scrypt 不需要額外安裝套件
範例輸出:
驗證:
文章撰寫中...請稍後...
import hashlib
import os
# 輸入的內容
password = b"password"
# 隨機產生 salt
salt = os.urandom(16)
# 驗證時會需要指定相同的 salt
# salt = bytes.fromhex("971dfcb1102bc7df582716b7047c2488")
# 使用 scrypt 進行雜湊
hashed = hashlib.scrypt(
password=password,
salt=salt,
n=2**14, # CPU/記憶體成本參數,數值越高越安全但越慢
r=8, # 區塊大小
p=1, # 平行化參數
dklen=64 # 最終輸出位元組長度
)
print(f"Salt (Base64): {salt.hex()}")
print(f"Scrypt Hash (Base64): {hashed.hex()}")
範例輸出:
Salt (Base64): 971dfcb1102bc7df582716b7047c2488
Scrypt Hash (Base64): 16cd83ce220e6c7c74b7352526b88a05bc3dddb2bf91c4799dcf4d502e215333ac7575f34e5f7c6203f6442dc52d24c3466fed387ba04a14290e1b63a3842825
驗證:
def verify_password(input_password: str, salt: bytes, original_hash: bytes) -> bool:
new_hash = hashlib.scrypt(
password=input_password.encode(),
salt=salt,
n=2**14,
r=8,
p=1,
dklen=64
)
return new_hash == original_hash
# 驗證
input_password = "password"
salt = bytes.fromhex("971dfcb1102bc7df582716b7047c2488")
hashed = bytes.fromhex("16cd83ce220e6c7c74b7352526b88a05bc3dddb2bf91c4799dcf4d502e215333ac7575f34e5f7c6203f6442dc52d24c3466fed387ba04a14290e1b63a3842825")
if verify_password(input_password, salt, hashed):
print("驗證通過")
else:
print("驗證失敗")
文章撰寫中...請稍後...
留言
張貼留言
如果有任何問題、建議、想說的話或文章題目推薦,都歡迎留言或來信: a@ruyut.com