我有一个设置任务,要根据.NET Identity数据库对django应用程序用户进行身份验证。我发现了许多相关的主题,但它们要么太旧,要么没有解决我所需要的问题——Django的密码哈希器等价物。
所以我最终学习了这个源代码https://github.com/aspnet/AspNetIdentity/blob/master/src/Microsoft.AspNet.Identity.Core/Crypto.cs并且写了我的django版本。该代码适用于django 2.1.1和.NET 4.5
from django.contrib.auth.hashers import pbkdf2
import hashlib
from base64 import b64decode
identity_PasswordHash = "AOOVvPns8Nov6CsJDTAWz+QDOEO2csh60m5aYyX2Vn7LsNDhiiZ5UaSDWr5izwWeHA=="
pwd_plain = 'Hellow123';
def dotnet_identity_check_password(password, hash):
binsalt = b64decode(hash)[1:17]
binpwd = b64decode(hash)[17:]
genpwd = pbkdf2(password, binsalt, 1000, digest=hashlib.sha1, dklen=32)
if genpwd == binpwd:
return True
return False
if dotnet_identity_check_password(pwd_plain,identity_PasswordHash):
print("OK")
else:
print("Fail")
身份v3版本:
import hashlib
from base64 import b64decode
def dotnet_identity_v3_check_password(password:str, hash:str)-> bool:
bhash = b64decode(hash)
iterCount = readNetworkByteOrder(bhash,5)
saltSize = readNetworkByteOrder(bhash,9)
if (saltSize < 128 / 8):
return False
salt = bhash[13:13+saltSize]
subkeySize = len(bhash) - 13 - saltSize
if (subkeySize < 128 / 8):
return False
expectedSubkey = bhash[13+saltSize:]
actualSubkey = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, iterCount, subkeySize)
if expectedSubkey == actualSubkey:
return True
return False
def readNetworkByteOrder( buffer: bytes, offset:int)->int:
return ((buffer[offset]) << 24) | ((buffer[offset + 1]) << 16) | ((buffer[offset + 2]) << 8) | ((buffer[offset + 3]))