本文介绍了如何重现System.Security.Cryptography.SHA1在Python中管理结果的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述 这里的交易：我把一个.NET网站移动到Python。我有一个使用System.Security.Cryptography.SHA1Managed实用程序密码哈希的数据库。 我使用以下代码在.NET中创建哈希： 上述方法调用 CreateHash（IHashProvider provider， string plaintext），其中提供了一个解析的 IHashProvider 。在此方法中，运行以下代码： byte [] bytes = Encoding.Unicode.GetBytes（plaintext）; byte [] hash = provider.CreateHash（bytes）; CryptographyUtility.GetRandomBytes（bytes）; return Convert.ToBase64String（hash）; （明文参数）转换为使用Unicode编码的字节数组。 p> 接下来，使用上面创建的字节数组调用SHA1散列提供程序的 CreateHash（bytes）方法。在此方法中，发生以下步骤： this.CreateHashWithSalt（plaintext，（byte []）null）; 被调用，其中明文是包含原始值的字节数组，堆栈作为字符串。第二个参数是salt字节数组（为null）。在此方法中，调用以下代码： this.AddSaltToPlainText（ref salt，ref plaintext）; byte [] hash = this.HashCryptographer.ComputeHash（plaintext）; this.AddSaltToHash（salt，ref hash）; return hash; this.AddSaltToPlainText ref salt，ref plain text）是关于如何提供的文本被盐化的第一个线索。在此方法中，以下代码运行： if saltEnabled） return; if（salt == null） salt = CryptographyUtility.GetRandomBytes（16）; plaintext = CryptographyUtility.CombineBytes（salt，plaintext）; this.saltEnabled 变量由配置块中的 saltEnabled =true初始化。如果为true，如果您没有提供盐，则将为您生成一个16个随机字节的字节数组（通过调用外部C API）。 plaintext 变量具有前缀。例如：[salt] [plaintext] 注意！ 盐和明文的组合然后通过调用 this.HashCryptographer.ComputeHash（plaintext）; 进行SHA1哈希。 然后，盐被预先添加到之前创建的20字节数组， this.AddSaltToHash（salt，ref hash）; 返回堆栈最终将引导您在 CreateHash（） c $ c>方法。这将返回所提供的SHA1 salted哈希值+ salt的Base64字符串表示。 公式：Base64 salt + SHA1（salt + value）） （例如，当我说saltEnabled =真，什么额外的魔法发生？） 这在问题2，特别是调用 CryptographyUtility.GetRandomBytes（16）; 最终调用C库： [DllImport（QCall，CharSet = CharSet.Unicode）] private static extern void GetBytes（SafeProvHandle hProv，byte [] randomBytes，int count）; 希望这在某种程度上有帮助！ Here's the deal: I'm moving a .NET website to Python. I have a database with passwords hashed using the System.Security.Cryptography.SHA1Managed utility. I'm creating the hash in .NET with the following code:string hashedPassword = Cryptographer.CreateHash("MYHasher", userInfo.Password);The MYHasher block looks like this:<add algorithmType="System.Security.Cryptography.SHA1Managed, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=blahblahblah" saltEnabled="true" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=3.0.0.0, Culture=neutral, PublicKeyToken=daahblahdahdah" name="MYHasher" />So for a given password, I get back and store in the database a 48 byte salted sha1. I assume the last 8 bytes are the salt. I have tried to reproduce the hashing process in python by doing a sha1(salt + password) and sha1(password + salt) but I'm having no luck.My question to you:How are the public keys being used?How is the password rehashed using the salt.How is the salt created? (e.g., When I say saltEnabled="true", what extra magic happens?)I need specific details that don't just reference other .NET libraries, I'm looking for the actual operational logic that happens in the blackbox.Thanks! 解决方案 Sorry for the late reply, but I've just come across a similar situation while trying to replicate the SHA1 hashing logic used in the Enterprise Library's Cryptography Block, but with using Java.To answer each of your questions:How are the public keys being used?The PublicKeyToken in the configuration block above is used to identify a signed, strong-named .net assembly. This is a 64-bit hash of the public key that corresponds to the private key used to sign the assembly. NOTE: This key has absolutely no bearing on your implementation to hash data.How is the password rehashed using the salt.The sequence of events to create the hashed password with the salt is as follows:Call Cryptographer.CreateHash("MYHasher",value);where "MYHasher" is the name of the configured System.Security.Cryptography.SHA1Managed instance provider specified in your configuration block, and value is the string to be hashed.The above method makes a call to CreateHash(IHashProvider provider, string plaintext), where a resolved IHashProvider is supplied. Inside this method, the following code is run:byte[] bytes = Encoding.Unicode.GetBytes(plaintext);byte[] hash = provider.CreateHash(bytes);CryptographyUtility.GetRandomBytes(bytes);return Convert.ToBase64String(hash);The value argument that was passed right at the beginning (which is now the plaintext argument) is converted into a byte array, using Unicode encoding.Next, the SHA1 hash provider's CreateHash(bytes) method is called with the byte array created above. Inside this method, the following steps occur:this.CreateHashWithSalt(plaintext, (byte[]) null); is called, where plaintext is a byte array containing the original value passed in at the top of the stack as a string. The second argument is the salt byte array (which is null). Inside this method, the following code is called:this.AddSaltToPlainText(ref salt, ref plaintext);byte[] hash = this.HashCryptographer.ComputeHash(plaintext);this.AddSaltToHash(salt, ref hash);return hash;this.AddSaltToPlainText(ref salt, ref plaintext) is the first clue as to how the supplied text is salted. Inside this method, the following code runs:if (!this.saltEnabled) return; if (salt == null) salt = CryptographyUtility.GetRandomBytes(16); plaintext = CryptographyUtility.CombineBytes(salt, plaintext);The this.saltEnabled variable is initialised by the saltEnabled="true" in your configuration block. If true, and if you haven't supplied a salt, a byte array of 16 random bytes will be generated for you (via calling an external C API).The plaintext variable then has the salt prepended to it. e.g.: [salt][plaintext]This is very important to note!The combination of the salt and plaintext are then SHA1-hashed by calling this.HashCryptographer.ComputeHash(plaintext);. This will produce a 20 byte long array.Then, the salt is prepended again to the 20 byte array created previously, via the call this.AddSaltToHash(salt, ref hash);, to give you a 36 byte long array.Going back up the stack will eventually lead you to the call return Convert.ToBase64String(hash); inside the CreateHash() method. This will return the Base64 string representation of the SHA1 salted hashed value + salt that was supplied.Formula: Base64(salt + SHA1(salt + value))How is the salt created? (e.g., When I say saltEnabled="true", what extra magic happens?)This was answered in question 2, specifically the call to CryptographyUtility.GetRandomBytes(16); which eventually calls a C library:[DllImport("QCall", CharSet = CharSet.Unicode)]private static extern void GetBytes(SafeProvHandle hProv, byte[] randomBytes, int count);Hope this helps in some way! 这篇关于如何重现System.Security.Cryptography.SHA1在Python中管理结果的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！