diff options
| author | Eli Collins <elic@assurancetechnologies.com> | 2020-02-17 11:21:46 -0500 |
|---|---|---|
| committer | Eli Collins <elic@assurancetechnologies.com> | 2020-02-17 11:21:46 -0500 |
| commit | ec62db38788b1dc0c8f78060f6119cb63bbacfbd (patch) | |
| tree | a381646403b89d70866e31cc57641cdd14553f77 /docs/lib | |
| parent | e53460bc94667aaf29ff0221ba3e44d61b87fd2d (diff) | |
| download | passlib-ec62db38788b1dc0c8f78060f6119cb63bbacfbd.tar.gz | |
passlib.hash.bcrypt: added notes re: final salt character
Diffstat (limited to 'docs/lib')
| -rw-r--r-- | docs/lib/passlib.hash.bcrypt.rst | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/docs/lib/passlib.hash.bcrypt.rst b/docs/lib/passlib.hash.bcrypt.rst index a8c4625..0d7319c 100644 --- a/docs/lib/passlib.hash.bcrypt.rst +++ b/docs/lib/passlib.hash.bcrypt.rst @@ -104,6 +104,8 @@ Bcrypt hashes have the format :samp:`$2a${rounds}${salt}{checksum}`, where: * :samp:`{rounds}` is a cost parameter, encoded as 2 zero-padded decimal digits, which determines the number of iterations used via :samp:`{iterations}=2**{rounds}` (rounds is 12 in the example). * :samp:`{salt}` is a 22 character salt string, using the characters in the regexp range ``[./A-Za-z0-9]`` (``GhvMmNVjRW29ulnudl.Lbu`` in the example). + Note that due to padding bits within the encoding, the last character should always be one of ``[.Oeu]``: + under some bcrypt implementations, other final characters may result in false negatives when verifying. * :samp:`{checksum}` is a 31 character checksum, using the same characters as the salt (``AnUtN/LRfe1JsBm1Xu6LE3059z5Tr8m`` in the example). While BCrypt's basic algorithm is described in its design document [#f1]_, |