[Python-Dev] Deprecate crypt module and revert PR 3854
Christian Heimes
christian at python.org
Sat Feb 3 07:07:17 EST 2018
On 2018-02-02 17:18, Guido van Rossum wrote:
> I'm all for nudging people in the direction of xcrypt. I assume we can't
> just switch the C-level crypt with xcrypt and leave the Python API
> unchanged?
>
> However until a usable solution exist (either in the stdlib or as 3rd
> party) I don't think we should deprecate anything (deprecating things
> before the replacement is ready is stressful for everyone involved).
>
> I'm also not sure I agree with removing support for old hashes. By all
> means put in the docs that they are unsafe. But if someone has a
> database full of old hashes it would be nice to be able to at least
> read/verify it, right?
>
> Was a release already made with blowfish, extended DES and NT-Hash? (And
> what's so bad with blowfish? It's mentioned in the heading of the xcrypt
> project too.)
I answered some of your questions in other replies and will answer the
remaining concerns on Monday.
You suggested a 3rd party module. I have cloned the crypt module with
Serhiy's improvements and turned it into a standalone module with a
ctypes interface, https://github.com/tiran/legacycrypt . I'll release
the package as soon as I find time to polish the documentation and give
Serhiy his will deserved credit for his work.
Christian
More information about the Python-Dev
mailing list