Changeset 25780 in project


Ignore:
Timestamp:
01/07/12 21:44:48 (9 years ago)
Author:
sjamaan
Message:

Fix typo and provide link to Python's PassLib? docs which rock

File:
1 edited

Legend:

Unmodified
Added
Removed
  • wiki/eggref/4/crypt

    r25771 r25780  
    9191; {{$H$}} : Same as above, but used by [[http://area51.phpbb.com/docs/code/30x/phpbb3/package-functions.html#phpbb_hash()|PHPbb]] because, well, they're PHP developers. (I wonder if these developers are somehow related to the people working on APR...)
    9292; {{$2x$}} : "compatibility" option for OpenWall's bcrypt implementation (used as fallback for bcrypt in this egg) to trigger old [[http://www.openwall.com/lists/oss-security/2011/06/20/2|buggy behavior that has a known vulnerability]], only to be used when comparing values produced by the old version.
    93 ; {{$2y$}} : "force correct algorithm" option for OpenWall's bcrypt implementation.  When passed {{$2a$}} normally bcrypt will sometimes fall back to the buggy algorithm, but in this egg it acts like {{$2y}} was passed.  This is done to ensure compatibility with the BSD implemetnation, which dictates the standard.  Currently there is no way to pass {{$2x$}} or {{$2y$}} to {{crypt}} even if the OpenWall version is used internally.  If you really need this, please contact me and I'll try to figure out a way to do it.
     93; {{$2y$}} : "force correct algorithm" option for OpenWall's bcrypt implementation.  When passed {{$2a$}} normally bcrypt will sometimes fall back to the buggy algorithm, but in this egg it acts like {{$2y}} was passed.  This is done to ensure compatibility with the BSD implementation, which dictates the standard.  Currently there is no way to pass {{$2x$}} or {{$2y$}} to {{crypt}} even if the OpenWall version is used internally.  If you really need this, please contact me and I'll try to figure out a way to do it.
    9494
    9595=== Full API reference
     
    343343* Philip Leong and Chris Tham, "[[http://members.value.com.au/christie/usenix91.htm|Unix Password Encryption Considered Insecure]]"
    344344* J. Orlin Grabbe, "[[http://orlingrabbe.com/des.htm|The DES Algorithm Illustrated]]"
     345* Assurance Technologies, "[[http://packages.python.org/passlib/lib/passlib.hash.html|passlib.hash - Password Hashing Schemes]]" (this is a good overview of existing UNIX and other hash systems complete with explanations for each)
Note: See TracChangeset for help on using the changeset viewer.