Created
October 12, 2015 14:16
-
-
Save andgein/a85c22638accc68237f7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import base64 | |
import bcrypt | |
import binascii | |
### This program should print 'ff00199825b2c4e1a0349eb68eac5a0dc3d485f93cb349' as well as the following perl program: | |
### | |
### use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash); | |
### | |
### my $settings = { | |
### cost => 8, | |
### salt => pack('H*', 'aad28123bb4983bbb6749ee462cb0e10') | |
### }; | |
### | |
### my $hash = bcrypt_hash($settings, 'a' x 72); | |
### print unpack('H*', $hash); | |
### | |
def modified_base64(data): | |
normal_base64 = base64.b64encode(data).decode() | |
normal_to_modified = str.maketrans('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/', | |
'./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789') | |
return normal_base64.translate(normal_to_modified) | |
def get_salt_by_perl_salt(perl_salt_in_hex, rounds=8): | |
salt = bytes.fromhex(perl_salt_in_hex) | |
return '$2b$%02d$' % rounds + modified_base64(salt)[:22] | |
def modified_base64_decode(base64_data): | |
modified_to_normal = str.maketrans('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', | |
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/') | |
normal_base64 = base64_data.translate(modified_to_normal) | |
return base64.b64decode(normal_base64) | |
def extract_hex_value_from_bcrypt_hash(hash): | |
tail = hash.split('$')[3] + '==' | |
values = modified_base64_decode(tail[22:]) | |
return binascii.hexlify(values).decode() | |
salt = get_salt_by_perl_salt('aad28123bb4983bbb6749ee462cb0e10') | |
hash = bcrypt.hashpw(b'a' * 72, salt.encode()).decode() | |
print(extract_hex_value_from_bcrypt_hash(hash)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment