Django 1.4 pkbdf2 password hashing issue

[José Moreira]

Hi, i'm test upgrading a 1.1 project to 1.4 and the password hasher is raising an exception

 while generating passwords (on several Django unit tests):

======================================================================

ERROR: test_pkbdf2 (django.contrib.auth.tests.hashers.TestUtilsHashPass)

----------------------------------------------------------------------

Traceback (most recent call last):

  File "/Users/zemanel/.virtualenvs/digpedia/lib/python2.5/site-packages/django/contrib/auth/tests/hashers.py", line 33, in test_pkbdf2

    encoded = make_password('letmein', 'seasalt', 'pbkdf2_sha256')

  File "/Users/zemanel/.virtualenvs/digpedia/lib/python2.5/site-packages/django/contrib/auth/hashers.py", line 69, in make_password

    return hasher.encode(password, salt)

  File "/Users/zemanel/.virtualenvs/digpedia/lib/python2.5/site-packages/django/contrib/auth/hashers.py", line 204, in encode

    hash = pbkdf2(password, salt, iterations, digest=self.digest)

  File "/Users/zemanel/.virtualenvs/digpedia/lib/python2.5/site-packages/django/utils/crypto.py", line 143, in pbkdf2

    raise OverflowError('dklen too big')

OverflowError: dklen too big

Any pointers on what could be causing it?

- Python 2.5.6 on OSX (Mountain Lion)

- $ pip freeze:

Django==1.4.1

PIL==1.1.7

distribute==0.6.27

wsgiref==0.1.2

ps.: Changing the PASSWORD_HASHERS to use 'SHA1PasswordHasher' (at least) doesn't raise any issue.

[José Moreira]

I can also reproduce it on a new project.

[José Moreira]

Created a new virtualenv, this time based on Python 2.7[.2] , ran the unit tests and wasn't able to reproduce the issue.