gpt4 book ai didi

java - Hudson 使用什么密码加密?

转载 作者:搜寻专家 更新时间:2023-11-01 02:17:21 25 4
gpt4 key购买 nike

这是我在 hudson/users/me/config.xml 中看到的:

[...]
<hudson.security.HudsonPrivateSecurityRealm_-Details>
<passwordHash>mEDUyJ:0c9e6f2556b9b3a0b9e9046c21490422b4a54877f057b527b2c0bd4dc83342d5</passwordHash>
</hudson.security.HudsonPrivateSecurityRealm_-Details>
[...]

算法是什么(如果是 SHA1,那么 mEDUyJ 前缀是什么)?例如,如何在 PHP 中获取此哈希值?

最佳答案

负责此操作的源代码可在 hudson.security.HudsonPrivateSecurityRealm 中找到类(更具体地说,PasswordEncoder 内部类)。

考虑你的例子:

mEDUyJ:0c9e6f2556b9b3a0b9e9046c21490422b4a54877f057b527b2c0bd4dc83342d5

The prefix (mEDUyJ) is actually a six-letter salt. A salt can be any six-letter permutation of uppercase letters and lowercase letters.

Hudson uses the Acegi Security library. More specifically, it uses that library's ShaPasswordEncoder class. It's basically doing this:

String salt = generateSomeSixLetterSalt() // Fictional function
String passwordHash = salt + ":" + new ShaPasswordEncoder(256).encodePassword(password, salt);

查看 ShaPasswordEncoder 的源代码后,您会发现它实际上是这样做的:

// Fictional functions ahead...
String salt = generateSomeSixLetterSalt()
String passwordHash = salt + ":" + hex_encode(sha256_hash(utf8_encode(password + "{" + salt + "}")))

关于java - Hudson 使用什么密码加密?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4358146/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com