#36744 closed Cleanup/optimization (fixed)
Improve/correct scrypt password hasher documentation
| Reported by: | Dmitry Chestnykh | Owned by: | Dmitry Chestnykh |
|---|---|---|---|
| Component: | Documentation | Version: | dev |
| Severity: | Normal | Keywords: | |
| Cc: | Dmitry Chestnykh | Triage Stage: | Ready for checkin |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
The current documentation for scrypt password hasher lacks some constraints and definitions:
- work_factor: described incompletely, missing the requirement that this value must be a power of 2
- block_size: has no description
- parallelism: needs to be defined, perhaps, as "independent computations" rather than "threads", because the current OpenSSL implementation is not multithreaded.
If OpenSSL becomes multithreaded, the "Estimating memory usage" note also needs to be adjusted to account for parallelism.
I think it would also be helpful to mention that these parameters are N, r, p, as these are standard terminology for those familiar with scrypt.
I'll send a pull request shortly.
Change History (6)
comment:1 by , 3 weeks ago
| Triage Stage: | Unreviewed → Accepted |
|---|
comment:2 by , 3 weeks ago
Thanks, Natalia! Yes, the PR is here: https://github.com/django/django/pull/20269
comment:3 by , 6 days ago
| Patch needs improvement: | set |
|---|
comment:4 by , 5 days ago
| Patch needs improvement: | unset |
|---|---|
| Triage Stage: | Accepted → Ready for checkin |
Note:
See TracTickets
for help on using tickets.
Documentation is always welcomed! Thank you for volunteering.
I see you checked the "has patch" flag. Is there a PR ready for this?