mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-03 15:06:09 +00:00
Code Issues 30 Releases Wiki Activity

Increased the default PBKDF2 iterations for Django 5.1.

Browse Source
This commit is contained in:
Mariusz Felisiak 2023-09-15 10:54:10 +02:00
parent caf87b4d42
commit 0e560edf32
3 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django/contrib/auth/hashers.py
View File

@ -312,7 +312,7 @@ class PBKDF2PasswordHasher(BasePasswordHasher):
""" """
algorithm = "pbkdf2_sha256" algorithm = "pbkdf2_sha256"
iterations = 720000 iterations = 870000
digest = hashlib.sha256 digest = hashlib.sha256
def encode(self, password, salt, iterations=None): def encode(self, password, salt, iterations=None):

3
docs/releases/5.1.txt
View File

@ -42,7 +42,8 @@ Minor features
:mod:`django.contrib.auth` :mod:`django.contrib.auth`
~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
* ... * The default iteration count for the PBKDF2 password hasher is increased from
720,000 to 870,000.
:mod:`django.contrib.contenttypes` :mod:`django.contrib.contenttypes`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8
tests/auth_tests/test_hashers.py
View File

@ -83,7 +83,7 @@ class TestUtilsHashPass(SimpleTestCase):
encoded = make_password("lètmein", "seasalt", "pbkdf2_sha256") encoded = make_password("lètmein", "seasalt", "pbkdf2_sha256")
self.assertEqual( self.assertEqual(
encoded, encoded,
"pbkdf2_sha256$720000$seasalt$eDupbcisD1UuIiou3hMuMu8oe/XwnpDw45r6AA5iv0E=", "pbkdf2_sha256$870000$seasalt$wJSpLMQRQz0Dhj/pFpbyjMj71B2gUYp6HJS5AU+32Ac=",
) )
self.assertTrue(is_password_usable(encoded)) self.assertTrue(is_password_usable(encoded))
self.assertTrue(check_password("lètmein", encoded)) self.assertTrue(check_password("lètmein", encoded))
@ -275,8 +275,8 @@ class TestUtilsHashPass(SimpleTestCase):
encoded = hasher.encode("lètmein", "seasalt2") encoded = hasher.encode("lètmein", "seasalt2")
self.assertEqual( self.assertEqual(
encoded, encoded,
"pbkdf2_sha256$720000$" "pbkdf2_sha256$870000$"
"seasalt2$e8hbsPnTo9qWhT3xYfKWoRth0h0J3360yb/tipPhPtY=", "seasalt2$nxgnNHRsZWSmi4hRSKq2MRigfaRmjDhH1NH4g2sQRbU=",
) )
self.assertTrue(hasher.verify("lètmein", encoded)) self.assertTrue(hasher.verify("lètmein", encoded))
@ -284,7 +284,7 @@ class TestUtilsHashPass(SimpleTestCase):
hasher = PBKDF2SHA1PasswordHasher() hasher = PBKDF2SHA1PasswordHasher()
encoded = hasher.encode("lètmein", "seasalt2") encoded = hasher.encode("lètmein", "seasalt2")
self.assertEqual( self.assertEqual(
encoded, "pbkdf2_sha1$720000$seasalt2$2DDbzziqCtfldrRSNAaF8oA9OMw=" encoded, "pbkdf2_sha1$870000$seasalt2$iFPKnrkYfxxyxaeIqxq+c3nJ/j4="
) )
self.assertTrue(hasher.verify("lètmein", encoded)) self.assertTrue(hasher.verify("lètmein", encoded))