Le 06/03/2020 à 12:54, Forster Arnaud, Gymnase francais a écrit : > Hello all, > > I've a small problem with the encryption function > SecurityUtils.hash(SecurityUtils.HASH_SHA1,"TestUser1") : > > When I use dit, the result is not the same than another tool I'm using to > authenticate : > > > For example, with the above function, the password 'TestUser1' gives me the > result "suEv6NdDYH+VCIKI0Ej9+kvcco4=? " > > With my other tool, and the same SHA1 encryption ,the result is > "b2e12fe8d743607f95088288d048fdfa4bdc728e" > > So I can't compare them. Maybe I should user another encryption to get the > same result but which one ? > > > I'm very new in encryption so maybe I wrongly understand what I see... > > Thanks to all for your help 😊
Hello Arnaud, looking at source code, it seems that LSC SecurityUtils encodes the result in Base64: /** * Hash a value within a supported hash type. * @param type A valid hash type: SecurityUtils.HASH_MD5, SecurityUtils.HASH_SHA1, SecurityUtils.HASH_SHA256 or SecurityUtils.HASH_SHA512 * @param value A value to hash * @return A valid base64 encoded hash * @throws java.security.NoSuchAlgorithmException */ public static String hash(String type, String value) throws NoSuchAlgorithmException { byte data[] = value.getBytes(); byte hash[] = MessageDigest.getInstance(type).digest(data); return new String(new Base64().encode(hash)); } But on the other hand, I can successfully create SHA passwords in LSC from a cleartext password : <dataset> <name>userPassword</name> <policy>FORCE</policy> <forceValues> <string><![CDATA[ var octetString = srcBean.getDatasetFirstValueById("userPassword"); var str = java.lang.String(octetString); "{SHA}" + SecurityUtils.hash(SecurityUtils.HASH_SHA1, str) ]]> </string> </forceValues> </dataset> -- Clément Oudot | Identity Solutions Manager clement.ou...@worteks.com Worteks | https://www.worteks.com _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list lsc-users@lists.lsc-project.org https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users