New submission from Gle <g...@lambda.casa>:
I can use scrypt KDF with the cryptography module https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt with large parameters (n=2**20, r=16, p=1) On the other hand, using scrypt KDF from hashlib with the same parameters yields "Invalid combination of n, r, p, maxmem" (I use maxmem=0). Shouldn't they behave the same ? As they both seem to be wrappers around OpenSSL ? I've also included a set of functioning parameters as hashlib's scrypt works fine on small parameter values. Notice that the output from hashlib's scrypt is different than the output from the cryptography module. Shouldn't they be the same ? (I'm no cryptography expert) I would really like to be able to use scrypt for hardened password hashing using only python standard library's hashlib. Maybe I'm missing something ? Python is great ! Thanks for all the good work ! ---------- components: Library (Lib) files: compare.py messages: 364334 nosy: Gle, christian.heimes, gregory.p.smith priority: normal severity: normal status: open title: Cannot tune scrypt with large enough parameters type: crash versions: Python 3.8 Added file: https://bugs.python.org/file48977/compare.py _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue39979> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
