Re: [lsc-users] Problem sha-1 encryption

Mon, 09 Mar 2020 02:29:31 -0700 

Le 06/03/2020 à 12:54, Forster Arnaud, Gymnase francais a écrit :
> Hello all,
>
> I've a small problem with the encryption function  
> SecurityUtils.hash(SecurityUtils.HASH_SHA1,"TestUser1") :
>
> When I use dit, the result is not the same than another tool I'm using to 
> authenticate : 
>
>
> For example,  with the above function, the password 'TestUser1' gives me the 
> result  "suEv6NdDYH+VCIKI0Ej9+kvcco4=? "
>
> With my other tool, and the same SHA1  encryption  ,the result is 
> "b2e12fe8d743607f95088288d048fdfa4bdc728e"
>
> So I can't compare them. Maybe I should user another encryption to get the 
> same result  but which one ? 
>
>
> I'm very new in encryption so maybe I wrongly understand what I see...
>
> Thanks to all for your help 😊 


Hello Arnaud,

looking at source code, it seems that LSC SecurityUtils encodes the
result in Base64:


        /**
         * Hash a value within a supported hash type.
         * @param type A valid hash type: SecurityUtils.HASH_MD5,
SecurityUtils.HASH_SHA1, SecurityUtils.HASH_SHA256 or
SecurityUtils.HASH_SHA512
         * @param value A value to hash
         * @return A valid base64 encoded hash
         * @throws java.security.NoSuchAlgorithmException
         */
        public static String hash(String type, String value) throws
NoSuchAlgorithmException {
                byte data[] = value.getBytes();
                byte hash[] = MessageDigest.getInstance(type).digest(data);
                return new String(new Base64().encode(hash));
        }

But on the other hand, I can successfully create SHA passwords in LSC
from a cleartext password :


        <dataset>
          <name>userPassword</name>
          <policy>FORCE</policy>
          <forceValues>
                <string><![CDATA[
                        var octetString =
srcBean.getDatasetFirstValueById("userPassword");
                        var str = java.lang.String(octetString);
                        "{SHA}" +
SecurityUtils.hash(SecurityUtils.HASH_SHA1, str)
                        ]]>
                </string>
          </forceValues>
        </dataset>


-- 
Clément Oudot | Identity Solutions Manager

[email protected]

Worteks | https://www.worteks.com

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users

Reply via email to