Skip to main content

Scrypt for Python

Project description

There are a lot of different scrypt modules for Python, but none of them have everything that I’d like, so here’s One More1.

Features

  • Uses system libscrypt2 as the first choice.

  • If that isn’t available, tries the scrypt Python module3.

  • Offers a pure Python scrypt implementation for when there’s no C scrypt.

  • Not unusably slow, even in pure Python… at least with pypy4.

With PyPy as the interpreter the Python implementation is around one fifth the speed of C scrypt. With cPython it is one fiftieth if libsodium5 is available, one two-hundredth if not.

Requirements

  • Python 2.7 or 3.4 or so. Pypy 2.2 also works. Older versions may or may not.

  • If you want speed: libscrypt 1.8+ (older may work) or py-scrypt 0.6+ or pypy

Usage

You most likely want to create MCF hashes and store them somewhere, then check user-entered passwords against those hashes. For that you only need to use two functions from the API:

from pylibscrypt import *
# Generate an MCF hash with random salt
mcf = scrypt_mcf('Hello World')
# Test it
print(scrypt_mcf_check(mcf, 'Hello World'))   # prints True
print(scrypt_mcf_check(mcf, 'HelloPyWorld'))  # prints False

For full API, you can try help(pylibscrypt) from python.

Versioning

The package has a version number that can be read from python like so:

print(pylibscrypt.__version__)

The version number is of the form X.Y.Z, following Semantic Versioning6. Releases are tagged vX.Y.Z and release branches bX.Y.x when they differ from master.

Development

Development happens on GitHub2. If you find a bug, please open an issue there.

tests.py tests both implementations with some quick tests. Running either implementation directly will also compare to scrypt test vectors from the paper but this is slow for the Python version unless you have pypy. The best way to report a bug is to also provide a new test that fails, but that is not required.

The run_coverage.sh script calls coverage.py7 to report test coverage. If you would like to include a new feature, it should be adequately covered with tests.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pylibscrypt-1.1.0.tar.gz (11.9 kB view details)

Uploaded Source

File details

Details for the file pylibscrypt-1.1.0.tar.gz.

File metadata

  • Download URL: pylibscrypt-1.1.0.tar.gz
  • Upload date:
  • Size: 11.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for pylibscrypt-1.1.0.tar.gz
Algorithm Hash digest
SHA256 87c3e3d362b23027c81b38612bb07c97223b88eaffcf95190da64c395a0817a7
MD5 2f51dc388d2ec9b6b90c82915ce1509d
BLAKE2b-256 5f5508c9edb0a4a0a0ca1abbc5b319d2d7092720b0b9343285ca01ca0773d2e0

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page