Add support for yescrypt in crypt.

[besser82]

BPO	44309
Nosy	@tiran, @dseomn, @besser82
PRs	bpo-44309: Add support for yescrypt in crypt. #26526 [3.10] bpo-44309: Add support for yescrypt in crypt. (GH-26526) #26527

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = None
closed_at = None
created_at = <Date 2021-06-04.11:10:28.051>
labels = ['type-feature', 'library', '3.11']
title = 'Add support for yescrypt in crypt.'
updated_at = <Date 2021-09-23.19:43:10.780>
user = 'https://github.com/besser82'

bugs.python.org fields:

activity = <Date 2021-09-23.19:43:10.780>
actor = 'dseomn'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = ['Library (Lib)']
creation = <Date 2021-06-04.11:10:28.051>
creator = 'besser82'
dependencies = []
files = []
hgrepos = []
issue_num = 44309
keywords = ['patch']
message_count = 2.0
messages = ['395073', '395160']
nosy_count = 4.0
nosy_names = ['jafo', 'christian.heimes', 'dseomn', 'besser82']
pr_nums = ['26526', '26527']
priority = 'normal'
resolution = None
stage = 'patch review'
status = 'open'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue44309'
versions = ['Python 3.11']

[besser82]

Proposed PR adds support for a new method in the crypt module:

yescrypt. It is considered stronger as SHA512 or blowfish and as strong as argon2 for crypt() purpose. The hashing method was developed by the author of the blowfish crypt method, and was based on scrypt. It is supported on most Linux distributions, that ship with libxcrypt as a replacement for the glibc crypt library: Fedora, Debian, Ubuntu, OpenSUSE and many others.

[tiran]

I'm against adding additional methods to the crypt module.

• libcrypt / libxcrypt are unreliable providers. The library is only available on Unix-like platforms, not on Windows. Available algorithms are not consistent, e.g. some platforms only provide old, bad implementations. Others only support a limited subset or disable some algorithms in their crypto policies.
• We still plan to deprecate and remove the crypt module because it's not reliable.

I suggest that you rather create a PyPI package with yescrypt implementation that does not rely on libcrypt.

[AlexWaygood]

The crypt module is now deprecated following the acceptance of PEP 594 by the Steering Council. As such, bugfixes and improvements to the module will no longer be accepted; I am therefore closing this issue.

[AlexWaygood]

The crypt module is now deprecated following the acceptance of PEP 594 by the Steering Council. As such, bugfixes and improvements to the module will no longer be accepted; I am therefore closing this issue.

Cc. @dseomn, @besser82