I'm in the process of migrate a php site with FOSUserBundle to a Django user model.
The content of app/config/security.yml:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
Values of password/salt from a user test at the PHP site:
- password:
3EBoIIMrD73n2y+4hMUpCq2lmJ8tHStrBweonQClP+/Jhmaw7ipLbamQJQfB87Acg45sBH3HlgnpKI+QZN7m/Q== - salt:
2n4fxtazv1us0csgg8s880ck4skcskg - The password used is
amdpower
I've tried to generate the same hash with this code:
raw_password = 'amdpower'
salt = '2n4fxtazv1us0csgg8s880ck4skcskg'
salted = '%s{%s}' % (raw_password, salt)
digest = hashlib.sha512(salted).digest()
for i in range(5000):
digest = hashlib.sha512(digest).digest()
print base64.b64encode(digest)
>>> wqgbbFZ/IPvwZktbmYz7inffofmT5HbRNf04BQ+w33Jgman8uVYbjWyiKzfp5EIFX2wqYGOb7hRzi5BdZlzDKw==
What's wrong with the hashing code I've tried? How can I generate the same hash?
Update:
The PHP funcs are:
FOSUserBundle: https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Model/UserManager.php#L180
Symfony: https://github.com/symfony/symfony/tree/master/src/Symfony/Component/Security/Core/Encoder
Solved:
raw_password = 'amdpower'
salt = '2n4fxtazv1us0csgg8s880ck4skcskg'
salted = '%s{%s}' % (raw_password, salt)
digest = hashlib.sha512(salted).digest()
for i in range(4999):
digest = hashlib.sha512('%s%s' % (digest, salted)).digest()
print base64.b64encode(digest)
>>> 3EBoIIMrD73n2y+4hMUpCq2lmJ8tHStrBweonQClP+/Jhmaw7ipLbamQJQfB87Acg45sBH3HlgnpKI+QZN7m/Q==
