[Python-modules-commits] [python-bcrypt] 01/01: Import python-bcrypt_2.0.0.orig.tar.xz
Daniel Stender
danstender-guest at moszumanska.debian.org
Fri Jan 1 19:42:01 UTC 2016
This is an automated email from the git hooks/post-receive script.
danstender-guest pushed a commit to branch upstream
in repository python-bcrypt.
commit f0c87673943ca9ae04935bbe74d759199263c98e
Author: Daniel Stender <debian at danielstender.com>
Date: Fri Jan 1 15:42:20 2016 +0100
Import python-bcrypt_2.0.0.orig.tar.xz
---
LICENSE | 359 +++++-----
MANIFEST.in | 3 +
PKG-INFO | 124 +++-
README | 53 --
README.rst | 87 +++
TODO | 3 -
bcrypt/__init__.py | 55 --
bcrypt/bcrypt.c | 293 ---------
bcrypt/bcrypt_pbkdf.c | 160 -----
bcrypt/bcrypt_python.c | 333 ----------
bcrypt/blowfish.c | 472 --------------
bcrypt/pybc_blf.h | 93 ---
bcrypt/pybc_sha2.h | 63 --
bcrypt/sha2.c | 394 -----------
bcrypt/timingsafe_bcmp.c | 29 -
setup.cfg | 5 +
setup.py | 282 ++++++--
src/bcrypt.egg-info/PKG-INFO | 105 +++
src/bcrypt.egg-info/SOURCES.txt | 30 +
src/bcrypt.egg-info/dependency_links.txt | 1 +
src/bcrypt.egg-info/not-zip-safe | 1 +
src/bcrypt.egg-info/pbr.json | 1 +
src/bcrypt.egg-info/requires.txt | 5 +
src/bcrypt.egg-info/top_level.txt | 1 +
src/bcrypt/__about__.py | 35 +
src/bcrypt/__init__.py | 68 ++
src/build_bcrypt.py | 47 ++
src/crypt_blowfish-1.3/LINKS | 29 +
src/crypt_blowfish-1.3/Makefile | 77 +++
src/crypt_blowfish-1.3/PERFORMANCE | 30 +
src/crypt_blowfish-1.3/README | 68 ++
src/crypt_blowfish-1.3/crypt.3 | 575 ++++++++++++++++
src/crypt_blowfish-1.3/crypt.h | 24 +
src/crypt_blowfish-1.3/crypt_blowfish.c | 907 ++++++++++++++++++++++++++
src/crypt_blowfish-1.3/crypt_blowfish.h | 27 +
src/crypt_blowfish-1.3/crypt_gensalt.c | 124 ++++
src/crypt_blowfish-1.3/crypt_gensalt.h | 30 +
src/crypt_blowfish-1.3/glibc-2.1.3-crypt.diff | 53 ++
src/crypt_blowfish-1.3/glibc-2.14-crypt.diff | 55 ++
src/crypt_blowfish-1.3/glibc-2.3.6-crypt.diff | 52 ++
src/crypt_blowfish-1.3/ow-crypt.h | 43 ++
src/crypt_blowfish-1.3/wrapper.c | 551 ++++++++++++++++
src/crypt_blowfish-1.3/x86.S | 203 ++++++
test/test.py | 216 ------
44 files changed, 3763 insertions(+), 2403 deletions(-)
diff --git a/LICENSE b/LICENSE
index a71feed..11069ed 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,160 +1,201 @@
-The Python binding code is subject to this license:
-
-/*
- * Copyright (c) 2006 Damien Miller <djm at mindrot.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-The underlying blowfish code is derived from OpenBSD libc and is
-subject to the following license:
-
-/*
- * Blowfish block cipher for OpenBSD
- * Copyright 1997 Niels Provos <provos at physnet.uni-hamburg.de>
- * All rights reserved.
- *
- * Implementation advice by David Mazieres <dm at lcs.mit.edu>.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by Niels Provos.
- * 4. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-The underlying bcrypt (hashing) code is derived from OpenBSD libc and is
-subject to the following license:
-
-/*
- * Copyright 1997 Niels Provos <provos at physnet.uni-hamburg.de>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by Niels Provos.
- * 4. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-The KDF code is from OpenBSD libutil and is subject to the following licence:
-
-/*
- * Copyright (c) 2013 Ted Unangst <tedu at openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-The SHA512 code is from OpenBSD libc and is subject to the following license:
-
-/*
- * FILE: sha2.c
- * AUTHOR: Aaron D. Gifford <me at aarongifford.com>
- *
- * Copyright (c) 2000-2001, Aaron D. Gifford
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the copyright holder nor the names of contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $From: sha2.c,v 1.1 2001/11/08 00:01:51 adg Exp adg $
- */
-
-The timingsafe_bcmp is from OpenBSD libc and is subject to the following
-license:
-
-/*
- * Copyright (c) 2010 Damien Miller. All rights reserved.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/MANIFEST.in b/MANIFEST.in
new file mode 100644
index 0000000..ea1c0a0
--- /dev/null
+++ b/MANIFEST.in
@@ -0,0 +1,3 @@
+include LICENSE README.rst
+include src/build_bcrypt.py
+recursive-include src/crypt_blowfish-1.3 *
diff --git a/PKG-INFO b/PKG-INFO
index 4961934..ba87b01 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,23 +1,105 @@
-Metadata-Version: 1.0
-Name: py-bcrypt
-Version: 0.4
-Summary: bcrypt password hashing and key derivation
-Home-page: https://code.google.com/p/py-bcrypt
-Author: Damien Miller
-Author-email: djm at mindrot.org
-License: BSD
-Description: py-bcrypt is an implementation the OpenBSD Blowfish password hashing
- algorithm, as described in "A Future-Adaptable Password Scheme" by
- Niels Provos and David Mazieres and related bcrypt-based key derivation
- function implemented in OpenBSD libutil.
-
- This system hashes passwords using a version of Bruce Schneier's
- Blowfish block cipher with modifications designed to raise the cost
- of off-line password cracking. The computation cost of the algorithm
- is parametised, so it can be increased as computers get faster.
-
- Two interfaces are supported: a classic password hashing interface and
- a key derivation function (KDF) intended for generating cryptographic
- keys.
+Metadata-Version: 1.1
+Name: bcrypt
+Version: 2.0.0
+Summary: Modern password hashing for your software and your servers
+Home-page: https://github.com/pyca/bcrypt/
+Author: Donald Stufft
+Author-email: donald at stufft.io
+License: Apache License, Version 2.0
+Description: bcrypt
+ ======
+
+ .. image:: https://pypip.in/version/bcrypt/badge.svg?style=flat
+ :target: https://pypi.python.org/pypi/bcrypt/
+ :alt: Latest Version
+
+ .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master
+ :target: https://travis-ci.org/pyca/bcrypt
+
+ Modern password hashing for your software and your servers
+
+
+ Installation
+ ============
+
+ To install bcrypt, simply:
+
+ .. code:: bash
+
+ $ pip install bcrypt
+
+
+ Usage
+ -----
+
+ Basic
+ ~~~~~
+
+ Hashing and then later checking that a password matches the previous hashed
+ password is very simple:
+
+ .. code:: pycon
+
+ >>> import bcrypt
+ >>> password = b"super secret password"
+ >>> # Hash a password for the first time, with a randomly-generated salt
+ >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())
+ >>> # Check that a unhashed password matches one that has previously been
+ >>> # hashed
+ >>> if bcrypt.hashpw(password, hashed) == hashed:
+ ... print("It Matches!")
+ ... else:
+ ... print("It Does not Match :(")
+
+
+ Adjustable Work Factor
+ ~~~~~~~~~~~~~~~~~~~~~~
+ One of bcrypt's features is an adjustable logarithmic work factor. To adjust
+ the work factor merely pass the desired number of rounds to
+ ``bcrypt.gensalt(rounds=12)`` which defaults to 12):
+
+ .. code:: pycon
+
+ >>> import bcrypt
+ >>> password = b"super secret password"
+ >>> # Hash a password for the first time, with a certain number of rounds
+ >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))
+ >>> # Check that a unhashed password matches one that has previously been
+ >>> # hashed
+ >>> if bcrypt.hashpw(password, hashed) == hashed:
+ ... print("It Matches!")
+ ... else:
+ ... print("It Does not Match :(")
+
+
+ Adjustable Prefix
+ ~~~~~~~~~~~~~~~~~
+
+ Another one of bcrypt's features is an adjustable prefix to let you define what
+ libraries you'll remain compatible with. To adjust this, pass either ``2a`` or
+ ``2b`` (the default) to ``bcrypt.gensalt(prefix=b"2b")`` as a bytes object.
+
+
+ Compatibility
+ -------------
+
+ This library should be compatible with py-bcrypt and it will run on Python
+ 2.6+, 3.2+, and PyPy.
+
+ Security
+ --------
+
+ ``bcrypt`` follows the `same security policy as cryptography`_, if you
+ identify a vulnerability, we ask you to contact us privately.
+
+ .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/
Platform: UNKNOWN
+Classifier: Programming Language :: Python :: Implementation :: CPython
+Classifier: Programming Language :: Python :: Implementation :: PyPy
+Classifier: Programming Language :: Python :: 2
+Classifier: Programming Language :: Python :: 2.6
+Classifier: Programming Language :: Python :: 2.7
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.2
+Classifier: Programming Language :: Python :: 3.3
diff --git a/README b/README
deleted file mode 100644
index c69b736..0000000
--- a/README
+++ /dev/null
@@ -1,53 +0,0 @@
-py-bcrypt is an implementation the OpenBSD Blowfish password hashing
-algorithm, as described in "A Future-Adaptable Password Scheme" by Niels
-Provos and David Mazieres: http://www.openbsd.org/papers/bcrypt-paper.ps
-
-This system hashes passwords using a version of Bruce Schneier's
-Blowfish block cipher with modifications designed to raise the cost of
-off-line password cracking. The computation cost of the algorithm is
-parametised, so it can be increased as computers get faster.
-
-py-bcrypt requires Python 2.4. Older versions may work, but the
-bcrypt.gensalt() method won't - it requires the cryptographic random
-number generator os.urandom() introduced in 2.4.
-
-To install, use the standard Python distutils incantation:
-
- python setup.py build
- python setup.py install
-
-Regression tests are in the test/test.py file. This is deliberately in
-a subdirectory so it does not mistakenly pick up the top-level bcrypt/
-directory. ***PLEASE*** run the regress tests and ensure they pass before
-installing this module.
-
-py-bcrypt is licensed under a ISC/BSD licence. The underlying Blowfish
-and password hashing code is taken from OpenBSD's libc. See the LICENSE
-file for details.
-
-Please report bugs to Damien Miller <djm at mindrot.org>. Please check the
-TODO file first, in case your problem is something I already know about
-(please send patches!)
-
-A simple example that demonstrates most of the features:
-
- import bcrypt
-
- # Hash a password for the first time
- hashed = bcrypt.hashpw(password, bcrypt.gensalt())
-
- # gensalt's log_rounds parameter determines the complexity
- # the work factor is 2**log_rounds, and the default is 12
- hashed = bcrypt.hashpw(password, bcrypt.gensalt(10))
-
- # Check that an unencrypted password matches one that has
- # previously been hashed.
- if bcrypt.checkpw(plaintext, hashed):
- print "It matches"
- else:
- print "It does not match"
-
- # Generate a 256-bit cryptographic key
- key = bcrypt.kdf(password, salt, 100, 256/8)
-
-$Id$
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..1fa3bbd
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,87 @@
+bcrypt
+======
+
+.. image:: https://pypip.in/version/bcrypt/badge.svg?style=flat
+ :target: https://pypi.python.org/pypi/bcrypt/
+ :alt: Latest Version
+
+.. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master
+ :target: https://travis-ci.org/pyca/bcrypt
+
+Modern password hashing for your software and your servers
+
+
+Installation
+============
+
+To install bcrypt, simply:
+
+.. code:: bash
+
+ $ pip install bcrypt
+
+
+Usage
+-----
+
+Basic
+~~~~~
+
+Hashing and then later checking that a password matches the previous hashed
+password is very simple:
+
+.. code:: pycon
+
+ >>> import bcrypt
+ >>> password = b"super secret password"
+ >>> # Hash a password for the first time, with a randomly-generated salt
+ >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())
+ >>> # Check that a unhashed password matches one that has previously been
+ >>> # hashed
+ >>> if bcrypt.hashpw(password, hashed) == hashed:
+ ... print("It Matches!")
+ ... else:
+ ... print("It Does not Match :(")
+
+
+Adjustable Work Factor
+~~~~~~~~~~~~~~~~~~~~~~
+One of bcrypt's features is an adjustable logarithmic work factor. To adjust
+the work factor merely pass the desired number of rounds to
+``bcrypt.gensalt(rounds=12)`` which defaults to 12):
+
+.. code:: pycon
+
+ >>> import bcrypt
+ >>> password = b"super secret password"
+ >>> # Hash a password for the first time, with a certain number of rounds
+ >>> hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))
+ >>> # Check that a unhashed password matches one that has previously been
+ >>> # hashed
+ >>> if bcrypt.hashpw(password, hashed) == hashed:
+ ... print("It Matches!")
+ ... else:
+ ... print("It Does not Match :(")
+
+
+Adjustable Prefix
+~~~~~~~~~~~~~~~~~
+
+Another one of bcrypt's features is an adjustable prefix to let you define what
+libraries you'll remain compatible with. To adjust this, pass either ``2a`` or
+``2b`` (the default) to ``bcrypt.gensalt(prefix=b"2b")`` as a bytes object.
+
+
+Compatibility
+-------------
+
+This library should be compatible with py-bcrypt and it will run on Python
+2.6+, 3.2+, and PyPy.
+
+Security
+--------
+
+``bcrypt`` follows the `same security policy as cryptography`_, if you
+identify a vulnerability, we ask you to contact us privately.
+
+.. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/
diff --git a/TODO b/TODO
deleted file mode 100644
index e59859b..0000000
--- a/TODO
+++ /dev/null
@@ -1,3 +0,0 @@
-Improve regress tests: tests for bad parameters
-
-$Id$
diff --git a/bcrypt/__init__.py b/bcrypt/__init__.py
deleted file mode 100644
index 78d945d..0000000
--- a/bcrypt/__init__.py
+++ /dev/null
@@ -1,55 +0,0 @@
-"""OpenBSD Blowfish password hashing.
-
-This module implements the OpenBSD Blowfish password hashing
-algorithm, as described in "A Future-Adaptable Password Scheme" by
-Niels Provos and David Mazieres.
-
-This system hashes passwords using a version of Bruce Schneier's
-Blowfish block cipher with modifications designed to raise the cost
-of off-line password cracking. The computation cost of the algorithm
-is parametised, so it can be increased as computers get faster.
-
-Passwords are hashed using the hashpw() routine:
-
- hashpw(password, salt) -> hashed_password
-
-Salts for the the second parameter may be randomly generated using the
-gensalt() function:
-
- gensalt(log_rounds = 12) -> random_salt
-
-The parameter "log_rounds" defines the complexity of the hashing. The
-cost increases as 2**log_rounds.
-
-Passwords can be checked against a hashed copy using the checkpw() routine:
-
- checkpw(password, hashed_password) -> boolean (true if matched)
-
-Passwords and salts for the hashpw and gensalt functions are text strings
-that must not contain embedded nul (ASCII 0) characters.
-
-This module also operates as a key derivation function (KDF) to transform a
-password and salt into bytes suitable for use as cryptographic key material:
-
- kdf(password, salt, desired_length, rounds) -> key
-
-This will generate a key of "desired_length" in bytes (NB. not bits). For the
-KDF mode the "rounds" parameter is the literal rounds, not the logarithm as
-for gensalt. For the KDF case, "salt" and "password" may be binary strings
-containing embedded nul characters. Note also that the "salt" for the KDF
-should just be a random sequence of bytes (e.g. as generated by os.urandom)
-and not one prepared with gensalt().
-
-The KDF mode is recommended for generating symmetric cipher keys, IVs, hash
-and MAC keys, etc. It should not be used a keystream for encryption itself.
-"""
-
-import os
-from bcrypt._bcrypt import *
-
-def gensalt(log_rounds = 12):
- """Generate a random text salt for use with hashpw(). "log_rounds"
- defines the complexity of the hashing, increasing the cost as
- 2**log_rounds."""
- return encode_salt(os.urandom(16), min(max(log_rounds, 4), 31))
-
diff --git a/bcrypt/bcrypt.c b/bcrypt/bcrypt.c
deleted file mode 100644
index 8f5812d..0000000
--- a/bcrypt/bcrypt.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/* $OpenBSD: bcrypt.c,v 1.20 2006/04/03 19:55:49 deraadt Exp $ */
-
-/*
- * Copyright 1997 Niels Provos <provos at physnet.uni-hamburg.de>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by Niels Provos.
- * 4. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* This password hashing algorithm was designed by David Mazieres
- * <dm at lcs.mit.edu> and works as follows:
- *
- * 1. state := InitState ()
- * 2. state := ExpandKey (state, salt, password) 3.
- * REPEAT rounds:
- * state := ExpandKey (state, 0, salt)
- * state := ExpandKey(state, 0, password)
- * 4. ctext := "OrpheanBeholderScryDoubt"
- * 5. REPEAT 64:
- * ctext := Encrypt_ECB (state, ctext);
- * 6. RETURN Concatenate (salt, ctext);
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <string.h>
-
-#include "pybc_blf.h"
-
-#if defined(_WIN32)
-#define snprintf _snprintf
-#define bzero(s,n) memset(s, '\0', n)
-#endif
-
-/* This implementation is adaptable to current computing power.
- * You can have up to 2^31 rounds which should be enough for some
- * time to come.
- */
-
-#define BCRYPT_VERSION '2'
-#define BCRYPT_MAXSALT 16 /* Precomputation is just so nice */
-#define BCRYPT_BLOCKS 6 /* Ciphertext blocks */
-#define BCRYPT_MINROUNDS 16 /* we have log2(rounds) in salt */
-
-int pybc_bcrypt(const char *, const char *, char *, size_t);
-void encode_salt(char *, u_int8_t *, u_int16_t, u_int8_t);
-
-static void encode_base64(u_int8_t *, u_int8_t *, u_int16_t);
-static void decode_base64(u_int8_t *, u_int16_t, u_int8_t *);
-
-const static u_int8_t Base64Code[] =
-"./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-
-const static u_int8_t index_64[128] = {
- 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
- 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
- 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
- 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
- 255, 255, 255, 255, 255, 255, 0, 1, 54, 55,
- 56, 57, 58, 59, 60, 61, 62, 63, 255, 255,
- 255, 255, 255, 255, 255, 2, 3, 4, 5, 6,
- 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
- 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27,
- 255, 255, 255, 255, 255, 255, 28, 29, 30,
- 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
- 41, 42, 43, 44, 45, 46, 47, 48, 49, 50,
- 51, 52, 53, 255, 255, 255, 255, 255
-};
-#define CHAR64(c) ( (c) > 127 ? 255 : index_64[(c)])
-
-static void
-decode_base64(u_int8_t *buffer, u_int16_t len, u_int8_t *data)
-{
- u_int8_t *bp = buffer;
- u_int8_t *p = data;
- u_int8_t c1, c2, c3, c4;
- while (bp < buffer + len) {
- c1 = CHAR64(*p);
- c2 = CHAR64(*(p + 1));
-
- /* Invalid data */
- if (c1 == 255 || c2 == 255)
- break;
-
- *bp++ = (c1 << 2) | ((c2 & 0x30) >> 4);
- if (bp >= buffer + len)
- break;
-
- c3 = CHAR64(*(p + 2));
- if (c3 == 255)
- break;
-
- *bp++ = ((c2 & 0x0f) << 4) | ((c3 & 0x3c) >> 2);
- if (bp >= buffer + len)
- break;
-
- c4 = CHAR64(*(p + 3));
- if (c4 == 255)
- break;
- *bp++ = ((c3 & 0x03) << 6) | c4;
-
- p += 4;
- }
-}
-
-void
-encode_salt(char *salt, u_int8_t *csalt, u_int16_t clen, u_int8_t logr)
-{
- salt[0] = '$';
- salt[1] = BCRYPT_VERSION;
- salt[2] = 'a';
- salt[3] = '$';
-
- snprintf(salt + 4, 4, "%2.2u$", logr);
-
- encode_base64((u_int8_t *) salt + 7, csalt, clen);
-}
-
-/* We handle $Vers$log2(NumRounds)$salt+passwd$
- i.e. $2$04$iwouldntknowwhattosayetKdJ6iFtacBqJdKe6aW7ou */
-
-int
-pybc_bcrypt(const char *key, const char *salt, char *result, size_t result_len)
-{
- pybc_blf_ctx state;
- u_int32_t rounds, i, k;
- u_int16_t j;
- u_int8_t key_len, salt_len, logr, minor;
- u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt";
- u_int8_t csalt[BCRYPT_MAXSALT];
- u_int32_t cdata[BCRYPT_BLOCKS];
- int n;
- char encrypted[128];
- size_t elen;
-
- /* Return the error marker unless otherwise specified */
- bzero(result, result_len);
- *result = ':';
-
- /* Discard "$" identifier */
- salt++;
-
- if (*salt > BCRYPT_VERSION)
- return -1;
-
- /* Check for minor versions */
- if (salt[1] != '$') {
- switch (salt[1]) {
- case 'a':
- /* 'ab' should not yield the same as 'abab' */
- minor = salt[1];
- salt++;
- break;
- default:
- return -1;
- }
- } else
- minor = 0;
-
- /* Discard version + "$" identifier */
- salt += 2;
-
- if (salt[2] != '$')
- /* Out of sync with passwd entry */
- return -1;
-
- /* Computer power doesn't increase linear, 2^x should be fine */
- n = atoi(salt);
- if (n > 31 || n < 0)
- return -1;
- logr = (u_int8_t)n;
- if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS)
- return -1;
-
- /* Discard num rounds + "$" identifier */
- salt += 3;
-
- if (strlen(salt) * 3 / 4 < BCRYPT_MAXSALT)
- return -1;
-
- /* We dont want the base64 salt but the raw data */
- decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt);
- salt_len = BCRYPT_MAXSALT;
- key_len = strlen(key) + (minor >= 'a' ? 1 : 0);
-
- /* Setting up S-Boxes and Subkeys */
- pybc_Blowfish_initstate(&state);
- pybc_Blowfish_expandstate(&state, csalt, salt_len,
- (u_int8_t *) key, key_len);
- for (k = 0; k < rounds; k++) {
... 5490 lines suppressed ...
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-bcrypt.git
More information about the Python-modules-commits
mailing list