使用密码散列构建密码算法
Building a password algorithm, with password hashing
Questions/Problem
我正在尝试制作一个密码生成器,它会在向用户显示密码后对密码进行哈希处理,并将其存储在第一次创建的文件中 运行。我不确定如何去做这件事或如何去做。我测试了一些密码生成器,最后选择了下面显示的那个。到目前为止,我已经尝试使用 SH 256 进行哈希处理,但无法使它与 bcrypt 一起工作。
代码
from random import choice, randint
import string
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits
password = "".join(choice(characters) for x in range(randint(25,100)))
print(password)
这个小例子希望有用
import random
import string
from random import choice, randint
def get_random_string(length):
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase +
string.digits + string.hexdigits + string.punctuation + string.octdigits
result_str = ''.join(random.choice(characters) for i in range(length))
print("the hasheds password is:", result_str)
get_random_string(8)
get_random_string(8)
这是一个使用 hmac 和 sha256
的工作示例
import hashlib
import hmac
import string
from random import choice, randint
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits
password = "".join(choice(characters) for x in range(randint(25, 100)))
print(password)
SECRET = 'this is my secret'
def hash_password(pw):
hashed_password = hmac.new(
SECRET.encode(),
msg=pw.encode(),
digestmod=hashlib.sha256
).hexdigest().upper()
return hashed_password
password_file = 'test.password'
with open(password_file, 'w') as f:
f.write(hash_password(password))
user_supplied = input('Enter the password supplied: ')
with open(password_file, 'r') as f:
print(f"Does match? {f.read() == hash_password(user_supplied)}")
这是一个例子运行
bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
Enter the password supplied: bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
Does match? True
这是我用的:
import hashlib
import bcrypt
import base64
import string
from random import choice
def encrypt_password(password):
password = password.encode('utf-8')
if len(password) > 72:
password = base64.b64encode(hashlib.sha256(password).digest())
return bcrypt.hashpw(password, bcrypt.gensalt()).decode('ascii') # 60 characters long
def verify_password(password, encrypted_password):
hashed = encrypted_password.encode('ascii')
password = password.encode('utf-8')
if len(password) > 72:
password = base64.b64encode(hashlib.sha256(password).digest())
return bcrypt.checkpw(password, hashed)
def generate_password(length=16, chars=string.ascii_letters+string.digits+string.punctuation):
return ''.join([ choice(chars) for i in range(length) ])
password = generate_password()
encrypted_password = encrypt_password(password)
print(password, encrypted_password)
print(verify_password(password, encrypted_password))
打印:
SL6X95n4rk<[VHK_ b$q6DfXygpSFW3JI9EQXJmm.wy8ZhhJiJ6mK907bHJXnv8XQdEe9ofG
True
Questions/Problem
我正在尝试制作一个密码生成器,它会在向用户显示密码后对密码进行哈希处理,并将其存储在第一次创建的文件中 运行。我不确定如何去做这件事或如何去做。我测试了一些密码生成器,最后选择了下面显示的那个。到目前为止,我已经尝试使用 SH 256 进行哈希处理,但无法使它与 bcrypt 一起工作。
代码
from random import choice, randint
import string
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits
password = "".join(choice(characters) for x in range(randint(25,100)))
print(password)
这个小例子希望有用
import random
import string
from random import choice, randint
def get_random_string(length):
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase +
string.digits + string.hexdigits + string.punctuation + string.octdigits
result_str = ''.join(random.choice(characters) for i in range(length))
print("the hasheds password is:", result_str)
get_random_string(8)
get_random_string(8)
这是一个使用 hmac 和 sha256
import hashlib
import hmac
import string
from random import choice, randint
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits
password = "".join(choice(characters) for x in range(randint(25, 100)))
print(password)
SECRET = 'this is my secret'
def hash_password(pw):
hashed_password = hmac.new(
SECRET.encode(),
msg=pw.encode(),
digestmod=hashlib.sha256
).hexdigest().upper()
return hashed_password
password_file = 'test.password'
with open(password_file, 'w') as f:
f.write(hash_password(password))
user_supplied = input('Enter the password supplied: ')
with open(password_file, 'r') as f:
print(f"Does match? {f.read() == hash_password(user_supplied)}")
这是一个例子运行
bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
Enter the password supplied: bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
Does match? True
这是我用的:
import hashlib
import bcrypt
import base64
import string
from random import choice
def encrypt_password(password):
password = password.encode('utf-8')
if len(password) > 72:
password = base64.b64encode(hashlib.sha256(password).digest())
return bcrypt.hashpw(password, bcrypt.gensalt()).decode('ascii') # 60 characters long
def verify_password(password, encrypted_password):
hashed = encrypted_password.encode('ascii')
password = password.encode('utf-8')
if len(password) > 72:
password = base64.b64encode(hashlib.sha256(password).digest())
return bcrypt.checkpw(password, hashed)
def generate_password(length=16, chars=string.ascii_letters+string.digits+string.punctuation):
return ''.join([ choice(chars) for i in range(length) ])
password = generate_password()
encrypted_password = encrypt_password(password)
print(password, encrypted_password)
print(verify_password(password, encrypted_password))
打印:
SL6X95n4rk<[VHK_ b$q6DfXygpSFW3JI9EQXJmm.wy8ZhhJiJ6mK907bHJXnv8XQdEe9ofG
True