A native python bcrypt
Python
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
__init__.py
bcrypt.py
blowfish.py fix an overflow bug Mar 27, 2011
readme
simple_test.py
test.py first commit Mar 26, 2011

readme

The is a native Python implementation of the py-bcrypt package from http://www.mindrot.org/projects/py-bcrypt/ made by Damien Miller.
--- begin excerpt from the original package

py-bcrypt is a Python wrapper of OpenBSD's Blowfish password hashing code, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazières.

This system hashes passwords using a version of Bruce Schneier's Blowfish block cipher with modifications designed to raise the cost of off-line password cracking and frustrate fast hardware implementation. The computation cost of the algorithm is parametised, so it can be increased as computers get faster. The intent is to make a compromise of a password database less likely to result in an attacker gaining knowledge of the plaintext passwords (e.g. using John the Ripper).

py-bcrypt requires Python 2.4. Older versions may work, but the bcrypt.gensalt() method won't - it requires the cryptographic random number generator os.urandom() introduced in 2.4.

py-bcrypt is licensed under a ISC/BSD licence. The underlying Blowfish and hashing code implementation is taken from OpenBSD's libc and is subject to a 4-term BSD license. See the LICENSE file for details.

The API is very simple:

import bcrypt

# Hash a password for the first time, with a randomly-generated salt
hashed = bcrypt.hashpw(password, bcrypt.gensalt())

# gensalt's log_rounds parameter determines the complexity.
# The work factor is 2**log_rounds, and the default is 12
hashed = bcrypt.hashpw(password, bcrypt.gensalt(10))

# Check that an unencrypted password matches one that has
# previously been hashed
if bcrypt.hashpw(password, hashed) == hashed:
        print "It matches"
else:
        print "It does not match"

--- end excerpt from the original package

This excerpt pretty much sums up this package also with two main differences:
1. This package is 100% native python.
2. Is is two orders of magnitude slower!, so gensalt() by default only generate the salt using 1 round instead of 1024 rounds as in the original package.
The hash is still quite strong but not as strong as . 

Use this package when you need to generate a password hash and you can only use native python <cough>Google App Engine</cough>

I did some obvious optimization to speed things up and I will be more then happy if someone will make it go faster

The package comes with the original unittest of the native package and passes all the tests.