summaryrefslogtreecommitdiff
path: root/admin/benchmarks.py
Commit message (Collapse)AuthorAgeFilesLines
* deprecating the 'vary_rounds' option -- *very* little security benefit,Eli Collins2016-06-101-1/+0
| | | | | | | and not worth the amount of code it requires to support it. * stripped out vary_rounds from all internal presets * added deprecation warning if it's ever used
* passlib.tests.test_totp: use proper timing tool for runtime measurement,Eli Collins2016-06-101-18/+2
| | | | prevents some spurious test failures when under erratic system load
* .encrypt() method renamed to .hash(), other api cleanupsEli Collins2016-06-101-7/+7
| | | | | | | | | | | | | | | | .encrypt() ---------- hash.encrypt() & context.encrypt() have been renamed to .hash(). this should take care of the long-standing issue 21 (the poor naming of .encrypt). per docs, legacy aliases will remain in place until passlib 2.0. .genhash() / .genconfig() ------------------------- taking advantage of this reorganization to also deprecate .genconfig() and .genhash() -- they're not really useful in a modern system, nor as needed for historical support as initially thought: .genconfig() will be retired completely in passlib 2.0; .genhash() is rolled into the new .hash() method along with .encrypt().
* passlib.pwd: big cleanup pass, removing code that won't be ready for releaseEli Collins2016-02-111-5/+5
| | | | | | | | | | | | | | | | | | | | | | | * split generate() into genword() & genphrase() -- APIs are just too different to keep combined. * renamed internal calc funcs to better reflect their purpose. * commented out PhraseGenerator's min_chars code, can't confirm it's doing correct thing. * commented out password strength estimator, too half-baked. * tried to simplify SequenceGenerator attributes. * genword(): defined some base charsets to work with * genphrase(): wordsets now stored uncompressed (not really that big, and .whl will compress everything for transport). * fleshed out UTs for genword() & genphrase() * updated docs
* relocated many of the crypto routes inside passlib.utils,Eli Collins2016-02-101-4/+4
| | | | | | | | | | | | | | | | | | | and moved them to a separate passlib.crypto subpackage. along with this move, made a few api cleanups: * unified all code that's looking up hashes to use new passlib.crypto.lookup_hash() wrapper, which takes care of hash name normalization, loading fallback implementations, and alg metadata inspection, all hidden behind a memoized function. * deprecated pbkdf2() in favor of pbkdf2_hmac() -- only real use, and new signature matches stdlib function. additionally, this version is a bit faster, due to some assumptions that can be made due to the PRF always being HMAC based. * added compile_hmac() helper which does an even more efficient job of pre-compiling a keyed HMAC function; this helped speed up pbkdf2 a bit more.
* Merge from stableEli Collins2013-12-271-0/+26
|\
| * added bcrypt helpers to benchmark scriptEli Collins2013-12-221-0/+26
| |
* | Merge password generation helpers into default (not completed, but will be ↵Eli Collins2013-05-061-11/+19
|\ \ | | | | | | | | | before 1.7 release)
| * | pbkdf cleanupsEli Collins2013-04-101-0/+10
| | | | | | | | | | | | | | | * updated sha1_crypt to use get_keyed_prf(), should be ~10% faster * documented get_hash_info() and get_keyed_prf()
| * | removed some unused importsEli Collins2013-04-091-3/+1
| | |
| * | style cleanupsEli Collins2013-04-091-8/+8
| | |
* | | consolidated entropy helper functionsEli Collins2013-05-061-0/+14
|/ /
* | Merge from stableEli Collins2013-01-231-11/+7
|\ \ | |/
| * various documentation updatesEli Collins2012-09-201-17/+20
| |
* | pbkdf2() sped up ~20% by precomputing intermediate hmac hashesEli Collins2013-01-231-7/+14
|/ | | | | | | * also added get_hash_info(), get_keyed_prf() helpers (which still need their own docs & unittests) * a few more tweaks to simplify code paths in pbkdf2.py
* _CryptConfig now pre-calculates default scheme for each category, checks ↵Eli Collins2012-07-091-1/+3
| | | | | | | against deprecated list (closes issue 39) * also added some unittests to catch 3 cases covered in issue 39, and some others as well.
* assorted bugfixes & additional test coverageEli Collins2012-04-301-1/+1
|
* assorted small details that weren't covered in the last few mergesEli Collins2012-04-271-2/+13
|
* sped up pbkdf2 implementation by 60% or so - upped the rounds for all pbkdf2 ↵Eli Collins2012-04-191-1/+14
| | | | hashes
* CryptPolicy deprecation, part 5 - updated docs, changelog, benchmark scriptEli Collins2012-04-171-83/+174
|
* clarify behavior for secret=None and hash=NoneEli Collins2012-04-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | * passing a non-string secret or non-string hash to any CryptContext or handler method will now reliably result in a TypeError. previously, passing hash=None to many handler identify() and verify() methods would return False, while others would raise a TypeError. other handler methods would alternately throw ValueError or TypeError when passed a value that wasn't unicode or bytes. the various CryptContext methods also behaved inconsistently, depending on the behavior of the underlying handler. all of these behaviors are gone, they should all raise the same TypeError. * redid many of the from_string() methods to verify the hash type. * moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods. this cheaply made the secret validation global to all hashes, and lets _calc_digest() implementations trust that the secret is valid. * updated the CryptContext and handler unittests to verify the above behavior is adhered to.
* parse_mc3/render_mc3 helpers now handle rounds str<->int, consolidated a ↵Eli Collins2012-04-101-1/+1
| | | | bunch of redundant code
* passlib.exc: added constructors for common errors, should normalize error ↵Eli Collins2012-04-101-1/+1
| | | | messages
* removed default policy file & objectEli Collins2012-04-091-7/+7
| | | | | | | was using default policy to store recommended defaults for hashes, but it only affects CryptContext objects, and users seem to frequent using the handler objects directly - so going to store recommended defaults in the handler from now on.
* added hack to clear warnings registry so assertWarningList() tests will pass ↵Eli Collins2012-03-111-2/+0
| | | | reliably
* renamed calc_checksum() -> _calc_checksum(), hiding the last of the private ↵Eli Collins2012-02-081-1/+1
| | | | methods of most handlers
* renamed passlib.exc warning classesEli Collins2012-02-081-4/+4
|
* large refactor of GenericHandler internalsEli Collins2012-02-081-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | strict keyword -------------- * GenericHandler's "strict" keyword had poorly defined semantics; replaced this with "use_defaults" and "relaxed" keywords. Most handlers' from_string() method specified strict=True. This is now the default behavior, use_defaults=True is enabled only for encrypt() and genconfig(). relaxed=True is enabled only for specific handlers (and unittests) whose code requires it. This *does* break backward compat with passlib 1.5 handlers, but this is mostly and internal class. * missing required settings now throws a TypeError instead of a ValueError, to be more in line with std python behavior. * The norm_xxx functions provided by the GenericHandler mixins (e.g. norm_salt) have been renamed to _norm_xxx() to reflect their private nature; and converted from class methods to instance methods, to simplify their call signature for subclassing. misc ---- * rewrote GenericHandler unittests to use constructor only, instead of poking into norm_salt/norm_rounds internals. * checksum/salt charset checks speed up using set comparison * some small cleanups to FHSP implementation
* split exceptions/warnings to separate module; added some additional warning ↵Eli Collins2012-01-181-4/+4
| | | | classes to make filtering easier
* import cleanupsEli Collins2012-01-181-1/+1
| | | | | | | | | | | | | | | * moved bytes compat functions from utils to utils.compat (bord, bjoin, bjoin_ints, bjoin_elems, ujoin) * renamed bord -> belem_ord for clarify * a bunch of to_native_str() always use ascii, and have fixed input types (always bytes or always unicode). these don't need overhead of to_native_str(), so replaced those calls with two new funcs: compat.bascii_to_str() / compat.uascii_to_str() * cleaned up a lot of imports from utils/utils.compat to pull from correct module * simplified the to_string() logic of a bunch of handlers to reduce unicode<->byte transitions
* misc fixes for py3 compatEli Collins2011-12-281-9/+19
|
* CryptPolicy rewrite part 2Eli Collins2011-12-271-0/+158
* refactoring policy kwd parsing & separation with crypt context * internal record objects now part of context instead of policy. * min_verify_time now handled by record objects, now optimized away entirely if not used. * new interface to policy is currently private, will probably delay deprecated / revising public interface until next release. * creating policy & context objects is now 30% faster. * shortened code path when calling context objects now 14% faster.
View Lorry Controller Status