了解Liferay密码加密 [英] Understanding Liferay Password Encryption
问题描述
关于liferay中的密码加密,我发现liferay正在使用 PBKDF2WithHmacSHA1/160/128000 算法默认情况下会使用128,000回合生成160位哈希.
我可以通过在我的portal-ext.properties文件中应用以下类型来使用
#passwords.encryption.algorithm=BCRYPT/10
#passwords.encryption.algorithm=MD2
#passwords.encryption.algorithm=MD5
#passwords.encryption.algorithm=NONE
#passwords.encryption.algorithm=PBKDF2WithHmacSHA1/160/128000
#passwords.encryption.algorithm=SHA
#passwords.encryption.algorithm=SHA-256
#passwords.encryption.algorithm=SHA-384
#passwords.encryption.algorithm=SSHA
#passwords.encryption.algorithm=UFC-CRYPT
我发现默认密码为" PBKDF2WithHmacSHA1/160/128000 "的每个密码都以前缀"AAAAoAAB9A"开头 像:"AAAAoAAB9ACpjEM1K54bHX0UMY + 3AgeAX3n50ZGERRK6MpxC"
我需要知道为什么在使用上述算法时每个密码都以该前缀开头.
通过使用另一种算法" BCRYPT/10 ",我发现我的密码以"$ 2a $ 10"开头,例如:"$ 2a $ 10 $ Xyx.o1kv1mIr8rtpr9sxwOP6AC9I/u7tAIlyfrzp8Vlqcek/CGdQ"
有些方法让我发现"$ 2a $ 10"中的"10"密码被十轮盐加散列.这是正确的还是我弄错了?
Liferay默认使用 PBKDF2WithHmacSHA1/160/128000 ,加密的密码是密钥大小的字节的组合,轮,盐和密钥字节的数量" 依次放置在字节缓冲区中,然后对组合进行Base64编码.
因此,在"AAAAoAAB9ACpjEM1K54bHX0UMY + 3AgeAX3n50ZGERRK6MpxC"中存在前缀"AAAAoAAB9A"的原因是,这是密钥大小和回合数(即160/128000)字节缓冲区的组合,将其整体编码为Base64.更改密钥大小和回合次数,您将得到一些不同的前缀.
About passwords encryption in liferay I found out that liferay is using PBKDF2WithHmacSHA1/160/128000 algorithm by default which generates 160 bit hashes using 128,000 rounds.
And I can use the following types by applying them in my portal-ext.properties file
#passwords.encryption.algorithm=BCRYPT/10
#passwords.encryption.algorithm=MD2
#passwords.encryption.algorithm=MD5
#passwords.encryption.algorithm=NONE
#passwords.encryption.algorithm=PBKDF2WithHmacSHA1/160/128000
#passwords.encryption.algorithm=SHA
#passwords.encryption.algorithm=SHA-256
#passwords.encryption.algorithm=SHA-384
#passwords.encryption.algorithm=SSHA
#passwords.encryption.algorithm=UFC-CRYPT
with default type "PBKDF2WithHmacSHA1/160/128000" i found that every password is being generated starting with a prefix "AAAAoAAB9A" Like : "AAAAoAAB9ACpjEM1K54bHX0UMY+3AgeAX3n50ZGERRK6MpxC"
I need to know that why every password is starting with this prefix while using the mentioned algorithm.
By using another algorithm "BCRYPT/10" i found out that my passwords are starting with "$2a$10" Like: "$2a$10$Xyx.o1kv1mIr8rtpr9sxwOP6AC9I/u7tAIlyfrzp8Vlqcek/CGdQ"
Some how i figured out that "10" in "$2a$10" the password is getting hashed with a salt with 10 rounds. is this correct or I am getting it wrong?
Liferay uses PBKDF2WithHmacSHA1/160/128000 by default, the encrypted password is a combination of bytes of "key size, number of rounds, salt and secret key bytes" being placed in order in the bytebuffer and then Base64 encoding over the combination.
So the reason why there is a prefix "AAAAoAAB9A" in: "AAAAoAAB9ACpjEM1K54bHX0UMY+3AgeAX3n50ZGERRK6MpxC" is because this is the combination of key size and Number of rounds (i.e 160/128000) byte buffer which is being encoded as a whole into Base64. Changing the key size and number of rounds you will comeup with some different prefix.
这篇关于了解Liferay密码加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
