{
    "info": {
        "author": "The Health Agency and the Zope Community",
        "author_email": "zope3-dev@zope.org",
        "bugtrack_url": null,
        "classifiers": [
            "Development Status :: 5 - Production/Stable",
            "Environment :: Web Environment",
            "Framework :: Zope3",
            "Intended Audience :: Developers",
            "License :: OSI Approved :: Zope Public License",
            "Natural Language :: English",
            "Operating System :: OS Independent",
            "Programming Language :: Python",
            "Programming Language :: Python :: 2",
            "Programming Language :: Python :: 2.7",
            "Programming Language :: Python :: 3",
            "Programming Language :: Python :: 3.4",
            "Programming Language :: Python :: 3.5",
            "Programming Language :: Python :: 3.6",
            "Programming Language :: Python :: Implementation :: CPython",
            "Programming Language :: Python :: Implementation :: PyPy",
            "Topic :: Internet :: WWW/HTTP"
        ],
        "description": "============\n z3c.bcrypt\n============\n\n.. warning:: z3c.bcrypt has been superseeded with the new version of\n            `zope.password`_ as it now includes `bcrypt` support based on\n            the well-maintained `bcrypt`_ library. Please don't use\n            this package in new projects.\n\nz3c.bcrypt provides `zope.password`_ compatible \"password manager\" utilities\nthat use bcrypt (or alternatively pbkdf2) encoding for storing passwords.\n\nBoth encoding schemes are implemented in the cryptacular_ library that is\na dependency for this package.\n\n.. _`zope.password`: https://pypi.org/project/zope.password/\n.. _cryptacular: https://pypi.org/project/cryptacular/\n.. _`bcrypt`: https://pypi.org/project/bcrypt/\n\n\n==================\n Using z3c.bcrypt\n==================\n\n    >>> from zope.interface.verify import verifyObject\n    >>> from zope.password.interfaces import IPasswordManager\n    >>> from z3c.bcrypt import BcryptPasswordManager\n    >>> manager = BcryptPasswordManager()\n    >>> verifyObject(IPasswordManager, manager)\n    True\n\n    >>> password = u\"right \\N{CYRILLIC CAPITAL LETTER A}\"\n\n    >>> encoded = manager.encodePassword(password)\n    >>> encoded\n    '$2a$...'\n    >>> manager.checkPassword(encoded, password)\n    True\n    >>> manager.checkPassword(encoded, password + u\"wrong\")\n    False\n\n    >>> from z3c.bcrypt import PBKDF2PasswordManager\n    >>> manager = PBKDF2PasswordManager()\n    >>> verifyObject(IPasswordManager, manager)\n    True\n\n    >>> encoded = manager.encodePassword(password)\n    >>> encoded\n    u'$p5k2$...'\n    >>> manager.checkPassword(encoded, password)\n    True\n    >>> manager.checkPassword(encoded, password + u\"wrong\")\n    False\n\n    >>> # A previously encoded password, should be decodable even if the\n    >>> # current encoding of the same password is different::\n    >>> previouslyencoded = (\n    ...     '$p5k2$1000$LgAFPIlc9CgrlSaxHyTUMA='\n    ...     '=$IuUYplhMkR4qCl8-ONRVjEgJNwE=')\n    >>> encoded == previouslyencoded\n    False\n    >>> manager.checkPassword(previouslyencoded , password)\n    True\n\nExcessively long \"passwords\" will take up a lot of computation time that\ncan be used as a DOS attack vector. The password managers in z3c.bcrypt will\nonly use the first 4096 characters of the incoming password for checking.\n\nThis is inspired by:\n\n  https://www.djangoproject.com/weblog/2013/sep/15/security/\n\nThis test would take significantly longer if the 4096 length limit would\nnot be in place. XXX how to test that reliably?\n\n    >>> incomming = '$p5k2$1000$' + 'a' * 1024 * 1024 * 100  # lot of data.\n    >>> manager.checkPassword(encoded, incomming)\n    False\n\nConfiguration\n=============\n\nThis package provides a ``configure.zcml`` which installs\nimplementations of the ``IPasswordManager`` as utilities:\n\n    >>> from zope.configuration import xmlconfig\n    >>> _ = xmlconfig.string(\"\"\"\n    ... <configure\n    ...    xmlns=\"http://namespaces.zope.org/zope\">\n    ...\n    ...    <include package=\"z3c.bcrypt\" />\n    ... </configure>\n    ... \"\"\")\n\n    >>> from zope import component\n    >>> from zope.password.interfaces import IPasswordManager\n    >>> component.getUtility(IPasswordManager, name='bcrypt')\n    <z3c.bcrypt.passwordmanager.BcryptPasswordManager object at ...>\n    >>> component.getUtility(IPasswordManager, name='pbkdf2')\n    <z3c.bcrypt.passwordmanager.PBKDF2PasswordManager object at ...>\n\n\n=========================\n Changelog of z3c.bcrypt\n=========================\n\n2.0.1 (2018-08-01)\n==================\n\n- Package is deprecated in favor of `zope.password`_.\n\n2.0.0 (2017-05-10)\n==================\n\n- Standardize namespace __init__.\n\n- Add support for Python 3.4, 3.5, 3.6 and PyPy.\n\n1.2 (2013-10-10)\n================\n\n- Only verify the first 4096 characters of a password to prevent\n  denial-of-service attacks through repeated submission of large\n  passwords, tying up server resources in the expensive computation\n  of the corresponding hashes.\n\n  See: https://www.djangoproject.com/weblog/2013/sep/15/security/\n\n1.1 (2010-02-22)\n================\n\n- Fixes in the configure.zcml.\n\n1.0 (2010-02-18)\n================\n\n- Initial public release.\n\n.. _`zope.password`: https://pypi.org/project/zope.password/\n\n\n",
        "description_content_type": "",
        "docs_url": null,
        "download_url": "",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "http://github.com/zopefoundation/z3c.bcrypt",
        "keywords": "zope authentication password bcrypy pbkdf2",
        "license": "ZPL 2.1",
        "maintainer": "",
        "maintainer_email": "",
        "name": "z3c.bcrypt",
        "package_url": "https://pypi.org/project/z3c.bcrypt/",
        "platform": "",
        "project_url": "https://pypi.org/project/z3c.bcrypt/",
        "project_urls": {
            "Homepage": "http://github.com/zopefoundation/z3c.bcrypt"
        },
        "release_url": "https://pypi.org/project/z3c.bcrypt/2.0.1/",
        "requires_dist": null,
        "requires_python": "",
        "summary": "Password manager utility using bcrypt or pbkdf2 encoding. Useful in combination with zope.password",
        "version": "2.0.1"
    },
    "last_serial": 4124754,
    "releases": {
        "1.0": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "ab05cd8fbc2a93c34c3eede658bf2b05",
                    "sha256": "c970e1bc48a3f26ba3c5ce123961dd90d8d12c2644198cf1c4ecf4f1763795e6"
                },
                "downloads": -1,
                "filename": "z3c.bcrypt-1.0.tar.gz",
                "has_sig": false,
                "md5_digest": "ab05cd8fbc2a93c34c3eede658bf2b05",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 5155,
                "upload_time": "2010-02-18T14:19:41",
                "url": "https://files.pythonhosted.org/packages/2a/46/d05927181d24e2deb20cccbfc0b27d819f436777b5c655db6b92c4489c40/z3c.bcrypt-1.0.tar.gz"
            }
        ],
        "1.0dev": [],
        "1.1": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "25a0bd3cf255f3e3422ffbd3c072fdc7",
                    "sha256": "d2165a4fd3470f30009002c2b5bb94a701e57295ccb4acc4a5c75e418a2c9c23"
                },
                "downloads": -1,
                "filename": "z3c.bcrypt-1.1.tar.gz",
                "has_sig": false,
                "md5_digest": "25a0bd3cf255f3e3422ffbd3c072fdc7",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 5185,
                "upload_time": "2010-02-22T11:18:14",
                "url": "https://files.pythonhosted.org/packages/d7/9f/749e39ac369c52cb867dc3632552f377296382e9d8645199ae81a81a19d1/z3c.bcrypt-1.1.tar.gz"
            }
        ],
        "1.2": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "1a7e6a2a8f2f0a8db20b1abcca6fa3ab",
                    "sha256": "3ba4be34d37c49f70aab0b147a333c955b2bfcc3670b3b3d8aec6f4f35091bfc"
                },
                "downloads": -1,
                "filename": "z3c.bcrypt-1.2.zip",
                "has_sig": false,
                "md5_digest": "1a7e6a2a8f2f0a8db20b1abcca6fa3ab",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 12887,
                "upload_time": "2013-10-10T11:01:32",
                "url": "https://files.pythonhosted.org/packages/d2/6c/9f286617d8e470c7a1c715d8a7b653af0d9ef3837ea541c9d7632b4b04dc/z3c.bcrypt-1.2.zip"
            }
        ],
        "2.0.0": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "97b3d425bac4d9c2ef64525137d16beb",
                    "sha256": "35215c8b9270ba050039072e3875717aed14a0c324571ec41408e5543a48db7d"
                },
                "downloads": -1,
                "filename": "z3c.bcrypt-2.0.0-py2.py3-none-any.whl",
                "has_sig": false,
                "md5_digest": "97b3d425bac4d9c2ef64525137d16beb",
                "packagetype": "bdist_wheel",
                "python_version": "py2.py3",
                "requires_python": null,
                "size": 9569,
                "upload_time": "2017-05-10T11:25:02",
                "url": "https://files.pythonhosted.org/packages/82/02/23625f78d2d2cd7635f1dff9e2e340ec28d21270647e9541ac21feca90ff/z3c.bcrypt-2.0.0-py2.py3-none-any.whl"
            },
            {
                "comment_text": "",
                "digests": {
                    "md5": "ae6787f56dcd61d75de08f52c2ddba44",
                    "sha256": "cbc3439307e23dc5dcaf6bc18f374a205fe208007ff6e7fa3c7189fa405a50cc"
                },
                "downloads": -1,
                "filename": "z3c.bcrypt-2.0.0.tar.gz",
                "has_sig": false,
                "md5_digest": "ae6787f56dcd61d75de08f52c2ddba44",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 6917,
                "upload_time": "2017-05-10T11:25:04",
                "url": "https://files.pythonhosted.org/packages/89/68/00ab70a32b7cc8a6efb9fa88e1b57457de3efca683d5644750b39b9a0a22/z3c.bcrypt-2.0.0.tar.gz"
            }
        ],
        "2.0.1": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "9d87b828fba7303e18c8d1cdcea41b6c",
                    "sha256": "3f12b07769d71596babb553a172088426ca2b92c28a034ecb948a138056c1f1f"
                },
                "downloads": -1,
                "filename": "z3c.bcrypt-2.0.1.tar.gz",
                "has_sig": false,
                "md5_digest": "9d87b828fba7303e18c8d1cdcea41b6c",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 7642,
                "upload_time": "2018-08-01T13:16:29",
                "url": "https://files.pythonhosted.org/packages/c3/69/44e1fd04b264e9efc670f4d55e3da34ddfbf827d6bcdcb617f7f9c958a2f/z3c.bcrypt-2.0.1.tar.gz"
            }
        ]
    },
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "9d87b828fba7303e18c8d1cdcea41b6c",
                "sha256": "3f12b07769d71596babb553a172088426ca2b92c28a034ecb948a138056c1f1f"
            },
            "downloads": -1,
            "filename": "z3c.bcrypt-2.0.1.tar.gz",
            "has_sig": false,
            "md5_digest": "9d87b828fba7303e18c8d1cdcea41b6c",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 7642,
            "upload_time": "2018-08-01T13:16:29",
            "url": "https://files.pythonhosted.org/packages/c3/69/44e1fd04b264e9efc670f4d55e3da34ddfbf827d6bcdcb617f7f9c958a2f/z3c.bcrypt-2.0.1.tar.gz"
        }
    ]
}