This is an automated email from the ASF dual-hosted git repository. gstein pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/steve.git
commit 9f3e9ff991d76f915e1ebaebf553b6dc8ac84ddf Author: Greg Stein <[email protected]> AuthorDate: Tue Sep 30 20:09:06 2025 -0500 Switch to secrets module for SALT values. --- v3/steve/crypto.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/v3/steve/crypto.py b/v3/steve/crypto.py index cdc6489..682c783 100644 --- a/v3/steve/crypto.py +++ b/v3/steve/crypto.py @@ -22,7 +22,6 @@ import base64 import secrets import passlib.hash # note that .argon2 is proxy in this pkg -import passlib.utils # for the RNG, to create Salt values import cryptography.fernet from cryptography.hazmat.primitives import hashes @@ -36,7 +35,7 @@ SALT_LEN = 16 def gen_salt() -> bytes: "Generate bytes to be used as a salt, for hashing." - return passlib.utils.getrandbytes(passlib.utils.rng, SALT_LEN) + return secrets.token_bytes(SALT_LEN) def gen_opened_key(edata: bytes, salt: bytes) -> bytes:
