(self, password, encoded)
| 549 | return decoded["work_factor"] != self.rounds |
| 550 | |
| 551 | def harden_runtime(self, password, encoded): |
| 552 | _, data = encoded.split("$", 1) |
| 553 | salt = data[:29] # Length of the salt in bcrypt. |
| 554 | rounds = data.split("$")[2] |
| 555 | # work factor is logarithmic, adding one doubles the load. |
| 556 | diff = 2 ** (self.rounds - int(rounds)) - 1 |
| 557 | while diff > 0: |
| 558 | self.encode(password, salt.encode("ascii")) |
| 559 | diff -= 1 |
| 560 | |
| 561 | |
| 562 | class BCryptPasswordHasher(BCryptSHA256PasswordHasher): |