search

holgern / py-scrypt

This is a set of Python bindings for the scrypt key derivation function.
Other
26 stars 7 forks source link

documentation example about password hashing does not work #18

Open zx80 opened 1 month ago

zx80 commented 1 month ago

The example about password hashing based on using the password as a key to encode a random string does not work at all:

import os
import scrypt  # 0.8.24
data = scrypt.encrypt(os.urandom(64), "secret", maxtime=0.1)
scrypt.decrypt(data, "secret", maxtime=0.1)

results in

UnicodeDecodeError: 'utf-8' codec can't decode byte 0xef in position 1: invalid continuation byte

The library seems to assume that the encoded stuff is unicode, which is very unlikely when considering random bytes.

Note that sometime it also fails on maxtime.

Consider adding to tests the examples shown in the documentation?

starryknight64 commented 2 weeks ago

Just had this same issue. If you set encoding=None in the call to decrypt then it works fine (although perhaps not always the most ideal!).

import os
import scrypt  # 0.8.24
data = scrypt.encrypt(os.urandom(64), "secret", maxtime=0.1)
scrypt.decrypt(data, "secret", maxtime=0.1, encoding=None) # throws no error

Regardless, the example should be updated to work properly!