Python scrypt 雜湊 示範

scrypt 不需要額外安裝套件

    
import hashlib
import os

# 輸入的內容
password = b"password"

# 隨機產生 salt
salt = os.urandom(16)
# 驗證時會需要指定相同的 salt
# salt = bytes.fromhex("971dfcb1102bc7df582716b7047c2488")

# 使用 scrypt 進行雜湊
hashed = hashlib.scrypt(
    password=password,
    salt=salt,
    n=2**14,       # CPU/記憶體成本參數，數值越高越安全但越慢
    r=8,           # 區塊大小
    p=1,           # 平行化參數
    dklen=64       # 最終輸出位元組長度
)

print(f"Salt (Base64): {salt.hex()}")
print(f"Scrypt Hash (Base64): {hashed.hex()}")
    

範例輸出：

    
Salt (Base64): 971dfcb1102bc7df582716b7047c2488
Scrypt Hash (Base64): 16cd83ce220e6c7c74b7352526b88a05bc3dddb2bf91c4799dcf4d502e215333ac7575f34e5f7c6203f6442dc52d24c3466fed387ba04a14290e1b63a3842825
    

驗證:

    
def verify_password(input_password: str, salt: bytes, original_hash: bytes) -> bool:
    new_hash = hashlib.scrypt(
        password=input_password.encode(),
        salt=salt,
        n=2**14,
        r=8,
        p=1,
        dklen=64
    )
    return new_hash == original_hash

# 驗證
input_password = "password"
salt = bytes.fromhex("971dfcb1102bc7df582716b7047c2488")
hashed = bytes.fromhex("16cd83ce220e6c7c74b7352526b88a05bc3dddb2bf91c4799dcf4d502e215333ac7575f34e5f7c6203f6442dc52d24c3466fed387ba04a14290e1b63a3842825")
if verify_password(input_password, salt, hashed):
    print("驗證通過")
else:
    print("驗證失敗")
    

文章撰寫中...請稍後...