有什么办法可以将端口密码加密为python吗?

时间:2018-11-07 19:01:01

标签: java python-3.x encryption sha256 jasypt

某些旧版Java使用称为jasypt的软件包来加密密码。
它使用StrongPasswordEncryptor来加密密码。

似乎在下面的文档页面中使用它
算法:SHA-256。
盐大小:16个字节。
迭代次数:100000。

有源代码shows 

 public StrongPasswordEncryptor() {
        super();
        this.digester = new StandardStringDigester();
        this.digester.setAlgorithm("SHA-256");
        this.digester.setIterations(100000);
        this.digester.setSaltSizeBytes(16);
        this.digester.initialize();
    }

现在我们不再使用Java,我们想继续在python中进行相同的加密,但是不确定如何移植这部分代码。

我确实有盐和一对明文密码和加密密码来验证python端口是否正常工作,只是不知道要加密哪个lib和要加密的功能。尝试hashlib.pbkdf2_hmac,没有任何运气。

示例纯文本密码为:Testing123
盐是:0DD2E486FAE5B121491CBE78A9B67AF1
加密的密码是:D1JAI76bwIkEkOIy7IZoLasAFKX0Yy7ujU/M7UBezC7NqxSD3clDyaFB1lz96K98

以下是Java代码中的实际加密密码的片段:

import javax.inject.Inject;
import javax.inject.Named;
import org.jasypt.util.password.StrongPasswordEncryptor;
import com.foobar.users.PasswordEncoder;

public class PasswordEncoderImpl implements PasswordEncoder {

    private String salt;
    private StrongPasswordEncryptor encryptor;

    @Inject
    public PasswordEncoderImpl(@Named("appHash") String appHash) {
        this.salt = appHash;
        encryptor = new StrongPasswordEncryptor();
    }

    @Override
    public String encode(String password) {
        return encryptor.encryptPassword(password + salt);
    }

    @Override
    public boolean verifyPassword(String password, String encryptedPassword){
        return encryptor.checkPassword(password+salt, encryptedPassword);
    }

}

1 个答案:

答案 0 :(得分:1)

好的,我现在有一半解决方案:

这是一个简化的Java代码,用于检查给定的密码是否有效:

private void start() throws Exception {

    String salt = "0DD2E486FAE5B121491CBE78A9B67AF1";
    String password = "Testing123";
    String previousResult = "QI2KU2VsI/aNr4U3XQ0AdaOk6Qhl4XTaN2ym5cYXxRr8tz/23EvWQHI8sNhRmoP1";

    StrongPasswordEncryptor passwordEncryptor = new StrongPasswordEncryptor();
    String encryptedPass = passwordEncryptor.encryptPassword(password + salt);


    System.out.println(checkPass(salt, password, previousResult));
    System.out.println(passwordEncryptor.checkPassword(password + salt, previousResult));
}

private boolean checkPass(String salt, String password, String previousResult) throws NoSuchAlgorithmException {
    byte[] bytes = previousResult.getBytes(StandardCharsets.US_ASCII);
    byte[] decode = Base64.getDecoder().decode(bytes);

    byte[] secretSalt = new byte[16];
    System.arraycopy(decode, 0, secretSalt, 0, 16);

    byte [] message = (password + salt).getBytes(StandardCharsets.UTF_8);
    byte[] digest = digest(message, secretSalt);

    return Arrays.equals(digest, decode);
}


private byte[] digest(byte [] message, final byte[] salt) throws NoSuchAlgorithmException {

    byte[] digest;

    MessageDigest md = MessageDigest.getInstance("sha-256");
    md.reset();

    md.update(salt);
    md.update(message);


    digest = md.digest();
    for (int i = 0; i < (100000 - 1); i++) {
        md.reset();
        digest = md.digest(digest);
    }

    byte[] secondArray = digest;
    final byte[] result = new byte[salt.length + secondArray.length];

    System.arraycopy(salt, 0, result, 0, salt.length);
    System.arraycopy(secondArray, 0, result, salt.length, secondArray.length);

    return result;
}
相关问题
最新问题