{"id":17115227,"url":"https://github.com/sundarnagarajan/pymultikdf","last_synced_at":"2025-08-23T10:33:56.126Z","repository":{"id":57443952,"uuid":"54430690","full_name":"sundarnagarajan/pymultikdf","owner":"sundarnagarajan","description":"Python wrappers for bcrypt, PBKDF2 (fastpbkdf2) scrypt (Tarsnap)","archived":false,"fork":false,"pushed_at":"2016-09-12T23:04:37.000Z","size":171,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-08-10T06:22:45.381Z","etag":null,"topics":["bcrypt","cryptography","fastpbkdf2","pbkdf2","python-wrapper","scrypt","wrapper"],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sundarnagarajan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-GPLv3.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-03-21T23:38:18.000Z","updated_at":"2017-05-21T03:06:58.000Z","dependencies_parsed_at":"2022-09-14T01:02:21.759Z","dependency_job_id":null,"html_url":"https://github.com/sundarnagarajan/pymultikdf","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/sundarnagarajan/pymultikdf","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sundarnagarajan%2Fpymultikdf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sundarnagarajan%2Fpymultikdf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sundarnagarajan%2Fpymultikdf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sundarnagarajan%2Fpymultikdf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sundarnagarajan","download_url":"https://codeload.github.com/sundarnagarajan/pymultikdf/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sundarnagarajan%2Fpymultikdf/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271746657,"owners_count":24813575,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-23T02:00:09.327Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bcrypt","cryptography","fastpbkdf2","pbkdf2","python-wrapper","scrypt","wrapper"],"created_at":"2024-10-14T17:22:21.064Z","updated_at":"2025-08-23T10:33:56.106Z","avatar_url":"https://github.com/sundarnagarajan.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# pymultikdf\nThis python module provides wrappers for C functions implementing the\nfollowing Key Derivation Functions (KDF)s:\n  - PBKDF2\n  - bcrypt\n  - scrypt\n\n## What is a Key Derivation Function?\nFrom wikipedia (https://en.wikipedia.org/wiki/Key_derivation_function):\n\nIn cryptography, a key derivation function (or KDF) derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudo-random function.[1][2] KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudo-random functions used for key derivation.\n\n### What is PBKDF2?\nPBKDF2 (Password-Based Key Derivation Function 2) is a key derivation function that is part of RSA Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. It replaces an earlier standard, PBKDF1, which could only produce derived keys up to 160 bits long.\n\nSee: https://en.wikipedia.org/wiki/PBKDF2\n\n### What is bcrypt?\nbcrypt is a key derivation function for passwords designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999.[1] Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power.\n\nThe bcrypt function is the default password hash algorithm for BSD and other systems including some Linux distributions such as SUSE Linux.[2] The prefix \"$2a$\" or \"$2b$\" (or \"$2y$\") in a hash string in a shadow password file indicates that hash string is a bcrypt hash in modular crypt format.[3] The rest of the hash string includes the cost parameter, a 128-bit salt (base-64 encoded as 22 characters), and 184 bits of the resulting hash value (base-64 encoded as 31 characters).[4] The cost parameter specifies a key expansion iteration count as a power of two, which is an input to the crypt algorithm.\n\nSee: https://en.wikipedia.org/wiki/Bcrypt\n\n### What is scrypt?\nIn cryptography, scrypt is a password-based key derivation function created by Colin Percival, originally for the Tarsnap online backup service.[1] The algorithm was specifically designed to make it costly to perform large-scale custom hardware attacks by requiring large amounts of memory. In 2012, the scrypt algorithm was published by IETF as an Internet Draft, intended to become an informational RFC.[2]\n\nSee: https://en.wikipedia.org/wiki/Scrypt\n\n# Relationship to existing packages\nExisting python packages for PBKDF2, bcrypt, scrypt\n  - pip install fastpbkdf2\n  - pip install bcrypt\n  - pip install scrypt\n\n## Why a new module?\nSometimes one wants to try or use MULTIPLE different Key Derivation Functions.  In such cases, instead of installing MULTIPLE SEPARATE python, packages, just this single module can be installed and used.\n\nThis may also be a convenience when porting your code to run under 'Python For Android (https://github.com/kivy/python-for-android)\n\n## Are there any differences?\nExactly and ONLY the following C functions have been wrapped\n\nFrom fastpbkdf2:\n\n    fastpbkdf2_hmac_sha1\n    fastpbkdf2_hmac_sha256\n    fastpbkdf2_hmac_sha512\n\nFrom bcrypt:\n\n    bcrypt_kdf\n\nFrom scrypt:\n\n    crypto_scrypt\n\nThe following methods should be exactly equivalent to the corresponding methods in the existing python wrappers:\n\n        ---------------------------------------------------------------\n        Module.method                       Identical to\n        ---------------------------------------------------------------\n        multikdf.fastpbkdf2.pbkdf2_hmac     fastpbkdf2.pbkdf2_hmac\n        multikdf.bcrypt.kdf                 bcrypt.kdf\n        multikdf.scrypt.hash                scrypt.hash\n        ---------------------------------------------------------------\n\n# Test code\n  See multikdf.test (test.py under the multikdf module directory)\n\n~~~~ {.sourceCode .python}\n    import os\n    from .fastpbkdf2 import pbkdf2, algorithm as hash_algorithms\n    from .bcrypt import bcrypt_kdf\n    from .scrypt import scrypt_kdf\n\n    min_passwd_len = 8\n    max_passwd_len = 10\n\n    min_pbkdf_rounds = 1000\n    max_pbkdf_rounds = 5000\n    step_pbkdf_rounds = 200\n\n    min_bcrypt_rounds = 2\n    max_bcrypt_rounds = 8\n\n    min_scrypt_r = 7\n    max_scrypt_r = 8\n    min_scrypt_p = 1\n    max_scrypt_p = 2\n    min_scrypt_n = 13\n    max_scrypt_n = 14\n\n    def test_pbkdf2(s):\n        for l in range(min_passwd_len, max_passwd_len + 1):\n            i = os.urandom(l)\n            for r in range(min_pbkdf_rounds,\n                           max_pbkdf_rounds + 1,\n                           step_pbkdf_rounds):\n                for h in hash_algorithms.keys():\n                    print('Testing pbkdf2: l=%d, r=%d, h=%s' % (l, r, h))\n                    pbkdf2(i, s, r=r, kl=kl, h=h)\n\n    def test_bcrypt(s):\n        for l in range(min_passwd_len, max_passwd_len + 1):\n            i = os.urandom(l)\n            for r in range(min_bcrypt_rounds, max_bcrypt_rounds + 1):\n                print('Testing bcrypt: l=%d, r=%d' % (l, r))\n                bcrypt_kdf(i, s, r=r, kl=kl)\n\n    def test_scrypt(s):\n        for l in range(min_passwd_len, max_passwd_len + 1):\n            i = os.urandom(l)\n            for r in range(min_scrypt_r, max_scrypt_r + 1):\n                for p in range(min_scrypt_p, max_scrypt_p + 1):\n                    for n in range(min_scrypt_n, max_scrypt_n + 1):\n                        print('Testing scrypt: l=%d, r=%d, p=%d, n=%d' % (\n                            l, r, p, n))\n                        scrypt_kdf(i, s, r=r, p=p, n=n, kl=kl)\n\n    s = os.urandom(64)\n    kl = 64\n\n    test_pbkdf2(s)\n    test_bcrypt(s)\n    test_scrypt(s)\n~~~~\n\n\n# INSTALLING:\n  From github directly using pip:\n\n    pip install 'git+https://github.com/sundarnagarajan/pymultikdf.git'\n\n  From github after downloading / cloning:\n\n    python setup.py install\n\n  From pypi:\n\n    pip install multikdf\n\n# LICENSE\nThe files under multikdf/c/fastpbkdf2 are from ctz and are copied unchanged from https://github.com/ctz/fastpbkdf2.git These files under the terms of the CC0 1.0 Universal License - see the file named LICENSE under multikdf/c/fastpbkdf2\n\nThe files under multikdf/c/py-bcrypt are from py-bcrypt (automatically exported from code.google.com/p/py-bcrypt) and imported unchanged.  These files under the terms of the ISC/BSD licence. See the file named LICENSE under multikdf/c/py-bcrypt\n\nThe files under multikdf/c/scrypt are from Tarsnap and are copied unchanged from https://github.com/Tarsnap/scrypt.git The files under multikdf/c/scrypt/lib are licensed under the terms of the 2-clause BSD license. See the file named README.md under the directory multikdf/c/scrypt/lib.\n\nThe files under multikdf/c/scrypt/libcperciva are licensed under the terms of the license specified in the file multikdf/c/scrypt/libcperciva/COPYRIGHT.  \n\nAll remaining files in this package are licensed under the GNU General Public License version 3 or (at your option) any later version.  See the file LICENSE-GPLv3.txt for details of the GNU General Public License version 3.\n\n\n\n# Documentation (pydoc)\n\n## Package multikdf\n### PACKAGE CONTENTS\n    bcrypt\n    fastpbkdf2\n    libmultikdf\n    scrypt\n    test\n\n### FUNCTIONS\n    getbuf(l)\n\n## multikdf.fastpbkdf2\n\n### FUNCTIONS\n    pbkdf2(i, s, r=1000, kl=64, h='SHA512')\n        i--\u003ebytes: input data (password etc)\n        s--\u003ebytes: salt\n        r--\u003eint: rounds\n        kl--\u003eint: desired key length in bytes\n        h--\u003estr: hash function (name)\n        \n        Returns--\u003ebytes:\n    \n    pbkdf2_hmac(h, i, s, r, kl=None)\n        Should be identical to original fastpbkdf2.pbkdf2_hmac\n        h--\u003estr: hash function (name)\n        i--\u003ebytes: input data (password etc)\n        s--\u003ebytes: salt\n        r--\u003eint: rounds\n        kl--\u003eint: desired key length in bytes\n        \n        Returns--\u003ebytes:\n\n### DATA\n    algorithm = {'sha1': None, 'sha256': None, 'sha512': None}\n\n\n## multikdf.bcrypt\n\n### FUNCTIONS\n    bcrypt_kdf(i, s, r=10, kl=64)\n        i--\u003ebytes: input data (password etc)\n        s--\u003ebytes: salt (os.urandom)\n        r--\u003eint: rounds\n        kl--\u003eint: desired key length in bytes\n        Returns--\u003ebytes:\n        \n        (rounds * PerSec) = Machine-specific constant\n    \n    kdf(password, salt, desired_key_bytes, rounds)\n        Should be identical to original bcrypt.kdf\n        password--\u003ebytes: input data (password etc)\n        salt--\u003ebytes: salt\n        desired_key_bytes--\u003eint: desired key length in bytes\n        rounds--\u003eint: rounds\n        \n        Returns--\u003ebytes:\n\n## multikdf.scrypt\n\n### FUNCTIONS\n    hash(i, s, N=16384, r=8, p=1, buflen=64)\n        Should be identical to scrypt.hash\n        i--\u003ebytes: input data (password etc)\n        s--\u003ebytes: salt\n        N--\u003eint: General work factor. Should be a power of 2\n                 if N \u003c 2, it is set to 2. Defaults to 16384\n        r--\u003eint: Memory cost - defaults to 8\n        p--\u003eint: Compuation (parallelization) cost - defaults to 1\n        buflen--\u003eint: Desired key length in bytes\n        Returns--\u003ebytes:\n    \n    scrypt_kdf(i, s, r=8, p=1, n=14, kl=64)\n        i--\u003ebytes: input data (password etc)\n        s--\u003ebytes: salt (os.urandom)\n        r--\u003eint: Memory cost - defaults to 8\n        p--\u003eint: Compuation (parallelization) cost - defaults to 1\n        n--\u003eint: General work factor. passed to scrypt as 2^n\n                 if n \u003c 1, it is set to 1. Defaults to 14 (scrypt n=16384)\n        Returns--\u003ebytes:\n        \n        (r * p) should be \u003c 2^30\n        see pydoc scrypt.hash\n        \n        (2^n) * r * p * PerSec = Machine-specific constant\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsundarnagarajan%2Fpymultikdf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsundarnagarajan%2Fpymultikdf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsundarnagarajan%2Fpymultikdf/lists"}