timb07/gist:7fa21389a5eb215b5d1f9fd8580a444f

## gistfile1.py
#!/usr/bin/env python3
import hashlib
import binascii

# Utility methods for generating and comparing RabbitMQ user password hashes.
#
# Rabbit Password Hash Algorithm (using SHA-256):
#
# Generate a random 32 bit salt:
# 908D C60A
#
# Concatenate that with the UTF-8 representation of the password (in this case test12):
# 908D C60A 7465 7374 3132
#
# Take the SHA-256 hash (assuming the hashing function wasn't modified):
# A5B9 24B3 096B 8897 D65A 3B5F 80FA 5DB62 A94 B831 22CD F4F8 FEAD 10D5 15D8 F391
#
# Concatenate the salt again:
# 908D C60A A5B9 24B3 096B 8897 D65A 3B5F 80FA 5DB62 A94 B831 22CD F4F8 FEAD 10D5 15D8 F391
#
# Convert to base64 encoding:
# kI3GCqW5JLMJa4iX1lo7X4D6XbYqlLgxIs30+P6tENUV2POR

# Sources:
# https://www.rabbitmq.com/passwords.html
# https://gist.github.com/christianclinton/faa1aef119a0919aeb2e


def encode_rabbit_password_hash(salt, password):
    sha256 = hashlib.sha256(salt + password.encode('utf-8')).digest()
    password_hash = binascii.b2a_base64(salt + sha256).strip()
    return password_hash


def decode_rabbit_password_hash(password_hash):
    decoded_hash = binascii.a2b_base64(password_hash)
    return decoded_hash[:4], decoded_hash[4:]


def check_rabbit_password(test_password, password_hash):
    salt, hash_sha256 = decode_rabbit_password_hash(password_hash)
    test_password_hash = encode_rabbit_password_hash(salt, test_password)
    return test_password_hash == password_hash


if __name__ == '__main__':
    password_hash = b'kI3GCqW5JLMJa4iX1lo7X4D6XbYqlLgxIs30+P6tENUV2POR'
    assert encode_rabbit_password_hash(b'\x90\x8d\xc6\x0a', 'test12') == password_hash
    assert check_rabbit_password('test12', password_hash)
	#!/usr/bin/env python3
	import hashlib
	import binascii

	# Utility methods for generating and comparing RabbitMQ user password hashes.
	#
	# Rabbit Password Hash Algorithm (using SHA-256):
	#
	# Generate a random 32 bit salt:
	# 908D C60A
	#
	# Concatenate that with the UTF-8 representation of the password (in this case test12):
	# 908D C60A 7465 7374 3132
	#
	# Take the SHA-256 hash (assuming the hashing function wasn't modified):
	# A5B9 24B3 096B 8897 D65A 3B5F 80FA 5DB62 A94 B831 22CD F4F8 FEAD 10D5 15D8 F391
	#
	# Concatenate the salt again:
	# 908D C60A A5B9 24B3 096B 8897 D65A 3B5F 80FA 5DB62 A94 B831 22CD F4F8 FEAD 10D5 15D8 F391
	#
	# Convert to base64 encoding:
	# kI3GCqW5JLMJa4iX1lo7X4D6XbYqlLgxIs30+P6tENUV2POR

	# Sources:
	# https://www.rabbitmq.com/passwords.html
	# https://gist.github.com/christianclinton/faa1aef119a0919aeb2e


	def encode_rabbit_password_hash(salt, password):
	sha256 = hashlib.sha256(salt + password.encode('utf-8')).digest()
	password_hash = binascii.b2a_base64(salt + sha256).strip()
	return password_hash


	def decode_rabbit_password_hash(password_hash):
	decoded_hash = binascii.a2b_base64(password_hash)
	return decoded_hash[:4], decoded_hash[4:]


	def check_rabbit_password(test_password, password_hash):
	salt, hash_sha256 = decode_rabbit_password_hash(password_hash)
	test_password_hash = encode_rabbit_password_hash(salt, test_password)
	return test_password_hash == password_hash


	if __name__ == '__main__':
	password_hash = b'kI3GCqW5JLMJa4iX1lo7X4D6XbYqlLgxIs30+P6tENUV2POR'
	assert encode_rabbit_password_hash(b'\x90\x8d\xc6\x0a', 'test12') == password_hash
	assert check_rabbit_password('test12', password_hash)