[Python-modules-commits] [python-bcrypt] 01/10: New upstream version 3.1.3
Daniel Stender
stender at moszumanska.debian.org
Thu Jul 20 17:51:29 UTC 2017
This is an automated email from the git hooks/post-receive script.
stender pushed a commit to branch debian/master
in repository python-bcrypt.
commit 41ce64a4a0d46c7b7356ee57067e00c25b509e9d
Author: Daniel Stender <stender at debian.org>
Date: Thu Jul 20 18:52:53 2017 +0200
New upstream version 3.1.3
---
PKG-INFO | 9 ++++++++-
README.rst | 5 +++++
setup.cfg | 1 -
setup.py | 2 ++
src/_csrc/portable_endian.h | 19 +++++++++++++++++++
src/_csrc/pycabcrypt.h | 5 +++++
src/bcrypt.egg-info/PKG-INFO | 9 ++++++++-
src/bcrypt/__about__.py | 2 +-
src/bcrypt/__init__.py | 13 ++++++++++++-
tests/test_bcrypt.py | 13 +++++++++++++
tox.ini | 2 +-
11 files changed, 74 insertions(+), 6 deletions(-)
diff --git a/PKG-INFO b/PKG-INFO
index f2d621f..63b372a 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: bcrypt
-Version: 3.1.2
+Version: 3.1.3
Summary: Modern password hashing for your software and your servers
Home-page: https://github.com/pyca/bcrypt/
Author: The Python Cryptographic Authority developers
@@ -45,6 +45,11 @@ Description: bcrypt
Changelog
=========
+ 3.1.3
+ -----
+ * Fixed a compilation issue on Solaris.
+ * Added a warning when using too few rounds with ``kdf``.
+
3.1.2
-----
* Fixed a compile issue affecting big endian platforms.
@@ -185,3 +190,5 @@ Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
+Classifier: Programming Language :: Python :: 3.5
+Classifier: Programming Language :: Python :: 3.6
diff --git a/README.rst b/README.rst
index fc08199..7ac19d9 100644
--- a/README.rst
+++ b/README.rst
@@ -37,6 +37,11 @@ For Fedora and RHEL-derivatives, the following command will ensure that the requ
Changelog
=========
+3.1.3
+-----
+* Fixed a compilation issue on Solaris.
+* Added a warning when using too few rounds with ``kdf``.
+
3.1.2
-----
* Fixed a compile issue affecting big endian platforms.
diff --git a/setup.cfg b/setup.cfg
index 861a9f5..8bfd5a1 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -1,5 +1,4 @@
[egg_info]
tag_build =
tag_date = 0
-tag_svn_revision = 0
diff --git a/setup.py b/setup.py
index 3ec6579..13a98f3 100644
--- a/setup.py
+++ b/setup.py
@@ -229,6 +229,8 @@ setup(
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.3",
"Programming Language :: Python :: 3.4",
+ "Programming Language :: Python :: 3.5",
+ "Programming Language :: Python :: 3.6",
],
ext_package="bcrypt",
diff --git a/src/_csrc/portable_endian.h b/src/_csrc/portable_endian.h
index 4816331..99c487e 100644
--- a/src/_csrc/portable_endian.h
+++ b/src/_csrc/portable_endian.h
@@ -161,6 +161,25 @@
# define __LITTLE_ENDIAN LITTLE_ENDIAN
# define __PDP_ENDIAN PDP_ENDIAN
+#elif defined(__sun)
+
+# include <sys/byteorder.h>
+
+# define htobe16(x) BE_16(x)
+# define htole16(x) LE_16(x)
+# define be16toh(x) BE_16(x)
+# define le16toh(x) LE_16(x)
+
+# define htobe32(x) BE_32(x)
+# define htole32(x) LE_32(x)
+# define be32toh(x) BE_32(x)
+# define le32toh(x) LE_32(x)
+
+# define htobe64(x) BE_64(x)
+# define htole64(x) LE_64(x)
+# define be64toh(x) BE_64(x)
+# define le64toh(x) LE_64(x)
+
#else
# error platform not supported
diff --git a/src/_csrc/pycabcrypt.h b/src/_csrc/pycabcrypt.h
index c1a8422..b71f577 100644
--- a/src/_csrc/pycabcrypt.h
+++ b/src/_csrc/pycabcrypt.h
@@ -14,6 +14,11 @@ typedef unsigned long long uint64_t;
typedef uint64_t u_int64_t;
#define snprintf _snprintf
#define __attribute__(unused)
+#elif defined(__sun)
+typedef uint8_t u_int8_t;
+typedef uint16_t u_int16_t;
+typedef uint32_t u_int32_t;
+typedef uint64_t u_int64_t;
#else
#include <stdint.h>
#endif
diff --git a/src/bcrypt.egg-info/PKG-INFO b/src/bcrypt.egg-info/PKG-INFO
index f2d621f..63b372a 100644
--- a/src/bcrypt.egg-info/PKG-INFO
+++ b/src/bcrypt.egg-info/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: bcrypt
-Version: 3.1.2
+Version: 3.1.3
Summary: Modern password hashing for your software and your servers
Home-page: https://github.com/pyca/bcrypt/
Author: The Python Cryptographic Authority developers
@@ -45,6 +45,11 @@ Description: bcrypt
Changelog
=========
+ 3.1.3
+ -----
+ * Fixed a compilation issue on Solaris.
+ * Added a warning when using too few rounds with ``kdf``.
+
3.1.2
-----
* Fixed a compile issue affecting big endian platforms.
@@ -185,3 +190,5 @@ Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
+Classifier: Programming Language :: Python :: 3.5
+Classifier: Programming Language :: Python :: 3.6
diff --git a/src/bcrypt/__about__.py b/src/bcrypt/__about__.py
index f8940a3..1d49d7a 100644
--- a/src/bcrypt/__about__.py
+++ b/src/bcrypt/__about__.py
@@ -26,7 +26,7 @@ __title__ = "bcrypt"
__summary__ = "Modern password hashing for your software and your servers"
__uri__ = "https://github.com/pyca/bcrypt/"
-__version__ = "3.1.2"
+__version__ = "3.1.3"
__author__ = "The Python Cryptographic Authority developers"
__email__ = "cryptography-dev at python.org"
diff --git a/src/bcrypt/__init__.py b/src/bcrypt/__init__.py
index 049e454..9fcb421 100644
--- a/src/bcrypt/__init__.py
+++ b/src/bcrypt/__init__.py
@@ -18,6 +18,7 @@ from __future__ import division
import os
import re
+import warnings
import six
@@ -112,7 +113,7 @@ def checkpw(password, hashed_password):
return _bcrypt.lib.timingsafe_bcmp(ret, hashed_password, len(ret)) == 0
-def kdf(password, salt, desired_key_bytes, rounds):
+def kdf(password, salt, desired_key_bytes, rounds, ignore_few_rounds=False):
if isinstance(password, six.text_type) or isinstance(salt, six.text_type):
raise TypeError("Unicode-objects must be encoded before hashing")
@@ -125,6 +126,16 @@ def kdf(password, salt, desired_key_bytes, rounds):
if rounds < 1:
raise ValueError("rounds must be 1 or more")
+ if rounds < 50 and not ignore_few_rounds:
+ # They probably think bcrypt.kdf()'s rounds parameter is logarithmic,
+ # expecting this value to be slow enough (it probably would be if this
+ # were bcrypt). Emit a warning.
+ warnings.warn((
+ "Warning: bcrypt.kdf() called with only {0} round(s). "
+ "This few is not secure: the parameter is linear, like PBKDF2.")
+ .format(rounds),
+ UserWarning)
+
key = _bcrypt.ffi.new("uint8_t[]", desired_key_bytes)
res = _bcrypt.lib.bcrypt_pbkdf(
password, len(password), salt, len(salt), key, len(key), rounds
diff --git a/tests/test_bcrypt.py b/tests/test_bcrypt.py
index fa9a410..7ad40f7 100644
--- a/tests/test_bcrypt.py
+++ b/tests/test_bcrypt.py
@@ -418,6 +418,19 @@ def test_kdf_str_salt():
)
+def test_kdf_no_warn_rounds():
+ bcrypt.kdf(
+ b"password", b"salt", 10, 10, True
+ )
+
+
+def test_kdf_warn_rounds():
+ with pytest.warns(UserWarning):
+ bcrypt.kdf(
+ b"password", b"salt", 10, 10
+ )
+
+
@pytest.mark.parametrize(
("password", "salt", "desired_key_bytes", "rounds", "error"),
[
diff --git a/tox.ini b/tox.ini
index 264d9aa..6417ccd 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
[tox]
-envlist = py26,py27,pypy,py33,py34,py35,pep8,py3pep8,packaging
+envlist = py26,py27,pypy,py33,py34,py35,py36,pep8,py3pep8,packaging
[testenv]
# If you add a new dep here you probably need to add it in setup.py as well
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-bcrypt.git
More information about the Python-modules-commits
mailing list