-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathpassword-salting.py
45 lines (35 loc) · 1.31 KB
/
password-salting.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# Password salting example
import secrets
import string
import hashlib
PRINTABLE_CHARS = string.printable
RANDOM_STRING_CHARS = PRINTABLE_CHARS.translate(
{ord(i): None for i in ' \t\n\r\x0b\x0c'})
def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
"""
Return a securely generated random string.
The bit length of the returned value can be calculated with the formula:
log_2(len(allowed_chars)^length)
For example, with default `allowed_chars` (26+26+10), this gives:
* length: 12, bit length =~ 71 bits
* length: 22, bit length =~ 131 bits
"""
return ''.join(secrets.choice(allowed_chars) for i in range(length))
print("Input password:")
password = input()
print("Input salt size (number of bytes):")
length = int(input())
print("Input work factor:")
work_factor = int(input())
salt = get_random_string(length)
print(f"Generated salt: {salt}")
salted_password = password + salt
print(f"Salted password: {salted_password}")
print(f"Work factor: {work_factor}")
num_iterations = 2**work_factor
print(f"Number of iterations: {num_iterations}")
for i in range(0, num_iterations):
digest = hashlib.sha256(salted_password.encode()).hexdigest()
salted_password = digest
print(f"Iteration {i} - SHA-256 hash: {digest}")
print(f"Final hash: {salted_password}")