From my tests in the last week, not it does not support SSHA.
The only value you can pass has hash_function is "SHA-1".But it sure would make my life easier if other hash functions where supported.
Terry C wrote:
Since the Google password hash is SHA-1 can it also support the SSHA
hash format?
My understanding of the SSHA is the salt length is 8 and the SHA-1
length is 20, all encoded.
Using a program from the internet it is demonstrated below.
The question is:
Does Google Apps understand the SSHA format as well as the SHA-1
format?
My reason for this question is that LDAP engines can use several hash/
encryption methods. If the Google end understood the {SSHA} format as
well as the {SHA-1} method we could do an LDAP lookup for the password
and send it to Google with a minimum of processing.
- Terry Combs
-bash-3.00$ java TestSSHA -s ec783f35c234251a 123abc
where s=seed password=123abc
pwhash, binary represented as hex:
4dab7547eeef0d8f3cae5e21154baabf1b2a74ac
Putting it all together:
binary digest of password plus binary salt: [EMAIL PROTECTED]@1ccce3c
Now we base64 encode what is represented above this line ...
{SSHA}Tat1R+7vDY88rl4hFUuqvxsqdKzseD81wjQlGg==
-bash-3.00$ java TestSSHA -v -c {SSHA}Tat1R
+7vDY88rl4hFUuqvxsqdKzseD81wjQlGg== 123abc
Salted Hash extracted (in hex):
4dab7547eeef0d8f3cae5e21154baabf1b2a74ac
Salt extracted (in hex): ec783f35c234251a
Hash length is: 20 Salt length is: 8
Salted Hash presented in hex: 4dab7547eeef0d8f3cae5e21154baabf1b2a74ac
Hashes match: 123abc
-bash-3.00$
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google
Apps APIs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/google-apps-apis?hl=en
-~----------~----~----~----~------~----~------~--~---
signature.asc
Description: OpenPGP digital signature
