rspec/rules/S2053/python/how-to-fix-it/std.adoc

== How to fix it in Python Standard Library

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,python,diff-id=1,diff-type=noncompliant]
----
import crypt

hash = crypt.crypt(password) # Noncompliant
----

==== Compliant solution

[source,python,diff-id=1,diff-type=compliant]
----
import crypt

salt = crypt.mksalt(crypt.METHOD_SHA256)
hash = crypt.crypt(password, salt)
----

=== How does this work?

include::../../common/fix/salt.adoc[]

Here, the compliant code example ensures the salt is random and has a sufficient
length by calling the `crypt.mksalt` function. This one internally uses a
cryptographically secure pseudo random number generator.
Modify rule S2053: LaYC format (#2335) 2023-07-06 10:32:19 +02:00			`== How to fix it in Python Standard Library`

			`=== Code examples`

			`include::../../common/fix/code-rationale.adoc[]`

			`==== Noncompliant code example`

			`[source,python,diff-id=1,diff-type=noncompliant]`
			`----`
			`import crypt`

			`hash = crypt.crypt(password) # Noncompliant`
			`----`

			`==== Compliant solution`

			`[source,python,diff-id=1,diff-type=compliant]`
			`----`
			`import crypt`

			`salt = crypt.mksalt(crypt.METHOD_SHA256)`
			`hash = crypt.crypt(password, salt)`
			`----`

			`=== How does this work?`

			`include::../../common/fix/salt.adoc[]`

			`Here, the compliant code example ensures the salt is random and has a sufficient`
			length by calling the `crypt.mksalt` function. This one internally uses a
			`cryptographically secure pseudo random number generator.`