1

Is it possible to specify a custom Base_64 dictionary when encoding data within passlib?

I have a requirement to generate 'scrypt' encoded passwords on a system that does not allow the '+' character within its configuration files.

More specifically the custom dictionary used is = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'

Opposed to the standard dictionary = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'

Using the code:

import sys
import re
from passlib.hash import scrypt

char = re.compile(r'[a-zA-Z0-9()!#$%^&*.,+=_-]')

def main():
    try:
        pwd = input('\n' + 'Enter a Plain Text Password to Encrypt: ')
    except KeyboardInterrupt:
            sys.exit(0)
    else:
        if len(pwd) > 64:
            print ('Password must be between 1 and 64 characters. Try again.')
            main()
        else:
            if (char.match(pwd)):
                hash = str(scrypt.using(rounds=14, salt_size=10).hash(pwd))[21:]
                print ('\n Your hash is: ' + hash)

            else:
                print ('Illegal characters. Try again.')
                main()

main()

It will occasionally output '+' characters, which my system does not support.

Your hash is: $o/ReK+U8JyRkbA$W6zFHBmebC4LwkTN+rB8kSgUbDK0Zo4p2z7CCwvJOXk

If I'm not mistaken, the characters also have to be in the correct order within the dictionary.

Is there a way to specify a custom dictionary with passlib? Or is there a better way to achieve this?

The 'salt' is also encoded using the same standard dictionary, which also needs to make use of the custom dictionary.

-Brett

HazyMaze
  • 23
  • 4
  • if `+` is a problem, you should propably use [`base64url`](https://en.wikipedia.org/wiki/Base64#Variants_summary_table) in which '+' is replaced with `-` and `/` with `_`. You wrote *If I'm not mistaken, the characters also have to be in the correct order within the dictionary* - where does this requirement come from? – jps May 21 '20 at 08:55
  • I have found many examples re: the order of the characters within the Base64 table/dictionary not working for others. Here is one - [https://stackoverflow.com/questions/5537750/decode-base64-like-string-with-different-index-tables](link). – HazyMaze May 21 '20 at 23:46
  • in that example the OP can't use base64 decoding because the string was not base64 encoded. Not using the base64 character set seems to be the problem there, but not the solution for any problem. Why should the order of characters matter? Base64 is a standard and if you use it for encoding and decoding it should be fine. – jps May 22 '20 at 06:39

0 Answers0