|
|
|
|
|
|
by masklinn
492 days ago
|
|
|
Note that the "safe" version makes very bespoke choices: it prehashes only overlong password, and does so with hmac-sha512 (which it b64-encodes). So it would very much be incompatible with other bcrypt implementations when outside of the "correct space". These choices are documented in the function's docstring, but not obvious, nor do they seem encoded in a custom version. |
|
|
So something like crypto.danger.bcrypt and crypto.bcryptWithTruncation