将纯文本和哈希值与 bcrypt 进行比较时出现无效盐错误
我正在尝试使用 bcrypt 比较 python 中保存的哈希值和用户输入。我的代码:
while passnotcorrect == True:
password = input("Enter password: ")
password = password.encode('utf-8')
file = open('password.txt', 'r')
checkhash = file.read()
file.close()
checkhash = checkhash.encode('utf-8')
if bcrypt.checkpw(password, checkhash):
passnotcorrect = False
os.system('cls||clear')
else:
print("Password is incorrect \n")
错误:
ValueError:盐无效
我真的很需要一些帮助。我不确定为什么这个函数首先需要盐。谢谢
I'm trying to compare a saved hash and a user input in python using bcrypt. My code:
while passnotcorrect == True:
password = input("Enter password: ")
password = password.encode('utf-8')
file = open('password.txt', 'r')
checkhash = file.read()
file.close()
checkhash = checkhash.encode('utf-8')
if bcrypt.checkpw(password, checkhash):
passnotcorrect = False
os.system('cls||clear')
else:
print("Password is incorrect \n")
The error:
ValueError: Invalid salt
I'd really like some help with this. I'm not sure why this function would require the salt in the first place. Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
有点晚了,但我认为你的问题是你试图将 utf8 编码的字符串输入“password”与从文件读取的另一个字符串“checkhash”进行比较。
Bcrypt.checkpw() 接受要检查的密码的 UTF8 编码字符串作为第一个参数,后跟 UTF8 编码的 hash 来比较所提供的密码,以查看提供的密码是否与哈希密码匹配。
太长了;当第二个参数需要是您要比较的哈希值(黄金标准)时,您将两个字符串传递给 checkpw 方法。
确保您的哈希密码在输入或检索时不会被截断(长度匹配)。
A little late but I think your issue is that you're trying to compare 'password' which is utf8 encoded string input with 'checkhash', another string read from a file.
Bcrypt.checkpw() takes in a UTF8 encoded string for the password to check as the first argument followed by the UTF8 encoded hash to compare the password being provided against to see if the provided pass matches the hash pass.
TLDR; you're passing two strings to the checkpw method, when the second argument needs to be the hash you're comparing against (gold standard).
Make sure your hashed password isn't being truncated (length matches) upon entry or retrieval.