Python BCrypt
An up to date fork of py-bcrypt, Python 3 and Python 2 compatible, compiles on Windows, Mac, Linux.
This repository is a continuation of the Google Code project, which has not been updated in more than a year. Most notably, this branch compiles under Windows, OSx and Linux, on both Python 3 and Python 2. These patches and this work is community driven, and your contributions will be actively accepted and reviewed.
Installation
Installation is a breeze!
$ pip install python-bcryptIf you are running windows, either follow this guide to configure Python to compile C extensios, or download a precompiled Windows installer!
Usage
Simple example usage is as follows
import bcrypt
# Hash a password for the first time
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
# gensalt's log_rounds parameter determines the complexity
# the work factor is 2**log_rounds, and the default is 12
hashed = bcrypt.hashpw(password, bcrypt.gensalt(10))
# Check that an unencrypted password matches one that has
# previously been hashed
if bcrypt.hashpw(plaintext, hashed) == hashed:
print "It matches"
else:
print "It does not match"Support
####This branch is automatically tested on:
- linux Python 2.6
- linux Python 2.7
- linux Python 3.2
- linux Python 3.3
####Manually tested on:
Python 2.7 X86 and Python 2.7 X86-64
- Windows 7 32bit and 64bit Visual C++ 2012 (MSVC11)
- Windows 7 32bit and 64bit Visual C++ 2010 (MSVC10)
- Windows 7 32bit and 64bit Visual C++ 2008 (MSVC9) (Same compiler as Python 2.7, suggested)
- Windows 8 32bit and 64bit Visual C++ 2008 (MSVC9) (Same compiler as Python 2.7, suggested)
Contributing
To help, clone this repository and get building!
To install, use the standard Python distutils incantation:
$ python setup.py build
$ python setup.py installRegression tests are located in tests/test.py
Contributions
The original authors whose patches are included in this author are:
benghattem@gmail.com Providing the basis for this patch, fixing compilation flags and ifdefs patch
florian.ruechel@gmail.com Extending the patch and fixing memset + bzero issues to make the code more standards compliant patch
Original README
py-bcrypt is an implementation the OpenBSD Blowfish password hashing algorithm, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres: http://www.openbsd.org/papers/bcrypt-paper.ps
This system hashes passwords using a version of Bruce Schneier's Blowfish block cipher with modifications designed to raise the cost of off-line password cracking. The computation cost of the algorithm is parametised, so it can be increased as computers get faster.
py-bcrypt requires Python 2.4. Older versions may work, but the bcrypt.gensalt() method won't - it requires the cryptographic random number generator os.urandom() introduced in 2.4.
To install, use the standard Python distutils incantation:
$ python setup.py build
$ python setup.py install
Regression tests are in the test/test.py file. This is deliberately in a subdirectory so it does not mistakenly pick up the top-level bcrypt/ directory.
py-bcrypt is licensed under a ISC/BSD licence. The underlying Blowfish and password hashing code is taken from OpenBSD's libc. See the LICENSE file for details.
Please report bugs to Damien Miller djm@mindrot.org. Please check the TODO file first, in case your problem is something I already know about (please send patches!)
A simple example that demonstrates most of the features: A simple example that demonstrates most of the features:
import bcrypt
# Hash a password for the first time
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
# gensalt's log_rounds parameter determines the complexity
# the work factor is 2**log_rounds, and the default is 12
hashed = bcrypt.hashpw(password, bcrypt.gensalt(10))
# Check that an unencrypted password matches one that has
# previously been hashed
if bcrypt.hashpw(plaintext, hashed) == hashed:
print "It matches"
else:
print "It does not match"
