flask-scrypt icon indicating copy to clipboard operation
flask-scrypt copied to clipboard
verified publisher icon cryptojuice

generate_password_hash documentation (or implementation?) tiny bug

Open andreymal opened this issue 9 years ago • 0 comments

Args: salt : Random base64 encoded string.

But actually it is not base64 and can be any bytes. It can be checked with example from https://github.com/wg/scrypt README:

$s0$e0801$epIxT/h6HbbwHaehFnh/bw==$7H0vsXlY8UxxyW/BWx/9GuY7jEvGjT71GFd6O4SZND0= passwd = "secret"

>>> generate_password_hash('secret', 'epIxT/h6HbbwHaehFnh/bw==', buflen=32)
b'bOtJk8AGtmOih+BeAFSpHowvaBXoO7m8+ppmsph4EqQ='  # WRONG
>>> generate_password_hash('secret', b64decode('epIxT/h6HbbwHaehFnh/bw=='), buflen=32)
b'7H0vsXlY8UxxyW/BWx/9GuY7jEvGjT71GFd6O4SZND0='  # CORRECT

andreymal avatar Jan 10 '16 19:01 andreymal