Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save babs/96474e1b3b3b02641f169f06a0c2a4fe to your computer and use it in GitHub Desktop.
Save babs/96474e1b3b3b02641f169f06a0c2a4fe to your computer and use it in GitHub Desktop.
RabbitMQ Password Hash - Python
#!/bin/env/python
import hashlib
import binascii
# Utility methods for generating and comparing RabbitMQ user password hashes.
#
# Rabbit Password Hash Algorithm:
#
# Generate a random 32 bit salt:
# CA D5 08 9B
# Concatenate that with the UTF-8 representation of the password (in this
# case "simon"):
# CA D5 08 9B 73 69 6D 6F 6E
# Take the MD5 hash:
# CB 37 02 72 AC 5D 08 E9 B6 99 4A 17 2B 5F 57 12
# Concatenate the salt again:
# CA D5 08 9B CB 37 02 72 AC 5D 08 E9 B6 99 4A 17 2B 5F 57 12
# And convert to base64 encoding:
# ytUIm8s3AnKsXQjptplKFytfVxI=
#
# Sources:
# http://rabbitmq.1065348.n5.nabble.com/Password-Hashing-td276.html
# http://hg.rabbitmq.com/rabbitmq-server/file/df7aa5d114ae/src/rabbit_auth_backend_internal.erl#l204
# Test Case:
# print encode_rabbit_password_hash('CAD5089B', "simon")
# print decode_rabbit_password_hash('ytUIm8s3AnKsXQjptplKFytfVxI=')
# print check_rabbit_password('simon','ytUIm8s3AnKsXQjptplKFytfVxI=')
def encode_rabbit_password_hash(salt, password):
salt_and_password = salt + password.encode('utf-8').encode('hex')
salt_and_password = bytearray.fromhex(salt_and_password)
salted_md5 = hashlib.md5(salt_and_password).hexdigest()
password_hash = bytearray.fromhex(salt + salted_md5)
password_hash = binascii.b2a_base64(password_hash).strip()
return password_hash
def decode_rabbit_password_hash(password_hash):
password_hash = binascii.a2b_base64(password_hash)
decoded_hash = password_hash.encode('hex')
return (decoded_hash[0:8], decoded_hash[8:])
def check_rabbit_password(test_password, password_hash):
salt, hash_md5sum = decode_rabbit_password_hash(password_hash)
test_password_hash = encode_rabbit_password_hash(salt, test_password)
return test_password_hash == password_hash
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment