{ "info": { "author": "Laurens Van Houtven", "author_email": "_@lvh.cc", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Framework :: Twisted", "License :: OSI Approved :: ISC License (ISCL)" ], "description": "==========\n txscrypt\n==========\n\n`txscrypt`_ is a `Twisted`_-friendly wrapper for `scrypt`_. `scrypt`_\nis a key derivation function. It's the kind of thing you want to use\nto store user's passwords securely, if you're writing a password\nstorage library. (If you're not, use one.)\n\n.. _`txscrypt`: https://github.com/lvh/txscrypt\n.. _`Twisted`: https://www.twistedmatrix.com\n.. _`scrypt`: https://www.tarsnap.com/scrypt.html\n\n.. image:: https://dl.dropbox.com/u/38476311/Logos/txscrypt.png\n :align: center\n :width: 300px\n\nHow do I store a password?\n==========================\n\nEasy.\n\n.. code:: python\n\n from txscrypt import computeKey\n d = computeKey(password)\n d.addCallback(storeSomewhere)\n\n``computeKey`` is a function. You give it the plaintext password, in\nbytes. If your user is giving you a password in Unicode, encode it\nfirst. You get a deferred that will fire, at some point, with a\nmagical string of bytes. Store it.\n\nOkay. How do I check a password?\n================================\n\n.. code:: python\n\n from txscrypt import checkPassword\n d = checkPassword(stored, provided)\n\nIn this snippet, ``stored`` is the thing you got from ``computeKey``.\n``provided`` is the password as provided by the user. Give it the same\ntreatment you gave the password before you passed it to\n``computeKey``. For example, if it's Unicode, encode it.\n\nYou get a deferred. At some point in the future, it will fire with\neither ``True`` if the password matched or ``False`` if it didn't.\n\nWhy is the magical string base64-encoded?\n=========================================\n\nYou're not supposed to care about what's in it.\n\nIt's not entirely base64 encoded, but it does contain some base64\nencoded parts. If it weren't, it'd have a bunch of NUL bytes and other\ngnarly stuff (i.e. not printable ASCII) in it, and that makes a lot of\nstorage stuff balk.\n\nIf you must know, it looks like this::\n\n COMMENT:PARAMS:ENCODED_KEY:ENCODED_SALT\n\nWhere ``COMMENT`` is currently always ``txscrypt``, ``PARAMS`` is a\nJSON object containing the parameters used to invoke the scrypt hash\nfunction (N, r, p, buflen), ``ENCODED_KEY`` is the base64 encoded key,\n``ENCODED_SALT`` is the base64 encoded salt.\n\nEarlier versions of txscrypt used the raw bytes produced by scrypt.\nSome third party tools bit off those strings after the first NUL byte.\nUnluckily, this was immediately after the word \"scrypt\", which were\nthe first bytes of that string.\n\nBut what about salts?\n=====================\n\ntxscrypt takes care of this for you.\n\n(It computes a salt of sufficient length using your OS'\ncryptographically secure random number generator. Currently, that\nlength is 256 bits.)\n\nBut what about timing attacks?\n==============================\n\ntxscrypt takes care of this for you.\n\n(It relies on salts being of sufficient length. There might be side\nchannels related to multiple executions of ``scrypt`` on the same\nmachine; but to the author's knowledge this has never been\ndemonstrated as an attack.)\n\nBut what about starving the thread pool?\n========================================\n\ntxscrypt takes care of this for you.\n\n(It creates a new thread pool just for running scrypt in. This means\nthat scrypt doesn't compete against, say, DNS resolution, or things\nyou pass to ``deferToThread``.)\n\nBut what about shutting down the thread pool?\n=============================================\n\ntxscrypt takes care of this for you.\n\n(It tells the reactor to stop the thread pool at the start of its own\nshutdown procedure. That does mean that you have to have the reactor\nrunning for any computations to work.)\n\nWhen should I create my own Wrapper object?\n===========================================\n\nIf you want to change:\n\n- the salt length\n- the thread pool\n- any of the default scrypt hash parameters (N, r, p, buflen)\n\nSo, basically, never. If the number of iterations is insecure, file a\nbug with txscrypt, so it can be amended.\n\nChangelog\n=========\n\n3.0.0\n-----\n\n**Incompatible change with previous versions!**\n\nThe internal format now stores the parameters, so that changing them\n(e.g. upgrading the number of iterations) will result in a smooth\nforward transition.\n\n2.0.1\n-----\n\nREADME updates and test suite updates.\n\n2.0.0\n-----\n\n**Incompatible change with previous versions!**\n\n- Now uses the newly exposed ``hash`` function, making key derivation\n fully deterministic.\n- The ``maxTime`` argument has been removed.\n\n1.1.1\n-----\n\n- Remove stale references to verifyPassword in documentation and\n __all__\n\nThanks Matt Haggard for the bug report!\n\n1.1.0\n-----\n\n- Only start the thread pool on first use\n- Stop the thread pool when the reactor starts shutting down\n\n1.0.0\n-----\n\n**Incompatible change with previous versions!**\n\n- Remove deprecated verifyPassword API\n- Use less high-quality entropy for salt bits\n- Use term \"salt\", consistency with scrypt paper\n- Base64s output, prevents other software choking on NUL bytes\n- Internal rewrite, easier to test\n", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/lvh/txscrypt", "keywords": null, "license": "ISC", "maintainer": null, "maintainer_email": null, "name": "txscrypt", "package_url": "https://pypi.org/project/txscrypt/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/txscrypt/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/lvh/txscrypt" }, "release_url": "https://pypi.org/project/txscrypt/3.0.0/", "requires_dist": null, "requires_python": null, "summary": "Twisted wrapper for scrypt", "version": "3.0.0" }, "last_serial": 935537, "releases": { "0.0.1": [ { "comment_text": "", "digests": { "md5": "09b83ae756241a49d6c50eaeb9e7d1e5", "sha256": "7210cabca3fe34d8f4b3e3648116bc0182f485e1317eca8f2c0796a8fcd990f2" }, "downloads": -1, "filename": "txscrypt-0.0.1.tar.gz", "has_sig": true, "md5_digest": "09b83ae756241a49d6c50eaeb9e7d1e5", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 2881, "upload_time": "2013-03-02T12:02:18", "url": "https://files.pythonhosted.org/packages/5e/45/ea9569d5ed8977a0fbebbf180350c30ffb04831fa9c5cf236cab4bbb74ba/txscrypt-0.0.1.tar.gz" } ], "1.0.0": [ { "comment_text": "", "digests": { "md5": "213b241e50d0a67d020b831db7bd7310", "sha256": "c2f9ca683e3eaf1f1bd873b71ffaf44402a0eec0f956b740a99062fc8bdc61e2" }, "downloads": -1, "filename": "txscrypt-1.0.0.tar.gz", "has_sig": false, "md5_digest": "213b241e50d0a67d020b831db7bd7310", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4547, "upload_time": "2013-09-04T21:12:23", "url": "https://files.pythonhosted.org/packages/c9/01/ce237fb80921b87ac8974a55c6bf71e6f47e0fbc93c6876a3402721b3969/txscrypt-1.0.0.tar.gz" } ], "1.1.0": [ { "comment_text": "", "digests": { "md5": "f9960bb503362fd15009f3c3797be4d6", "sha256": "d9f2b9d6c3b35f5501005aa8accf29c9ff1e1f8e973e93dde4c286635c90bee7" }, "downloads": -1, "filename": "txscrypt-1.1.0.tar.gz", "has_sig": false, "md5_digest": "f9960bb503362fd15009f3c3797be4d6", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5226, "upload_time": "2013-09-05T16:58:39", "url": "https://files.pythonhosted.org/packages/a1/c9/161ac6874f9c75cd23ec931b02937ff53c853813d854385073d94fe0f3e2/txscrypt-1.1.0.tar.gz" } ], "1.1.1": [ { "comment_text": "", "digests": { "md5": "1ef855c9d923af5d6cd47300ec44c5ba", "sha256": "44252da42a2807949ed2332a8c18bfdf933aca5b3838374712a3a0190feda6e1" }, "downloads": -1, "filename": "txscrypt-1.1.1.tar.gz", "has_sig": false, "md5_digest": "1ef855c9d923af5d6cd47300ec44c5ba", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5276, "upload_time": "2013-09-07T07:40:24", "url": "https://files.pythonhosted.org/packages/b7/38/413eccd4cddf01c8e8dd7b1e0c5ce57cf1ace7e8fe103f3980c1b39962e3/txscrypt-1.1.1.tar.gz" } ], "2.0.0": [ { "comment_text": "", "digests": { "md5": "1d4b7d47811d80d25efd8c47db4702fe", "sha256": "49e29d2c2ff843143d9045deeefa49c652f3f332aba259a5104ae2130e76212c" }, "downloads": -1, "filename": "txscrypt-2.0.0.tar.gz", "has_sig": true, "md5_digest": "1d4b7d47811d80d25efd8c47db4702fe", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5352, "upload_time": "2013-12-03T19:39:09", "url": "https://files.pythonhosted.org/packages/6a/b1/619f4f86480931483ad3945d4915c92cacf3f2f78beed8e7d979257f8aa5/txscrypt-2.0.0.tar.gz" } ], "3.0.0": [ { "comment_text": "", "digests": { "md5": "c818abb83660b30e15e2a0e32bcc044d", "sha256": "c820552c55ce047319f6df6293dc1f01a6dd032e5ead4cede5a0a9214d1aaa0b" }, "downloads": -1, "filename": "txscrypt-3.0.0.tar.gz", "has_sig": true, "md5_digest": "c818abb83660b30e15e2a0e32bcc044d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6335, "upload_time": "2013-12-04T11:32:24", "url": "https://files.pythonhosted.org/packages/26/df/3a89d69679767a28a54b0cb98199b5fdedd41fa99baa8421f8ea5a47cab6/txscrypt-3.0.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "c818abb83660b30e15e2a0e32bcc044d", "sha256": "c820552c55ce047319f6df6293dc1f01a6dd032e5ead4cede5a0a9214d1aaa0b" }, "downloads": -1, "filename": "txscrypt-3.0.0.tar.gz", "has_sig": true, "md5_digest": "c818abb83660b30e15e2a0e32bcc044d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6335, "upload_time": "2013-12-04T11:32:24", "url": "https://files.pythonhosted.org/packages/26/df/3a89d69679767a28a54b0cb98199b5fdedd41fa99baa8421f8ea5a47cab6/txscrypt-3.0.0.tar.gz" } ] }