This class provides an implementation of Dwayne Litzenberger’s PBKDF2-HMAC-SHA1 hash format . PBKDF2 is a key derivation function  that is ideally suited as the basis for a password hash, as it provides variable length salts, variable number of rounds.
This class implements Dwayne Litzenberger’s PBKDF2-based crypt algorithm, and follows the Password Hash Interface.
It supports a variable-length salt, and a variable number of rounds.
A example hash (of password) is:
All of this scheme’s hashes have the format $p5k2$rounds$salt$checksum, where:
In order to generate the checksum, the password is first encoded into UTF-8 if it’s unicode. Then, the entire configuration string (all of the hash except the checksum, ie $p5k2$rounds$salt) is used as the PBKDF2 salt. PBKDF2 is called using the encoded password, the full salt, the specified number of rounds, and using HMAC-SHA1 as it’s psuedorandom function. 24 bytes of derived key are requested, and the resulting key is encoded and used as the checksum portion of the hash.
|||The reference for this hash format - http://www.dlitz.net/software/python-pbkdf2/.|
|||The specification for the PBKDF2 algorithm - http://tools.ietf.org/html/rfc2898#section-5.2.|