mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-03 15:06:09 +00:00
Code Issues 30 Releases Wiki Activity

Increased the default PBKDF2 iterations for Django 4.2.

Browse Source
This commit is contained in:
Carlton Gibson 2022-05-10 15:26:17 +02:00 committed by Carlton Gibson
parent cdb2f7f36c
commit 3c6f1fd1f8
3 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django/contrib/auth/hashers.py
View File

@ -296,7 +296,7 @@ class PBKDF2PasswordHasher(BasePasswordHasher):
""" """
algorithm = "pbkdf2_sha256" algorithm = "pbkdf2_sha256"
iterations = 390000 iterations = 480000
digest = hashlib.sha256 digest = hashlib.sha256
def encode(self, password, salt, iterations=None): def encode(self, password, salt, iterations=None):

3
docs/releases/4.2.txt
View File

@ -42,7 +42,8 @@ Minor features
:mod:`django.contrib.auth` :mod:`django.contrib.auth`
~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
* ... * The default iteration count for the PBKDF2 password hasher is increased from
390,000 to 480,000.
:mod:`django.contrib.contenttypes` :mod:`django.contrib.contenttypes`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8
tests/auth_tests/test_hashers.py
View File

@ -77,7 +77,7 @@ class TestUtilsHashPass(SimpleTestCase):
encoded = make_password("lètmein", "seasalt", "pbkdf2_sha256") encoded = make_password("lètmein", "seasalt", "pbkdf2_sha256")
self.assertEqual( self.assertEqual(
encoded, encoded,
"pbkdf2_sha256$390000$seasalt$8xBlGd3jVgvJ+92hWPxi5ww0uuAuAnKgC45eudxro7c=", "pbkdf2_sha256$480000$seasalt$G4ja8YRtfnNyEx4Ii2pbFMp/l8s4nnbMdJ+Fob/qNK8=",
) )
self.assertTrue(is_password_usable(encoded)) self.assertTrue(is_password_usable(encoded))
self.assertTrue(check_password("lètmein", encoded)) self.assertTrue(check_password("lètmein", encoded))
@ -404,8 +404,8 @@ class TestUtilsHashPass(SimpleTestCase):
encoded = hasher.encode("lètmein", "seasalt2") encoded = hasher.encode("lètmein", "seasalt2")
self.assertEqual( self.assertEqual(
encoded, encoded,
"pbkdf2_sha256$390000$seasalt2$geC/uZ92nRXDSjSxeoiBqYyRcrLzMm8xK3r" "pbkdf2_sha256$480000$seasalt2$WlORJKPl5w3Lubr7rYLOwSQCEOm4Or/NCA"
"o1QS1uo8=", "aECnB1PE0=",
) )
self.assertTrue(hasher.verify("lètmein", encoded)) self.assertTrue(hasher.verify("lètmein", encoded))
@ -413,7 +413,7 @@ class TestUtilsHashPass(SimpleTestCase):
hasher = PBKDF2SHA1PasswordHasher() hasher = PBKDF2SHA1PasswordHasher()
encoded = hasher.encode("lètmein", "seasalt2") encoded = hasher.encode("lètmein", "seasalt2")
self.assertEqual( self.assertEqual(
encoded, "pbkdf2_sha1$390000$seasalt2$aDapRanzW8aHTz97v2TcfHzWD+I=" encoded, "pbkdf2_sha1$480000$seasalt2$qyT+EkK5g82hk2r+fRecFeoe28E="
) )
self.assertTrue(hasher.verify("lètmein", encoded)) self.assertTrue(hasher.verify("lètmein", encoded))