diff options
| author | Eli Collins <elic@assurancetechnologies.com> | 2011-04-04 12:02:41 -0400 |
|---|---|---|
| committer | Eli Collins <elic@assurancetechnologies.com> | 2011-04-04 12:02:41 -0400 |
| commit | ff072bb815bc284574a8410ccf9bbf6358e7cffd (patch) | |
| tree | ff70f4a09680f9f4eee8f6c83333fe915db00930 /docs | |
| parent | d95a843a40a70b36b6f25cbb960495f80b541a61 (diff) | |
| download | passlib-ff072bb815bc284574a8410ccf9bbf6358e7cffd.tar.gz | |
added atlassian_pbkdf2_sha1 - supports hash PBKDF2-based hash used by Atlassian (eg Jira's cwd_user table)
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/lib/passlib.hash.pbkdf2_digests.rst | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/docs/lib/passlib.hash.pbkdf2_digests.rst b/docs/lib/passlib.hash.pbkdf2_digests.rst index d2906b5..666bd83 100644 --- a/docs/lib/passlib.hash.pbkdf2_digests.rst +++ b/docs/lib/passlib.hash.pbkdf2_digests.rst @@ -33,6 +33,11 @@ PassLib supports 5 PBKDF2-based hash schemes: password hash [#grub]_, as generated by the :command:`grub-mkpasswd-pbkdf2` command, and may be found in Grub2 configuration files. +* :class:`!atlassian_pbkdf2_sha1` provides an implementation of + the PBKDF2 based hash used by Atlassian in Jira and other products. + Note that unlike the above PBKDF2 hashes, this one uses a fixed + number of rounds. + Usage ===== These classes support both rounds and salts, @@ -46,6 +51,7 @@ Interface .. autoclass:: pbkdf2_sha512() .. autoclass:: dlitz_pbkdf2_sha1() .. autoclass:: grub_pbkdf2_sha512() +.. autoclass:: atlassian_pbkdf2_sha1() .. rst-class:: html-toggle @@ -154,6 +160,31 @@ Other PBKDF2 Hashes along with the decoded salt, and the number of rounds. The result is then encoded into hexidecimal. +:class:`!atlassian_pbkdf2_sha1` + + All of this scheme's hashes have the format :``{PKCS5S2}<data>``, + where :samp:`<data>` is a 64 character base64 encoded string; + which (when decoded), contains a 16 byte salt, + and a 32 byte checksum. + + A example hash (of ``password``) is: + + ``{PKCS5S2}DQIXJU038u4P7FdsuFTY/+35bm41kfjZa57UrdxHp2Mu3qF2uy+ooD+jF5t1tb8J`` + + Once decoded, the salt value (in hexdecimal octets) is: + + ``0d0217254d37f2ee0fec576cb854d8ff`` + + and the checksum value (in hexidecimal octets) is: + + ``edf96e6e3591f8d96b9ed4addc47a7632edea176bb2fa8a03fa3179b75b5bf09`` + + When calculating the checksum: + the password is encoded into UTF-8 if not already encoded. + Using the specified salt, and a fixed 10000 rounds, + PBKDF2-HMAC-SHA1 is used to generate a 32 byte key, + which appended to the salt and encoded in base64. + Hash Translation ---------------- Note that despite encoding and format differences, |