- Type: 1 (MD5)
- Salt: Y6tL9oGA
- Hash: FoYF9naVmbEd29gU915J00
Pwhash in Rust
[Hashing Home][Home]
The pwhash library contains a number of password hashing methods, including for bcrypt, MD5 crypt, and SHA-1 crypt. For MD5 crypt, an example is "\$1\$Y6tL9oGA\$FoYF9naVmbEd29gU915J00", and which has the fields of:
|
For MD5 crypt, we has fields defined between "\$" symbols. A sample hash issample hash is "\$1\$Y6tL9oGA$FoYF9naVmbEd29gU915J00", and which has the fields of:
We can test with OpenSSL for a password of "hello123":
% openssl passwd -1 -salt Y6tL9oGA hello123 $1$Y6tL9oGA$FoYF9naVmbEd29gU915J00
For bcrypt, a sample hash is: "\$2b\$10\$ralFpkUktJLdXmyN.XP0YOFqUw4hw6IeIRTV8f0UVdv.QABffgvGW", and which has the fields of:
For SHA-1 crypt, a sample hash is: "\$sha1\$20498\$gY6FhauW\$uIkSNXp8Xw9hS6f4UJKM1G9LvBxX", we get:
With SHA-256 crypt, a sample hash is "\$5\$/hqmQOhPafzx4Ld9\$NvyxMsyM8HJziXuoaBlpQtz.f2IkfbOYvLBVaYK7SfC", we get:
We can also have a \$rounds=X\$ field. If this is omitted the number of rounds is 5,000. For "SHA-512 Crypt, a sample hash is: "$\6\$q5D7B8Z9tRWLWuas\$8WNTuTtm5HxfMmLJ0RMiocrLcBcOQgfHsbaRKPA6AswjB1LKGpy3f0KsgZmk1ix62sdEZ5MPG7DfJnPk76gdM/"
We can also have a \$rounds=X\$ field. If this is omitted the number of rounds is 656,000.
An outline of the Rust code is:
extern crate pwhash; use pwhash::{bcrypt,md5_crypt,sha1_crypt,sha256_crypt,sha512_crypt,bsdi_crypt,unix_crypt}; use std::env; fn main() { let mut password="password"; let args: Vec<String> = env::args().collect(); if args.len() >1 { password = args[1].as_str();} println!("Password:\t{:}",password); let mut h_new = bcrypt::hash(password).unwrap(); println!("\nBcrypt:\t\t{:}",h_new); h_new = bsdi_crypt::hash(password).unwrap(); println!("BSDI Crypt:\t{:}",h_new); h_new = md5_crypt::hash(password).unwrap(); println!("MD5 Crypt:\t{:}",h_new); h_new = sha1_crypt::hash(password).unwrap(); println!("SHA1 Crypt:\t{:}",h_new); h_new = sha256_crypt::hash(password).unwrap(); println!("SHA-256 Crypt:\t{:}",h_new); h_new = unix_crypt::hash(password).unwrap(); println!("Unix crypt:\t{:}",h_new); // let rtn=bcrypt::verify(password, h); // println!("{:?}",rtn); }
Finally we simply build with:
cargo build
A sample run is:
Password: hello123 Bcrypt: $2b$10$1gZgrJFeD8CclpR3UJ1AsuStQcvNCW7l6qX2cK4h26WB0znfA44fe BSDI Crypt: _Gl/.00S/WNrZl.GgeM. MD5 Crypt: $1$Y6tL9oGA$FoYF9naVmbEd29gU915J00 SHA1 Crypt: $sha1$20498$gY6FhauW$uIkSNXp8Xw9hS6f4UJKM1G9LvBxX SHA-256 Crypt: $5$/hqmQOhPafzx4Ld9$NvyxMsyM8HJziXuoaBlpQtz.f2IkfbOYvLBVaYK7SfC SHA-512 Crypt: $6$q5D7B8Z9tRWLWuas$8WNTuTtm5HxfMmLJ0RMiocrLcBcOQgfHsbaRKPA6AswjB1LKGpy3f0KsgZmk1ix62sdEZ5MPG7DfJnPk76gdM/ Unix crypt: mUsMoOrweXet6
BSDi is based on des_crypt, and has a larger salt and a variable number of rounds.