用Python代码编写的SHA 512 crypt输出与mkpasswd

时间:2015-12-25 13:07:26

标签: python python-2.7 hash sha512 hashlib

运行mkpasswd -m sha-512 -S salt1234 password会产生以下结果:

$6$salt1234$Zr07alHmuONZlfKILiGKKULQZaBG6Qmf5smHCNH35KnciTapZ7dItwaCv5SKZ1xH9ydG59SCgkdtsTqVWGhk81

我有这段Python代码,我认为会输出相同但不是:

import hashlib, base64
print(base64.b64encode(hashlib.sha512('password' + 'salt1234').digest()))

它导致:

nOkBUt6l7zlKAfjtk1EfB0TmckXfDiA4FPLcpywOLORZ1PWQK4+PZVEiT4+9rFjqR3xnaruZBiRjDGcDpxxTig==

不确定我做错了什么。

我的另一个问题是,如何告诉sha512函数进行自定义轮次。似乎只需要一个论点。

3 个答案:

答案 0 :(得分:7)

mkpasswdcrypt() function的前端。我不认为这是一个直接的SHA512哈希。

有一点研究指向specification for SHA256-crypt and SHA512-crypt,它显示哈希默认应用5000次。您可以使用-R切换到mkpasswd指定不同数量的轮次; -R 5000确实为您提供了相同的输出:

$ mkpasswd -m sha-512 -S salt1234 -R 5000 password
$6$rounds=5000$salt1234$Zr07alHmuONZlfKILiGKKULQZaBG6Qmf5smHCNH35KnciTapZ7dItwaCv5SKZ1xH9ydG59SCgkdtsTqVWGhk81

命令行工具提供的最小轮数为1000:

$ mkpasswd -m sha-512 -S salt1234 -R 999 password
$6$rounds=1000$salt1234$SVDFHbJXYrzjGi2fA1k3ws01/D9q0ZTAh1KfRF5.ehgjVBqfHUaKqfynXefJ4DxIWxkMAITYq9mmcBl938YQ//
$ mkpasswd -m sha-512 -S salt1234 -R 1 password
$6$rounds=1000$salt1234$SVDFHbJXYrzjGi2fA1k3ws01/D9q0ZTAh1KfRF5.ehgjVBqfHUaKqfynXefJ4DxIWxkMAITYq9mmcBl938YQ//

该算法涉及更多,需要您创建多个摘要。您可以通过crypt.crypt() function访问C crypt()函数,并以mkpasswd命令行的方式驱动它。

如果SHA512-crypt方法可用,则取决于您的平台; {3}模块的Python 3版本提供crypt.methods list,告诉您平台支持哪些方法。由于这使用完全相同的库crypt,因此您的操作系统显然支持mkpasswd,Python也可以访问。

您需要在盐前加SHA512-crypt来指定不同的方法。您可以通过在'$6$字符串和盐之间添加'rounds=<N>$'字符串来指定轮次数:

'$6$'

然后生成与import crypt import os import string try: # 3.6 or above from secrets import choice as randchoice except ImportError: from random import SystemRandom randchoice = SystemRandom().choice def sha512_crypt(password, salt=None, rounds=None): if salt is None: salt = ''.join([randchoice(string.ascii_letters + string.digits) for _ in range(8)]) prefix = '$6$' if rounds is not None: rounds = max(1000, min(999999999, rounds or 5000)) prefix += 'rounds={0}$'.format(rounds) return crypt.crypt(password, prefix + salt) 命令行相同的输出:

mkpasswd

答案 1 :(得分:4)

您需要使用crypt.crypt

<html>
<body>

<div id="header">
    <a href="#">Link 1</a>
    <a href="#">Link 2</a>
    <a href="#">Link 3</a>
    <a href="#">Link 4</a>
    <a href="#">Link 5</a>
</div>

<div class="white-space">
    <h2>Some Content</h2>
</div>


    <div class="image">
        <img src="img/rsz_hnck8766.jpg">
        <div class="overlay"></div>
    </div>

<div class="white-space">
    <h2>Some Content</h2>
</div>

<div class="image">
    <img src="img/2.jpg">
    <div class="overlay"></div>
</div>

<div class="white-space">
    <h2>Some Content</h2>
</div>


</body>

<script src="includes/jquery-2.1.4.js"> </script>

</html>

答案 2 :(得分:1)

这是基于规范的sha512_crypt函数的纯python3实现。 这仅供说明之用,请始终使用crypt.crypt

import hashlib, base64

SHUFFLE_SHA512_INDICES = [
  42, 21,  0,     1, 43, 22,    23,  2, 44,    45, 24,  3,     4, 46, 25,
  26,  5, 47,    48, 27,  6,     7, 49, 28,    29,  8, 50,    51, 30,  9,
  10, 52, 31,    32, 11, 53,    54, 33, 12,    13, 55, 34,    35, 14, 56,
  57, 36, 15,    16, 58, 37,    38, 17, 59,    60, 39, 18,    19, 61, 40,
  41, 20, 62,    63
]

def shuffle_sha512(data):
  return bytes(data[i] for i in SHUFFLE_SHA512_INDICES)

def extend_by_repeat(data, length):
  return (data * (length // len(data) + 1))[:length]

CUSTOM_ALPHABET = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'

'''  Base64 encode based on SECTION 22.e)
'''
def custom_b64encode(data, alphabet = CUSTOM_ALPHABET):
  buffer,count,result = 0,0,[]
  for byte in data:
    buffer |= byte << count
    count += 8
    while count >= 6:
      result.append(buffer & 0x3f)
      buffer >>= 6
      count -= 6
  if count > 0:
    result.append(buffer)
  return ''.join(alphabet[idx] for idx in result)

'''  From http://www.akkadia.org/drepper/SHA-crypt.txt
'''
def sha512_crypt(password, salt, rounds_in = None):
  rounds,rounds_defined = 5000, False
  if rounds_in is not None:
    rounds,rounds_defined = rounds_in, True

  assert 1000 <= rounds <= 999999999
  hash = hashlib.sha512
  salt_prefix = '$6$'
  password = password.encode('utf8')
  salt = salt.encode('ascii')[:16]


  A = hash()             # SECTION 1.
  A.update(password)     # SECTION 2.
  A.update(salt)         # SECTION 3.

  B = hash()             # SECTION 4.
  B.update(password)     # SECTION 5.
  B.update(salt)         # SECTION 6.
  B.update(password)     # SECTION 7.
  digestB = B.digest();  # SECTION 8.

  A.update(extend_by_repeat(digestB, len(password)))  # SECTION 9., 10.

  # SECTION 11.
  i = len(password)
  while i > 0:
    if i & 1:
      A.update(digestB)   # SECTION 11.a)
    else:
      A.update(password)  # SECTION 11.b)
    i = i >> 1

  digestA = A.digest()    # SECTION 12.

  DP = hash()             # SECTION 13.
  # SECTION 14.
  for _ in range(len(password)):
    DP.update(password)

  digestDP = DP.digest()  # SECTION 15.

  P = extend_by_repeat(digestDP, len(password))  # SECTION 16.a), 16.b)

  DS = hash()             # SECTION 17.
  # SECTION 18.
  for _ in range(16 + digestA[0]):
    DS.update(salt)

  digestDS = DS.digest()  # SECTION 19.

  S = extend_by_repeat(digestDS, len(salt))      # SECTION 20.a), 20.b)

  # SECTION 21.
  digest_iteration_AC = digestA
  for i in range(rounds):
    C = hash()                        # SECTION 21.a)
    if i % 2:
      C.update(P)                     # SECTION 21.b)
    else:
      C.update(digest_iteration_AC)   # SECTION 21.c)
    if i % 3:
      C.update(S)                     # SECTION 21.d)
    if i % 7:
      C.update(P)                     # SECTION 21.e)
    if i % 2:
      C.update(digest_iteration_AC)   # SECTION 21.f)
    else:
      C.update(P)                     # SECTION 21.g)

    digest_iteration_AC = C.digest()  # SECTION 21.h)

  shuffled_digest = shuffle_sha512(digest_iteration_AC)


  prefix = salt_prefix   # SECTION 22.a)

  # SECTION 22.b)
  if rounds_defined:
    prefix += 'rounds={0}$'.format(rounds_in)


  return (prefix
    + salt.decode('ascii')               # SECTION 22.c)
    + '$'                                # SECTION 22.d)
    + custom_b64encode(shuffled_digest)  # SECTION 22.e)
  )

actual = sha512_crypt('password', 'salt1234')
expected = '$6$salt1234$Zr07alHmuONZlfKILiGKKULQZaBG6Qmf5smHCNH35KnciTapZ7dItwaCv5SKZ1xH9ydG59SCgkdtsTqVWGhk81'

print(actual)
print(expected)
assert actual == expected