From 1b53222937eb75fd1b71fd8283a12be200415614 Mon Sep 17 00:00:00 2001
From: "R. Richard" <ni-richard@protonmail.ch>
Date: Fri, 7 Jun 2019 14:41:27 +0200
Subject: [PATCH] Replace PBKDF2 with scrypt

---
 solvable/src/webservice/crypto.py | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/solvable/src/webservice/crypto.py b/solvable/src/webservice/crypto.py
index 057bb57..27ed1f5 100644
--- a/solvable/src/webservice/crypto.py
+++ b/solvable/src/webservice/crypto.py
@@ -1,11 +1,19 @@
-from passlib.hash import pbkdf2_sha256
+from os import urandom
+from hashlib import scrypt
 
 
 class PasswordHasher:
     @staticmethod
     def hash(password):
-        return pbkdf2_sha256.hash(password)
+        salt = urandom(32)
+        return PasswordHasher.scrypt(password, salt).hex()+salt.hex()
 
     @staticmethod
     def verify(password, hashdigest):
-        return pbkdf2_sha256.verify(password, hashdigest)
+        salt = bytes.fromhex(hashdigest[64:])
+        hashdigest = bytes.fromhex(hashdigest[:64])
+        return PasswordHasher.scrypt(password, salt) == hashdigest
+
+    @staticmethod
+    def scrypt(password, salt):
+        return scrypt(password.encode(), salt=salt, n=16384, r=8, p=1, dklen=32)