使用Symfony 2.5解密python/django密码(使用symfony安全性) [英] Decrypt python/django password with Symfony 2.5 (using symfony security)
问题描述
我想使用symfony 2.5.10安全性,以便从使用pyhton/django安全性创建的用户登录.db中以这种格式加密的密码:
I want to use symfony 2.5.10 security in order to login in from users that were created with pyhton/django security. Passwords in db that are encrypted in this format:
pbkdf2_sha256$12000$dVPTWPll8poG$3weiWwv4P/2GgYjeJBeUN/Hlbe1UByCj7ZRVX93FBZE=
我想这样做是因为我希望用户为新应用使用相同的密码.
I want to do this because I want users to have same passwords for the new app.
推荐答案
您必须自己编写密码编码器.Django使用以下密码格式:
You have to write password encoder on your own. Django uses following password format:
<algorithm>$<iterations>$<salt>$<hash>
这意味着哈希使用PBKDF2算法和SHA256哈希,12000次迭代, dVPTWPll8poG
盐(对于此特定密码),密码哈希本身为 3weiWwv4P/2GgYjeJBeUN/Hlbe1UByCj7ZRVX93FBZE =
(采用BASE64编码).
It means hash uses the PBKDF2 algorithm with a SHA256 hash, 12000 iterations, dVPTWPll8poG
salt (for this particular password) and password hash itself is 3weiWwv4P/2GgYjeJBeUN/Hlbe1UByCj7ZRVX93FBZE=
(BASE64 encoded).
Symfony具有PBKDF2的密码编码器,但不支持Django格式.您可以只修改内置的密码编码器.您必须从数据库中的字符串中提取迭代,salt和pbkdf哈希.其余部分与默认编码器中的相同.
Symfony has password encoder for PBKDF2 but it does not support Django format. You can just modify built-in password encoder. You have to extract iterations, salt and pbkdf hash from string in database. The rest is the same as in default encoder.
https://github.com/symfony/security-core/blob/2.5/Encoder/Pbkdf2PasswordEncoder.php
这是有关如何编写自己的密码编码器的另一个stackoverflow答案.
Here is another stackoverflow answer on how to write own password encoder.
希望有帮助.
这篇关于使用Symfony 2.5解密python/django密码(使用symfony安全性)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!