我需要将密码存储在加密为密码的配置中 [英] I need to store passwords in config encrypted as password

问题描述

我使用的是 Python 3我有一个用户名映射到密码的 Auth_INI ConfigParser 文件.我需要加密密码用密码这样只有密码才能解密它.

I am using Python 3 I have an Auth_INI ConfigParser file with usernames mapped to passwords. I need to encrypt the password with the password so only the password can decrypt it.

> Auth_INI = ConfigParser()
> password = 'password'
> password_encrypted = encrypt(password,'password') 
> Auth_INI['username'] = password_encrypted

它所需要的可能只是某种困难的散列/非散列编码.我不需要任何东西太花哨了.没有钥匙圈，只有纯文本编码/未编码.

All it needs to be is somekind of difficult hash/unhash encoding perhaps. I do not require anything too fancy. No keyrings, just plain text encoded/unencoded.

使用这种加密方案，我可以通过 decrypt(password,'guessword') != 'guessword' 轻松验证一个人，除此之外没有其他理由了.

With this encryption scheme I can easily verify a person by decrypt(password,'guessword') != 'guessword' and there is no reason to do anything more than this.

有人可以推荐一个像这样工作的加密/编码库吗?

Is anyone able to recommend an encryption/Encoding library that works like this?

现在我只是使用 urlsafe_b64encode('password') 并且没有密码来解码密码，所以基本上没有密码加密.请帮忙...

Right now I am just using urlsafe_b64encode('password') and there is no password to decode the password so essentially there is no encryption for the password. Please do help...

推荐答案

来自 PyNaCl 文档，这是一个快速而肮脏的示例:

From the PyNaCl documentation, here's a quick and dirty example:

import nacl.pwhash

# Password used to hash itself
orig_password = b'my password'

# Hashing the password
hashed_data = nacl.pwhash.str(orig_password)

# The result will be True on password match.
res = nacl.pwhash.verify(hashed_data, orig_password)
print(res)

# On mismatch an exception will be raised
wrong_password = b'My password'
res2 = nacl.pwhash.verify(hashed_data, wrong_password)

这篇关于我需要将密码存储在加密为密码的配置中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！