|
|
|
|
|
|
by masklinn
4659 days ago
|
|
|
Nope. MAXIMUM_PASSWORD_LENGTH is used both as the limit of CharField and as the limit of KDFs. CharField is unicode[0] and thus work on code units (codepoints in Python 3.3, depends whether the build is narrow or wide in previous versions) but KDFs work on bytes. You can see that clearly in the test suite, where the input of KDFs are byte objects: self.assertRaises(
ValueError,
make_password,
b"1" * (MAXIMUM_PASSWORD_LENGTH + 1),
"seasalt",
"md5",
)
because the number of code units is at most the number of input bytes (with fixed-width 8-bit encodings), KDFs will be the limiting factor and the limit is thus 4096 bytes.[0] https://docs.djangoproject.com/en/dev/ref/unicode/#models > model fields that are character based (CharField, TextField, URLField, etc) will contain Unicode |
|
|