使用Symfony 2.5解密python/django密码(使用symfony安全性) [英] Decrypt python/django password with Symfony 2.5 (using symfony security)

问题描述

我想使用symfony 2.5.10安全性，以便从使用pyhton/django安全性创建的用户登录.db中以这种格式加密的密码:

I want to use symfony 2.5.10 security in order to login in from users that were created with pyhton/django security. Passwords in db that are encrypted in this format:

pbkdf2_sha256$12000$dVPTWPll8poG$3weiWwv4P/2GgYjeJBeUN/Hlbe1UByCj7ZRVX93FBZE=

我想这样做是因为我希望用户为新应用使用相同的密码.

I want to do this because I want users to have same passwords for the new app.

推荐答案

您必须自己编写密码编码器.Django使用以下密码格式:

You have to write password encoder on your own. Django uses following password format:

<algorithm>$<iterations>$<salt>$<hash>

这意味着哈希使用PBKDF2算法和SHA256哈希，12000次迭代， dVPTWPll8poG 盐(对于此特定密码)，密码哈希本身为 3weiWwv4P/2GgYjeJBeUN/Hlbe1UByCj7ZRVX93FBZE = (采用BASE64编码).

It means hash uses the PBKDF2 algorithm with a SHA256 hash, 12000 iterations, dVPTWPll8poG salt (for this particular password) and password hash itself is 3weiWwv4P/2GgYjeJBeUN/Hlbe1UByCj7ZRVX93FBZE= (BASE64 encoded).

Symfony具有PBKDF2的密码编码器，但不支持Django格式.您可以只修改内置的密码编码器.您必须从数据库中的字符串中提取迭代，salt和pbkdf哈希.其余部分与默认编码器中的相同.

Symfony has password encoder for PBKDF2 but it does not support Django format. You can just modify built-in password encoder. You have to extract iterations, salt and pbkdf hash from string in database. The rest is the same as in default encoder.

https://github.com/symfony/security-core/blob/2.5/Encoder/Pbkdf2PasswordEncoder.php

这是有关如何编写自己的密码编码器的另一个stackoverflow答案.

Here is another stackoverflow answer on how to write own password encoder.

Symfony2创建自己的编码器来存储密码

希望有帮助.

这篇关于使用Symfony 2.5解密python/django密码(使用symfony安全性)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！