I need to use scrypt algorithm and since I´m already using hashlib, I figured... why not? I already checked this and it pointed out OpenSSL 1.1+ was necessary. Also, according to official doc:
hashlib.scrypt(password, *, salt, n, r, p, maxmem=0, dklen=64)
...
Availability: OpenSSL 1.1+.
New in version 3.6.
I made sure to have the latest version of openssl:
# openssl version
OpenSSL 1.1.1b 26 Feb 2019
I also tried to run python3.6 and python3 (3.4) and both say they cannot import scrypt:
# python3.6
Python 3.6.5 (default, Apr 10 2018, 17:08:37)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from hashlib import pbkdf2_hmac
>>> from hashlib import scrypt
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ImportError: cannot import name 'scrypt'
As you can see, other methods like pbkdf2_hmac work. What could be wrong?
Also, what is the * in hashlib.scrypt(password, *, salt, n, r, p, maxmem=0, dklen=64)?
My mac is running with OpenSSL 1.1.1 11 Sep 2018.
I reproduced your import symptoms with python3.6,
and found that scrypt imported just fine with python3.7.
You might consider trying 3.7.
The * in the signature is a relatively new syntax
which marks the end of positional arguments.
So you can't invoke as scrypt('secret', 'mySalt').
You need to specify keyword args, e.g. scrypt('secret', salt='mySalt').
The intent is to make it harder to call incorrectly by using a mistaken arg order.
This tends to be especially important for crypto APIs,
where many of the args are opaque and hard to validate.