author-email: cryptography-dev@python.org

  8. License: Apache License, Version 2.0

  9. Platform: UNKNOWN

  10. Classifier: Development Status :: 5 - Production/Stable

  11. Classifier: License :: OSI Approved :: Apache Software License

  12. Classifier: Programming Language :: Python :: Implementation :: CPython

  13. Classifier: Programming Language :: Python :: Implementation :: PyPy

  14. Classifier: Programming Language :: Python :: 2

  15. Classifier: Programming Language :: Python :: 2.7

  16. Classifier: Programming Language :: Python :: 3

  17. Classifier: Programming Language :: Python :: 3.4

  18. Classifier: Programming Language :: Python :: 3.5

  19. Classifier: Programming Language :: Python :: 3.6

  20. Classifier: Programming Language :: Python :: 3.7

  21. Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*

  22. Requires-Dist: cffi (>=1.1)

  23. Requires-Dist: six (>=1.4.1)

  24. Provides-Extra: tests

  25. Requires-Dist: pytest (!=3.3.0,>=3.2.1) ; extra == 'tests'

  26. 

  27. bcrypt

  28. ======

  29. 

  30. .. image:: https://img.shields.io/pypi/v/bcrypt.svg

  31.     :target: https://pypi.org/project/bcrypt/

  32.     :alt: Latest Version

  33. 

  34. .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master

  35.     :target: https://travis-ci.org/pyca/bcrypt

  36. 

  37. .. image:: https://dev.azure.com/pyca/bcrypt/_apis/build/status/bcrypt-CI?branchName=master

  38.     :target: https://dev.azure.com/pyca/bcrypt/_build/latest?definitionId=8&branchName=master

  39. 

  40. Good password hashing for your software and your servers

  41. 

  42. 

  43. Installation

  44. ============

  45. 

  46. To install bcrypt, simply:

  47. 

  48. .. code:: bash

  49. 

  50.     $ pip install bcrypt

  51. 

  52. Note that bcrypt should build very easily on Linux provided you have a C compiler, headers for Python (if you're not using pypy), and headers for the libffi libraries available on your system.

  53. 

  54. For Debian and Ubuntu, the following command will ensure that the required dependencies are installed:

  55. 

  56. .. code:: bash

  57. 

  58.     $ sudo apt-get install build-essential libffi-dev python-dev

  59. 

  60. For Fedora and RHEL-derivatives, the following command will ensure that the required dependencies are installed:

  61. 

  62. .. code:: bash

  63. 

  64.     $ sudo yum install gcc libffi-devel python-devel

  65. 

  66. Alternatives

  67. ============

  68. 

  69. While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_.

  70. 

  71. Changelog

  72. =========

  73. 

  74. 3.1.7

  75. -----

  76. 

  77. * Set a ``setuptools`` lower bound for PEP517 wheel building.

  78. * We no longer distribute 32-bit ``manylinux1`` wheels. Continuing to produce

  79.   them was a maintenance burden.

  80. 

  81. 3.1.6

  82. -----

  83. 

  84. * Added support for compilation on Haiku.

  85. 

  86. 3.1.5

  87. -----

  88. 

  89. * Added support for compilation on AIX.

  90. * Dropped Python 2.6 and 3.3 support.

  91. * Switched to using ``abi3`` wheels for Python 3. If you are not getting a

  92.   wheel on a compatible platform please upgrade your ``pip`` version.

  93. 

  94. 3.1.4

  95. -----

  96. 

  97. * Fixed compilation with mingw and on illumos.

  98. 

  99. 3.1.3

  100. -----

  101. * Fixed a compilation issue on Solaris.

  102. * Added a warning when using too few rounds with ``kdf``.

  103. 

  104. 3.1.2

  105. -----

  106. * Fixed a compile issue affecting big endian platforms.

  107. * Fixed invalid escape sequence warnings on Python 3.6.

  108. * Fixed building in non-UTF8 environments on Python 2.

  109. 

  110. 3.1.1

  111. -----

  112. * Resolved a ``UserWarning`` when used with ``cffi`` 1.8.3.

  113. 

  114. 3.1.0

  115. -----

  116. * Added support for ``checkpw``, a convenience method for verifying a password.

  117. * Ensure that you get a ``$2y$`` hash when you input a ``$2y$`` salt.

  118. * Fixed a regression where ``$2a`` hashes were vulnerable to a wraparound bug.

  119. * Fixed compilation under Alpine Linux.

  120. 

  121. 3.0.0

  122. -----

  123. * Switched the C backend to code obtained from the OpenBSD project rather than

  124.   openwall.

  125. * Added support for ``bcrypt_pbkdf`` via the ``kdf`` function.

  126. 

  127. 2.0.0

  128. -----

  129. * Added support for an adjustible prefix when calling ``gensalt``.

  130. * Switched to CFFI 1.0+

  131. 

  132. Usage

  133. -----

  134. 

  135. Password Hashing

  136. ~~~~~~~~~~~~~~~~

  137. 

  138. Hashing and then later checking that a password matches the previous hashed

  139. password is very simple:

  140. 

  141. .. code:: pycon

  142. 

  143.     >>> import bcrypt

  144.     >>> password = b"super secret password"

  145.     >>> # Hash a password for the first time, with a randomly-generated salt

  146.     >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())

  147.     >>> # Check that an unhashed password matches one that has previously been

  148.     >>> # hashed

  149.     >>> if bcrypt.checkpw(password, hashed):

  150.     ...     print("It Matches!")

  151.     ... else:

  152.     ...     print("It Does not Match :(")

  153. 

  154. KDF

  155. ~~~

  156. 

  157. As of 3.0.0 ``bcrypt`` now offers a ``kdf`` function which does ``bcrypt_pbkdf``.

  158. This KDF is used in OpenSSH's newer encrypted private key format.

  159. 

  160. .. code:: pycon

  161. 

  162.     >>> import bcrypt

  163.     >>> key = bcrypt.kdf(

  164.     ...     password=b'password',

  165.     ...     salt=b'salt',

  166.     ...     desired_key_bytes=32,

  167.     ...     rounds=100)

  168. 

  169. 

  170. Adjustable Work Factor

  171. ~~~~~~~~~~~~~~~~~~~~~~

  172. One of bcrypt's features is an adjustable logarithmic work factor. To adjust

  173. the work factor merely pass the desired number of rounds to

  174. ``bcrypt.gensalt(rounds=12)`` which defaults to 12):

  175. 

  176. .. code:: pycon

  177. 

  178.     >>> import bcrypt

  179.     >>> password = b"super secret password"

  180.     >>> # Hash a password for the first time, with a certain number of rounds

  181.     >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))

  182.     >>> # Check that a unhashed password matches one that has previously been

  183.     >>> #   hashed

  184.     >>> if bcrypt.checkpw(password, hashed):

  185.     ...     print("It Matches!")

  186.     ... else:

  187.     ...     print("It Does not Match :(")

  188. 

  189. 

  190. Adjustable Prefix

  191. ~~~~~~~~~~~~~~~~~

  192. 

  193. Another one of bcrypt's features is an adjustable prefix to let you define what

  194. libraries you'll remain compatible with. To adjust this, pass either ``2a`` or

  195. ``2b`` (the default) to ``bcrypt.gensalt(prefix=b"2b")`` as a bytes object.

  196. 

  197. As of 3.0.0 the ``$2y$`` prefix is still supported in ``hashpw`` but deprecated.

  198. 

  199. Maximum Password Length

  200. ~~~~~~~~~~~~~~~~~~~~~~~

  201. 

  202. The bcrypt algorithm only handles passwords up to 72 characters, any characters

  203. beyond that are ignored. To work around this, a common approach is to hash a

  204. password with a cryptographic hash (such as ``sha256``) and then base64

  205. encode it to prevent NULL byte problems before hashing the result with

  206. ``bcrypt``:

  207. 

  208. .. code:: pycon

  209. 

  210.     >>> password = b"an incredibly long password" * 10

  211.     >>> hashed = bcrypt.hashpw(

  212.     ...     base64.b64encode(hashlib.sha256(password).digest()),

  213.     ...     bcrypt.gensalt()

  214.     ... )

  215. 

  216. Compatibility

  217. -------------

  218. 

  219. This library should be compatible with py-bcrypt and it will run on Python

  220. 2.7, 3.4+, and PyPy 2.6+.

  221. 

  222. C Code

  223. ------

  224. 

  225. This library uses code from OpenBSD.

  226. 

  227. Security

  228. --------

  229. 

  230. ``bcrypt`` follows the `same security policy as cryptography`_, if you

  231. identify a vulnerability, we ask you to contact us privately.

  232. 

  233. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/

  234. .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt

  235. .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io

  236. .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt

  237.