Scrypt for Python
=================
|Build Status| |Coverage Status| |PyPI version|
There are a lot of different scrypt modules for Python, but none of them
have everything that I’d like, so here’s One
More\ `1 <https://xkcd.com/927/>`__.
Features
--------
- Uses hashlib.scrypt on Python 3.6+ and OpenSSL 1.1+.
- Uses system libscrypt\ `2 <https://github.com/technion/libscrypt>`__
as the next choice.
- If neither is available, tries the scrypt Python
module\ `3 <https://bitbucket.org/mhallin/py-scrypt/src>`__ or
libsodium\ `4 <https://github.com/jedisct1/libsodium>`__.
- Offers a pure Python scrypt implementation for when there is no C
scrypt.
- Not unusably slow, even in pure Python… at least with
pypy\ `5 <http://pypy.org/>`__.
With PyPy as the interpreter the Python implementation is around one
fifth the speed of C scrypt. With CPython it is about 250x slower.
Requirements
------------
- Python 3.4+. Equivalent versions of PyPy should also work.
- For Python 2.7.8+ support install the latest version 1.x instead.
- If you want speed, you should use one of:
- Python 3.6+ with OpenSSL 1.1+
- libscrypt 1.8+ (older may work)
- py-scrypt 0.6+ (pip install scrypt)
- libsodium 1.0+
Usage
-----
You can install the most recent release from PyPi using:
::
pip install pylibscrypt
You most likely want to create MCF hashes and store them somewhere, then
check user-entered passwords against those hashes. For that you only
need to use two functions from the API:
::
from pylibscrypt import scrypt_mcf, scrypt_mcf_check
# Generate an MCF hash with random salt
mcf = scrypt_mcf('Hello World')
# Test it
print(scrypt_mcf_check(mcf, 'Hello World')) # prints True
print(scrypt_mcf_check(mcf, 'HelloPyWorld')) # prints False
For full API, you can try help(pylibscrypt) from python after importing.
It is highly recommended that you use a random salt, i.e. don’t pass
one.
Versioning
----------
The package has a version number that can be read from python like so:
::
print(pylibscrypt.__version__)
The version number is of the form X.Y.Z, following Semantic
Versioning\ `6 <http://semver.org/spec/v2.0.0.html>`__. Unreleased
versions include a -git version specifier, e.g. 2.0.0-git < 2.0.0.
Releases are tagged vX.Y.Z and release branches bX.Y.x when they differ
from master.
Development
-----------
Development happens on
GitHub\ `7 <https://github.com/jvarho/pylibscrypt>`__. If you find a
bug, please open an issue there.
Running pylibscrypt.tests will test all implementations with some quick
tests. Running any implementation directly
(e.g. pylibscrypt.pylibsodium) will also compare to scrypt test vectors
from the paper but this is slow for the pure Python version (pypyscrypt)
unless running with pypy.
You can test more comprehensively using the docker test environment.
Either build and run using ``make docker-run`` or pull the
jvarho/pylibscrypt image and run using
``docker run -v ${PWD}:/app jvarho/pylibscrypt``.
Pull requests should be automatically tested and will not be merged if
broken.
.. |Build Status| image:: https://travis-ci.org/jvarho/pylibscrypt.svg
:target: https://travis-ci.org/jvarho/pylibscrypt
.. |Coverage Status| image:: https://coveralls.io/repos/github/jvarho/pylibscrypt/badge.svg?branch=master
:target: https://coveralls.io/github/jvarho/pylibscrypt?branch=master
.. |PyPI version| image:: https://img.shields.io/pypi/v/pylibscrypt.svg
:target: https://pypi.python.org/pypi/pylibscrypt
Raw data
{
"_id": null,
"home_page": "https://github.com/jvarho/pylibscrypt",
"name": "pylibscrypt",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "",
"author": "Jan Varho",
"author_email": "jan@varho.org",
"download_url": "https://files.pythonhosted.org/packages/99/00/592c989eb07e3b28fa4d58b7a9a9808b981a4996aae2392f9ec218c5b3b5/pylibscrypt-2.0.0.tar.gz",
"platform": "",
"description": "Scrypt for Python\n=================\n\n|Build Status| |Coverage Status| |PyPI version|\n\nThere are a lot of different scrypt modules for Python, but none of them\nhave everything that I\u2019d like, so here\u2019s One\nMore\\ `1 <https://xkcd.com/927/>`__.\n\nFeatures\n--------\n\n- Uses hashlib.scrypt on Python 3.6+ and OpenSSL 1.1+.\n- Uses system libscrypt\\ `2 <https://github.com/technion/libscrypt>`__\n as the next choice.\n- If neither is available, tries the scrypt Python\n module\\ `3 <https://bitbucket.org/mhallin/py-scrypt/src>`__ or\n libsodium\\ `4 <https://github.com/jedisct1/libsodium>`__.\n- Offers a pure Python scrypt implementation for when there is no C\n scrypt.\n- Not unusably slow, even in pure Python\u2026 at least with\n pypy\\ `5 <http://pypy.org/>`__.\n\nWith PyPy as the interpreter the Python implementation is around one\nfifth the speed of C scrypt. With CPython it is about 250x slower.\n\nRequirements\n------------\n\n- Python 3.4+. Equivalent versions of PyPy should also work.\n- For Python 2.7.8+ support install the latest version 1.x instead.\n- If you want speed, you should use one of:\n\n - Python 3.6+ with OpenSSL 1.1+\n - libscrypt 1.8+ (older may work)\n - py-scrypt 0.6+ (pip install scrypt)\n - libsodium 1.0+\n\nUsage\n-----\n\nYou can install the most recent release from PyPi using:\n\n::\n\n pip install pylibscrypt\n\nYou most likely want to create MCF hashes and store them somewhere, then\ncheck user-entered passwords against those hashes. For that you only\nneed to use two functions from the API:\n\n::\n\n from pylibscrypt import scrypt_mcf, scrypt_mcf_check\n # Generate an MCF hash with random salt\n mcf = scrypt_mcf('Hello World')\n # Test it\n print(scrypt_mcf_check(mcf, 'Hello World')) # prints True\n print(scrypt_mcf_check(mcf, 'HelloPyWorld')) # prints False\n\nFor full API, you can try help(pylibscrypt) from python after importing.\n\nIt is highly recommended that you use a random salt, i.e.\u00a0don\u2019t pass\none.\n\nVersioning\n----------\n\nThe package has a version number that can be read from python like so:\n\n::\n\n print(pylibscrypt.__version__)\n\nThe version number is of the form X.Y.Z, following Semantic\nVersioning\\ `6 <http://semver.org/spec/v2.0.0.html>`__. Unreleased\nversions include a -git version specifier, e.g.\u00a02.0.0-git < 2.0.0.\nReleases are tagged vX.Y.Z and release branches bX.Y.x when they differ\nfrom master.\n\nDevelopment\n-----------\n\nDevelopment happens on\nGitHub\\ `7 <https://github.com/jvarho/pylibscrypt>`__. If you find a\nbug, please open an issue there.\n\nRunning pylibscrypt.tests will test all implementations with some quick\ntests. Running any implementation directly\n(e.g.\u00a0pylibscrypt.pylibsodium) will also compare to scrypt test vectors\nfrom the paper but this is slow for the pure Python version (pypyscrypt)\nunless running with pypy.\n\nYou can test more comprehensively using the docker test environment.\nEither build and run using ``make docker-run`` or pull the\njvarho/pylibscrypt image and run using\n``docker run -v ${PWD}:/app jvarho/pylibscrypt``.\n\nPull requests should be automatically tested and will not be merged if\nbroken.\n\n.. |Build Status| image:: https://travis-ci.org/jvarho/pylibscrypt.svg\n :target: https://travis-ci.org/jvarho/pylibscrypt\n.. |Coverage Status| image:: https://coveralls.io/repos/github/jvarho/pylibscrypt/badge.svg?branch=master\n :target: https://coveralls.io/github/jvarho/pylibscrypt?branch=master\n.. |PyPI version| image:: https://img.shields.io/pypi/v/pylibscrypt.svg\n :target: https://pypi.python.org/pypi/pylibscrypt\n",
"bugtrack_url": null,
"license": "ISC License",
"summary": "Scrypt for Python",
"version": "2.0.0",
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "9900592c989eb07e3b28fa4d58b7a9a9808b981a4996aae2392f9ec218c5b3b5",
"md5": "7121b6464f6226d4b9f7e977b83bdda6",
"sha256": "5afffc2cf056de86a000c13627ddca87fac14380939694aa6fbf4875926c0146"
},
"downloads": -1,
"filename": "pylibscrypt-2.0.0.tar.gz",
"has_sig": false,
"md5_digest": "7121b6464f6226d4b9f7e977b83bdda6",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 17762,
"upload_time": "2021-02-07T10:35:22",
"upload_time_iso_8601": "2021-02-07T10:35:22.771213Z",
"url": "https://files.pythonhosted.org/packages/99/00/592c989eb07e3b28fa4d58b7a9a9808b981a4996aae2392f9ec218c5b3b5/pylibscrypt-2.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2021-02-07 10:35:22",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "jvarho",
"github_project": "pylibscrypt",
"travis_ci": true,
"coveralls": true,
"github_actions": false,
"lcname": "pylibscrypt"
}