Christian Heimes added the comment: Benjamin, what's your take on Alex's suggestion?
<Crys> gutworth: Alex_Gaynor has asked me if hashlib.scrypt() can go into 2.7, too. It's a password-based KDF like hashlib.pbkdf2() but more secure than PBKDF2. It requires OpenSSL 1.1.0. <Alex_Gaynor> gutworth: I think it'd be good if this were approved, for the same reasons as PEP466 <Crys> contrary to PKBDF2 it doesn't make sense to have a pure-Python implementation. scrypt uses ChaCha20 cipher. I don't want to add a cipher to CPython core (possible legal issue) and it's not available in OpenSSL < 1.1.0. ---------- nosy: +benjamin.peterson versions: +Python 2.7 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27928> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
