Replace PBKDF2 with scrypt

2025-11-04 02:42:56 +00:00 · 2019-06-07 14:41:27 +02:00
parent 8b15da39ae
commit 1b53222937
1 changed files with 11 additions and 3 deletions
--- a/solvable/src/webservice/crypto.py
+++ b/solvable/src/webservice/crypto.py
@@ -1,11 +1,19 @@
-from passlib.hash import pbkdf2_sha256
+from os import urandom
+from hashlib import scrypt


 class PasswordHasher:
    @staticmethod
    def hash(password):
-        return pbkdf2_sha256.hash(password)
+        salt = urandom(32)
+        return PasswordHasher.scrypt(password, salt).hex()+salt.hex()

    @staticmethod
    def verify(password, hashdigest):
-        return pbkdf2_sha256.verify(password, hashdigest)
+        salt = bytes.fromhex(hashdigest[64:])
+        hashdigest = bytes.fromhex(hashdigest[:64])
+        return PasswordHasher.scrypt(password, salt) == hashdigest
+
+    @staticmethod
+    def scrypt(password, salt):
+        return scrypt(password.encode(), salt=salt, n=16384, r=8, p=1, dklen=32)