delta/python-packages/passlib.git/CHANGES, branch ironpython-support-dev foss.heptapod.net: python-libs/passlib CryptPolicy deprecation, part 5 - updated docs, changelog, benchmark script 2012-04-17T19:37:59+00:00 Eli Collins elic@assurancetechnologies.com 2012-04-17T19:37:59+00:00 8341dc6179d656b898f944b0cd848c350c627aab 






updated passlib.apache module's api - more flexible to use, changed some ambiguous method names
2012-04-17T19:09:21+00:00

Eli Collins
elic@assurancetechnologies.com

2012-04-17T19:09:21+00:00

29e7c681bed9a2a9b96f71b56b0bf4edca8ef044












issue warning if app requests even bsdi_crypt rounds
2012-04-13T18:12:14+00:00

Eli Collins
elic@assurancetechnologies.com

2012-04-13T18:12:14+00:00

154046a05e38cb889f886853971a48a8c7d626b4












clarify behavior for secret=None and hash=None
2012-04-11T21:49:09+00:00

Eli Collins
elic@assurancetechnologies.com

2012-04-11T21:49:09+00:00

5bd6deb8144cb24caa51e82c7682f706ecc09a6c

* passing a non-string secret or non-string hash to any
  CryptContext or handler method will now reliably result
  in a TypeError.

  previously, passing hash=None to many handler identify() and verify()
  methods would return False, while others would raise a TypeError.
  other handler methods would alternately throw ValueError or TypeError
  when passed a value that wasn't unicode or bytes.
  the various CryptContext methods also behaved inconsistently,
  depending on the behavior of the underlying handler.

  all of these behaviors are gone, they should all raise the same TypeError.

* redid many of the from_string() methods to verify the hash type.

* moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods.
  this cheaply made the secret validation global to all hashes, and lets
  _calc_digest() implementations trust that the secret is valid.

* updated the CryptContext and handler unittests to verify the above behavior is adhered to.





* passing a non-string secret or non-string hash to any
  CryptContext or handler method will now reliably result
  in a TypeError.

  previously, passing hash=None to many handler identify() and verify()
  methods would return False, while others would raise a TypeError.
  other handler methods would alternately throw ValueError or TypeError
  when passed a value that wasn't unicode or bytes.
  the various CryptContext methods also behaved inconsistently,
  depending on the behavior of the underlying handler.

  all of these behaviors are gone, they should all raise the same TypeError.

* redid many of the from_string() methods to verify the hash type.

* moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods.
  this cheaply made the secret validation global to all hashes, and lets
  _calc_digest() implementations trust that the secret is valid.

* updated the CryptContext and handler unittests to verify the above behavior is adhered to.







ldap salted digest improvements
2012-04-10T03:05:31+00:00

Eli Collins
elic@assurancetechnologies.com

2012-04-10T03:05:31+00:00

575ad2bfaf04cc1d75d61a30e469b52afdd8ccb8

* support variable salt size of 4-16 bytes [issue 30].
* throw correct error when invalid base64 encoding is encountered.
* added some test vectors for the above.





* support variable salt size of 4-16 bytes [issue 30].
* throw correct error when invalid base64 encoding is encountered.
* added some test vectors for the above.







*all* hashes now throw PasswordSizeError if password is larger than 4096 chars; to prevent DOS issues.
2012-04-09T23:19:41+00:00

Eli Collins
elic@assurancetechnologies.com

2012-04-09T23:19:41+00:00

ce8e7d2438a3804b50e9af2712302de8d72c9f50












doc tweaks
2012-03-13T02:38:41+00:00

Eli Collins
elic@assurancetechnologies.com

2012-03-13T02:38:41+00:00

4307162072d9b1c65f41990752b39ad4483c0a00












doc tweaks
2012-03-10T23:32:30+00:00

Eli Collins
elic@assurancetechnologies.com

2012-03-10T23:32:30+00:00

a4d76940ed6b03db079960473e756df4f03fd36b












various bcrypt improvements
2012-03-10T23:22:21+00:00

Eli Collins
elic@assurancetechnologies.com

2012-03-10T23:22:21+00:00

4b622bf43781a95dfecf42b1998d2fb78de90594

* studied crypt_blowfish's 8bit bug
	- verified none of passlib's backends were affected
	- added recognition (but not support) for crypt_blowfish's $2x$ hash prefix
	- added support for crypt_blowfish's $2y$ hash prefix
	- note in docs about Passlib's current handling of crypt_blowfish 8bit issues.
* refactored bcrypt's salt-unused-bits repair code into Base64Engine.repair_unused(),
  making the code cleaner and more isolated. a bunch more tests.
* added bcrypt64 (bcrypt-base64 variant) to utils
* added LazyBase64Engine to reduce memory / startup time





* studied crypt_blowfish's 8bit bug
	- verified none of passlib's backends were affected
	- added recognition (but not support) for crypt_blowfish's $2x$ hash prefix
	- added support for crypt_blowfish's $2y$ hash prefix
	- note in docs about Passlib's current handling of crypt_blowfish 8bit issues.
* refactored bcrypt's salt-unused-bits repair code into Base64Engine.repair_unused(),
  making the code cleaner and more isolated. a bunch more tests.
* added bcrypt64 (bcrypt-base64 variant) to utils
* added LazyBase64Engine to reduce memory / startup time







did rewrite of unix_fallback as unix_disabled; unix_fallback is now deprecated
2012-03-10T22:48:58+00:00

Eli Collins
elic@assurancetechnologies.com

2012-03-10T22:48:58+00:00

d3c7d16915f7ef3919245f211b8dab8ae35ade70