Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed #21138 -- Increased the performance of our PBKDF2 implementation.

Thanks go to Michael Gebetsroither for pointing out this issue and help on
the patch.
  • Loading branch information...
commit 68540fe4df44492571bc610a0a043d3d02b3d320 1 parent 5d74853
@apollo13 apollo13 authored
Showing with 7 additions and 3 deletions.
  1. +7 −3 django/utils/crypto.py
View
10 django/utils/crypto.py
@@ -123,9 +123,8 @@ def _fast_hmac(key, msg, digest):
This function operates on bytes.
"""
dig1, dig2 = digest(), digest()
- if len(key) > dig1.block_size:
- key = digest(key).digest()
- key += b'\x00' * (dig1.block_size - len(key))
+ if len(key) != dig1.block_size:
+ raise ValueError('Key size needs to match the block_size of the digest.')
dig1.update(key.translate(hmac.trans_36))
dig1.update(msg)
dig2.update(key.translate(hmac.trans_5C))
@@ -161,6 +160,11 @@ def pbkdf2(password, salt, iterations, dklen=0, digest=None):
hex_format_string = "%%0%ix" % (hlen * 2)
+ inner_digest_size = digest().block_size
+ if len(password) > inner_digest_size:
+ password = digest(password).digest()
+ password += b'\x00' * (inner_digest_size - len(password))
+
def F(i):
def U():
u = salt + struct.pack(b'>I', i)
Please sign in to comment.
Something went wrong with that request. Please try again.