1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
|
==============================================
:mod:`passlib.hash` - Password Hashing Schemes
==============================================
.. module:: passlib.hash
:synopsis: all password hashes provided by Passlib
Overview
========
The :mod:`!passlib.hash` module contains all the password hash algorithms built into Passlib.
While each hash has its own options and output format,
they all inherit from the :mod:`~passlib.ifc.PasswordHash` base interface.
The following pages describe each hash in detail,
including its format, underlying algorithm, and known security issues.
.. rst-class:: float-center
.. danger::
**Many of the hash algorithms listed below are *NOT* secure.**
Passlib supports a wide array of hash algorithms, primarily to
support legacy data and systems.
If you want to choose a secure algorithm for a new application,
see the :doc:`Quickstart Guide </narr/quickstart>`.
.. rst-class:: float-center
.. seealso::
:ref:`hash-tutorial` -- for general usage examples
.. _mcf-hashes:
Unix Hashes
===========
Aside from "archaic" schemes such as :class:`!des_crypt`,
most of the password hashes supported by modern Unix flavors
adhere to the :ref:`modular crypt format <modular-crypt-format>`,
allowing them to be easily distinguished when used within the same file.
Variants of this format's basic :samp:`${scheme}${salt}${digest}` structure have also been adopted for use
by other applications and password hash schemes.
.. _standard-unix-hashes:
.. rst-class:: toc-always-open
Active Unix Hashes
------------------
All the following schemes are actively in use by various Unix flavors to store user passwords
They all follow the modular crypt format.
.. toctree::
:maxdepth: 1
passlib.hash.bcrypt
passlib.hash.sha256_crypt
passlib.hash.sha512_crypt
Special note should be made of the following fallback helper,
which is not an actual hash scheme, but implements the "disabled account marker"
found in many Linux & BSD password files:
.. toctree::
:maxdepth: 1
passlib.hash.unix_disabled
.. rst-class:: toc-always-open
Deprecated Unix Hashes
----------------------
The following schemes are supported by various Unix systems
using the modular crypt format, but are no longer considered secure,
and have been deprecated in favor of the `Active Unix Hashes`_ (above).
* :class:`passlib.hash.bsd_nthash` - FreeBSD's MCF-compatible encoding of :doc:`nthash <passlib.hash.nthash>` digests
.. toctree::
:maxdepth: 1
passlib.hash.md5_crypt
passlib.hash.sha1_crypt
passlib.hash.sun_md5_crypt
.. _archaic-unix-schemes:
.. rst-class:: toc-always-open
Archaic Unix Hashes
-------------------
The following schemes are supported by certain Unix systems,
but are considered particularly archaic: Not only do they predate
the modular crypt format, but they're based on the outmoded DES block cipher,
and are woefully insecure:
.. toctree::
:maxdepth: 1
passlib.hash.des_crypt
passlib.hash.bsdi_crypt
passlib.hash.bigcrypt
passlib.hash.crypt16
Other "Modular Crypt" Hashes
============================
The :ref:`modular crypt format <modular-crypt-format>` is a loose standard
for password hash strings which started life under the Unix operating system,
and is used by many of the Unix hashes (above). However, it's
it's basic :samp:`${scheme}${hash}` format has also been adopted by a number
of application-specific hash algorithms:
.. rst-class:: toc-always-open
Active Hashes
-------------
While most of these schemes are generally application-specific,
and are not natively supported by any Unix OS,
they can be used compatibly along side other modular crypt format hashes:
.. toctree::
:maxdepth: 1
passlib.hash.argon2
passlib.hash.bcrypt_sha256
passlib.hash.phpass
passlib.hash.pbkdf2_digest
passlib.hash.scram
passlib.hash.scrypt
.. rst-class:: toc-always-open
Deprecated Hashes
-----------------
The following are some additional application-specific hashes which are still
occasionally seen, use the modular crypt format, but are rarely used or weak
enough that they have been deprecated:
.. toctree::
:maxdepth: 1
passlib.hash.apr_md5_crypt
passlib.hash.cta_pbkdf2_sha1
passlib.hash.dlitz_pbkdf2_sha1
.. _ldap-hashes:
LDAP / RFC2307 Hashes
=====================
All of the following hashes use a variant of the password hash format
used by LDAPv2. Originally specified in :rfc:`2307` and used by OpenLDAP [#openldap]_,
the basic format ``{SCHEME}HASH`` has seen widespread adoption in a number of programs.
.. _standard-ldap-hashes:
Standard LDAP Schemes
---------------------
.. toctree::
:hidden:
passlib.hash.ldap_std
The following schemes are explicitly defined by RFC 2307,
and are supported by OpenLDAP.
* :class:`passlib.hash.ldap_md5` - MD5 digest
* :class:`passlib.hash.ldap_sha1` - SHA1 digest
* :class:`passlib.hash.ldap_salted_md5` - salted MD5 digest
* :class:`passlib.hash.ldap_salted_sha1` - salted SHA1 digest
* :class:`passlib.hash.ldap_salted_sha256` - salted SHA256 digest
* :class:`passlib.hash.ldap_salted_sha512` - salted SHA512 digest
.. toctree::
:maxdepth: 1
passlib.hash.ldap_crypt
* :class:`passlib.hash.ldap_plaintext` - LDAP-Aware Plaintext Handler
Non-Standard LDAP Schemes
-------------------------
None of the following schemes are actually used by LDAP,
but follow the LDAP format:
.. toctree::
:hidden:
passlib.hash.ldap_other
* :class:`passlib.hash.ldap_hex_md5` - Hex-encoded MD5 Digest
* :class:`passlib.hash.ldap_hex_sha1` - Hex-encoded SHA1 Digest
.. toctree::
:maxdepth: 1
passlib.hash.ldap_pbkdf2_digest
passlib.hash.atlassian_pbkdf2_sha1
passlib.hash.fshp
* :class:`passlib.hash.roundup_plaintext` - Roundup-specific LDAP Plaintext Handler
.. _database-hashes:
SQL Database Hashes
===================
The following schemes are used by various SQL databases
to encode their own user accounts.
These schemes have encoding and contextual requirements
not seen outside those specific contexts:
.. toctree::
:maxdepth: 1
passlib.hash.mssql2000
passlib.hash.mssql2005
passlib.hash.mysql323
passlib.hash.mysql41
passlib.hash.postgres_md5
passlib.hash.oracle10
passlib.hash.oracle11
.. _windows-hashes:
MS Windows Hashes
=================
The following hashes are used in various places by Microsoft Windows.
As they were designed for "internal" use, they generally contain
no identifying markers, identifying them is pretty much context-dependant.
.. toctree::
:maxdepth: 1
passlib.hash.lmhash
passlib.hash.nthash
passlib.hash.msdcc
passlib.hash.msdcc2
.. rst-class:: toc-always-toggle
Cisco Hashes
============
..
TODO:
What was/were IOS types 1, 2, 3, and 6? Don't see many references.
Think type 6 is a reversible encryption format ala type 7,
per https://supportforums.cisco.com/discussion/11733226/when-use-type-6-encrypted-or-type-7-encrypted
**Cisco IOS**
The following hashes are used in various places on Cisco IOS, and
are usually referred to by a Cisco-assigned "type" code:
.. rst-class:: hidden
.. toctree::
:maxdepth: 1
passlib.hash.cisco_type7
* :doc:`passlib.hash.md5_crypt <passlib.hash.md5_crypt>` -- "Type 5" hashes are actually just the standard
Unix MD5-Crypt hash, the format is identical.
* :doc:`passlib.hash.cisco_type7 <passlib.hash.cisco_type7>` -- "Type 7" isn't actually a hash,
but a reversible encoding designed to obscure passwords from idle view.
* "Type 8" hashes are based on PBKDF2-HMAC-SHA256;
but not currently supported by passlib (:issue:`87`).
* "Type 9" hashes are based on scrypt;
but not currently supported by passlib (:issue:`87`).
**Cisco PIX & ASA**
Separately from this, Cisco PIX & ASA firewalls have their own hash formats,
generally identified by the "format" parameter in the :samp:`username {user} password {hash} {format}` config line
they occur in. The following are known & handled by passlib:
.. rst-class:: hidden
.. toctree::
:maxdepth: 1
passlib.hash.cisco_pix
passlib.hash.cisco_asa
* :doc:`passlib.hash.cisco_pix <passlib.hash.cisco_pix>` -- PIX "encrypted" hashes
use a simple unsalted MD5-based algorithm.
* :doc:`passlib.hash.cisco_asa <passlib.hash.cisco_asa>` -- ASA "encrypted" hashes
use a similar algorithm to PIX, with some minor improvements.
* ASA "nt-encrypted" hashes
are the same as :class:`passlib.hash.nthash`,
except that they use base64 encoding rather than hexadecimal.
* ASA 9.5 added support for "pbkdf2" hashes
(based on PBKDF2-HMAC-SHA512); which aren't currently supported
by passlib (:issue:`87`).
.. _other-hashes:
Other Hashes
============
The following schemes are used in various contexts,
but have formats or uses which cannot be easily placed
in one of the above categories:
.. toctree::
:maxdepth: 1
passlib.hash.django_std
passlib.hash.grub_pbkdf2_sha512
passlib.hash.hex_digests
passlib.hash.plaintext
.. rubric:: Footnotes
.. [#openldap] OpenLDAP homepage - `<http://www.openldap.org/>`_.
|
