I am having an issue with crypt library (Lib/crypt.py) when hashing passwords containing \n character. I am using python 3.8.2 on Linux. To compare hashed passwords produced by crypt, I used openssl and mkpasswd utilities.
When generating hashes for password without \n, crypt, openssl and mkpasswd return the same result:
openssl passwd -6 -salt "saltySalt" "password"
$6$saltySalt$0zG/rneQmcu2mKFi/xXKF5WVH4ald6AlPTwnSRggVpyu7iRbq9buUmS5gD884iB1seAPw3UehNZ/b.jxL0g4Y/
mkpasswd -S "saltySalt" -m sha-512 "password"
$6$saltySalt$0zG/rneQmcu2mKFi/xXKF5WVH4ald6AlPTwnSRggVpyu7iRbq9buUmS5gD884iB1seAPw3UehNZ/b.jxL0g4Y/
python3 -c 'import crypt; print(crypt.crypt("password","$6$saltySalt"))'
$6$saltySalt$0zG/rneQmcu2mKFi/xXKF5WVH4ald6AlPTwnSRggVpyu7iRbq9buUmS5gD884iB1seAPw3UehNZ/b.jxL0g4Y/
But when generating hashes for passwords containing \n character, crypt returns a result different from the result returned by openssl and mkpasswd:
openssl passwd -6 -salt "saltySalt" "password\n"
$6$saltySalt$v.6rXp74bIjKX42ufuY7/KWnngOAgFReenROiPODOQYzlRuE2NT4/Bgs8s4ULd3BgKNZQQ7i9GqlibMhRw2SV1
mkpasswd -S "saltySalt" -m sha-512 "password\n"
$6$saltySalt$v.6rXp74bIjKX42ufuY7/KWnngOAgFReenROiPODOQYzlRuE2NT4/Bgs8s4ULd3BgKNZQQ7i9GqlibMhRw2SV1
python3 -c 'import crypt; print(crypt.crypt("password\n","$6$saltySalt"))'
$6$saltySalt$hsmSR02RXIRP5U14cDo3wtwLCOD1Lb/9huWQEuJYRyatQjRjXmzYJI9rpfqys8ucIc.GbymuE3a5DVcLzSxn5/
I did not find a special mention for newline character in the documentation. Thanks for your help.
|