SHA1-Crypt is a hash algorithm introduced by NetBSD in 2004. It’s based on a variation of the PBKDF1 algorithm, and supports a large salt and variable number of rounds.
password hash usage – for examples of how to use this class via the common hash interface.
This class implements the SHA1-Crypt password hash, and follows the Password Hash Interface.
It supports a variable-length salt, and a variable number of rounds.
This class will use the first available of two possible backends:
You can see which backend is in use by calling the get_backend() method.
An example hash (of password) is $sha1$40000$jtNX3nZ2$hBNaIXkt4wBI2o5rsi8KejSjNqIq. An sha1-crypt hash string has the format $sha1$rounds$salt$checksum, where:
The checksum is calculated using a modified version of PBKDF1 , replacing it’s use of the SHA1 message digest with HMAC-SHA1, (which does not suffer from the current vulnerabilities that SHA1 itself does, as well as providing some of the advancements made in PDKDF2).
This implementation of sha1-crypt differs from the NetBSD implementation in a few ways:
The NetBSD implementation randomly varies the actual number of rounds when generating a new configuration string, in order to decrease predictability. This feature is provided by Passlib to all hashes, via the CryptContext class, and so it omitted from this implementation.
The specification does not specify how to deal with zero-padding within the rounds portion of the hash. No existing examples or test vectors have zero padding, and allowing it would result in multiple encodings for the same configuration / hash. To prevent this situation, Passlib will throw an error if the rounds in a hash have leading zeros.
Restricted salt string character set:
The underlying algorithm can unambigously handle salt strings which contain any possible byte value besides \x00 and $. However, Passlib strictly limits salts to the hash64 character set, as nearly all implementations of sha1-crypt generate and expect salts containing those characters.
The underlying algorithm takes in a password specified as a series of non-null bytes, and does not specify what encoding should be used; though a us-ascii compatible encoding is implied by nearly all known reference hashes.
In order to provide support for unicode strings, Passlib will encode unicode passwords using utf-8 before running them through sha1-crypt. If a different encoding is desired by an application, the password should be encoded before handing it to Passlib.
|||description of sha1-crypt algorithm - http://mail-index.netbsd.org/tech-userlevel/2004/05/29/0001.html|
|||NetBSD implementation of SHA1-Crypt - http://fxr.googlebit.com/source/lib/libcrypt/crypt-sha1.c?v=NETBSD-CURRENT|
|||rfc defining PBKDF1 & PBKDF2 - http://tools.ietf.org/html/rfc2898 -|