path: root/README

py-bcrypt is an implementation the OpenBSD Blowfish password hashing
algorithm, as described in "A Future-Adaptable Password Scheme" by Niels
Provos and David Mazieres: http://www.openbsd.org/papers/bcrypt-paper.ps

This system hashes passwords using a version of Bruce Schneier's
Blowfish block cipher with modifications designed to raise the cost of
off-line password cracking. The computation cost of the algorithm is
parametised, so it can be increased as computers get faster.

py-bcrypt requires Python 2.4. Older versions may work, but the
bcrypt.gensalt() method won't - it requires the cryptographic random
number generator os.urandom() introduced in 2.4.

To install, use the standard Python distutils incantation:

	python setup.py build
	python setup.py install

Regression tests are in the test/test.py file. This is deliberately in
a subdirectory so it does not mistakenly pick up the top-level bcrypt/
directory. ***PLEASE*** run the regress tests and ensure they pass before
installing this module.

py-bcrypt is licensed under a ISC/BSD licence. The underlying Blowfish
and password hashing code is taken from OpenBSD's libc. See the LICENSE
file for details.

Please report bugs to Damien Miller <djm@mindrot.org>. Please check the
TODO file first, in case your problem is something I already know about
(please send patches!)

A simple example that demonstrates most of the features:

	import bcrypt

	# Hash a password for the first time
	hashed = bcrypt.hashpw(password, bcrypt.gensalt())

	# gensalt's log_rounds parameter determines the complexity
	# the work factor is 2**log_rounds, and the default is 12
	hashed = bcrypt.hashpw(password, bcrypt.gensalt(10))

	# Check that an unencrypted password matches one that has
	# previously been hashed.
	if bcrypt.checkpw(plaintext, hashed):
		print "It matches"
	else:
		print "It does not match"

	# Generate a 256-bit cryptographic key
	key = bcrypt.kdf(password, salt, 100, 256/8)

$Id$