blob: bb354157fc284f78f860d2b31b666c370379b97d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
==================================================================
:mod:`passlib.hash.nthash` - Windows NT-HASH for Unix
==================================================================
.. module:: passlib.hash.nthash
:synopsis: Windows NT-HASH for Unix
.. warning::
This scheme is notoriously weak (since it's based on :mod:`~passlib.utils.md4`).
Online tables exist for quickly performing pre-image attacks on this scheme.
**Do not use** in new code. Stop using in old code if possible.
This module implements the Windows NT-HASH algorithm,
encoded in a manner compatible with the :ref:`modular-crypt-format`.
It is found on some unix systems where the administrator has decided
to store user passwords in a manner compatible with the SMB/CIFS protocol.
It has no salt, or variable rounds.
Usage
=====
.. todo::
document usage
Functions
=========
.. autofunction:: genconfig
.. autofunction:: genhash
.. autofunction:: encrypt
.. autofunction:: identify
.. autofunction:: verify
In addition to the normal password hash api, this module also exposes
the following method:
.. function:: raw_nthash(secret, hex=False)
perform raw nthash calculation, returning either
raw digest, or as lower-case hexidecimal characters.
Format & Algorithm
==================
A nthash encoded for crypt consists of ``$3$${checksum}`` or
``$NT${checksum}``; where ``{checksum}`` is 32 hexidecimal digits
encoding the checksum. An example hash (of ``password``) is ``$3$$8846f7eaee8fb117ad06bdd830b7586c``.
The checksum is simply the :mod:`~passlib.utils.md4` digest
of the secret using the ``UTF16-LE`` encoding, encoded in hexidecimal
|
