[Python-Dev] Right place for PBKDF2 wrapper
Antoine Pitrou
solipsis at pitrou.net
Sat Oct 12 19:37:54 CEST 2013
On Sat, 12 Oct 2013 19:19:44 +0200
Christian Heimes <christian at python.org> wrote:
> Hi,
>
> I have written a interface to OpenSSL's PKCS5_PBKDF2_HMAC() function. It
> implements PKCS#5's password based key derivation function 2 with HMAC
> as pseudo-random function. It supports any digest that is supported by
> OpenSSL, e.g. SHA-1, SHA-256 and SHA-512. It's a low level inteface that
> takes the digest as unicode name, password and salt as bytes/buffer,
> keylen and rounds as int.
>
> I'd like to add the feature to Python 3.4. Now I'm looking for a good
> place to put it and some high level functions. In the future I like to
> add scrypt and bcrypt key stretching and key derivation functions, too.
> What's a good place for them??
>
> * add a new ``kdf`` module (key derivation function)
> * add PBKDF2 to ``hashlib``
> * make ``hashlib`` a package and add PBKDF2 to a new ``hashlib.kdf`` module
> * make ``hashlib`` a package and add PBKDF2 to a new ``hashlib.pbkdf2``
> module
> * make ``crypt`` work under Windows and add PKBDF2 to it
Putting it in "hashlib" sounds fine. There's no reason to create a
myriad of small separate modules.
Regards
Antoine.
More information about the Python-Dev
mailing list