I'm writing a script in bash that generates LDIF file(for user account) and loads it to LDAP via ldapadd.The issue is in encrypting password to CRYPT-SHA-512. I'm using python for it.
password=`python3 -c 'import crypt; print(crypt.crypt("$pass", crypt.mksalt(crypt.METHOD_SHA512)))'`But every time after script importing that LDIF I cannot verify that password via Apache Directory Studio(screenshot).
For example, if I'm encrypting "xaPa3Ait" script returns:{CRYPT}$6$le2gfSxoFUZD2aqn$mTJby4dsvRGHINkGVacFXido0V3WIZ3mmOod3viIIyoV8sXrQOp4Dk.H8wkOpWUTmQ0XWJ8j9Lpz8No.R/CEJ.And it cannot be verified in Directory studio as well.
I can admit that I'm not the best programmer and there could be better ways to encrypt passwords, so your advice will be highly appreciated.
Thanks!
There is such code on C # and java, sha512 in them differs, whether it is possible to make somehow that the result sha512 was identical? I understand the problem in BaseConverter, analog Base64 in Java? Tried
Base64.getEncoder().encodeToString(str);But I get an error because of getEncoder(). Do I need a library for this?
Code in C#:
public string Hash(string str){ string resultStr = String.Empty; byte[] data = new UTF8Encoding().GetBytes(str); byte[] result; SHA512 shaM = new SHA512Managed(); result = shaM.ComputeHash(data); resultStr = ReverseString(BitConverter.ToString(result).ToLower().Replace("-", String.Empty)); return resultStr.Substring(5, 25);} public static string ReverseString(string s){ char[] charArray = s.ToCharArray(); Array.Reverse(charArray); return new string(charArray);}Code in Java:
public String Hash(String str) { try { MessageDigest digest = MessageDigest.getInstance("SHA-512"); digest.update(str.getBytes("UTF-16LE")); byte messageDigest[] = digest.digest(); StringBuffer hexString = new StringBuffer(); for (int i = 0; i < messageDigest.length; i++) { String h = Integer.toHexString(0xFF & messageDigest[i]); while (h.length() < 2) h = "0" + h; hexString.append(h); } result = hexString.toString().toLowerCase(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return ReverseString(result).substring(5, 25);} public static String ReverseString(String s) { return new StringBuilder(s).reverse().toString(); }I'm trying to authenticate a webhook from starling bank on a PHP 7.0.22 (Apache/2.4.6 (Red Hat Enterprise Linux)) server.
I've been told by support that the following java code is being used to generate the digest
private String calculateSignature(String sharedSecret, String requestJson) { try { String contentToDigest = sharedSecret + requestJson; MessageDigest messageDigest = MessageDigest.getInstance("SHA-512"); byte[] digest = messageDigest.digest(contentToDigest.getBytes()); return Base64.getEncoder().encodeToString(digest); } catch (NoSuchAlgorithmException e) { throw new RuntimeException("Error calculating digest for payload [" + requestJson + "]", e); }}The sharedSecret I already have and the requestJson I take from the webhook POST using:
$requestJson=file_get_contents('php://input') ;my php code to generate the hash is as follows:
$concatenated_string=$sharedSecret . json_encode($requestJson) ;$generated_hash=base64_encode(hash('sha512', $concatenated_string ));This doesn't give the same hash. Whilst hacking to try and find an answer, I've also tried the following :
$concatenated_string=$sharedSecret . $requestJson ;and different hash types and options:
$generated_hash=base64_encode(hash('sha512', $concatenated_string, true )) $generated_hash=base64_encode(openssl_digest($concatenated_string, 'sha512')) ;Anyone knows how to reproduce PHP hashing method hash(‘SHA512’, $value, true) in swift ? I tried to use CommonCrypto C library with this code :
extension String { func digest(length:Int32, gen:(data: UnsafePointer<Void>, len: CC_LONG, md: UnsafeMutablePointer<UInt8>) -> UnsafeMutablePointer<UInt8>) -> String { var cStr = [UInt8](self.utf8) var result = [UInt8](count:Int(length), repeatedValue:0) gen(data: &cStr, len: CC_LONG(cStr.count), md: &result) let output = NSMutableString(capacity:Int(length)) for r in result { output.appendFormat("%02x", r) } return String(output) }}and used it like this :
var digest = salted.digest(CC_SHA512_DIGEST_LENGTH, gen: {(data, len, md) in CC_SHA512(data,len,md)})But I don't get the right output
EDIT :
I have some PHP code :
echo base64_encode(hash('sha512', '8yOrBmkd', true)); // output: rlltLWeWaQCrfNTYMa0CcIs0mfLoHGAynrd+d8H65+rGAzHS/BSWsumwSmcxF9aAG9TIzXx+HOjArPyLL3herg==And I want my swift code to output the same. The Base64 encoding is ok :
let utf8str = input.dataUsingEncoding(NSUTF8StringEncoding)!.base64EncodedStringWithOptions(NSDataBase64EncodingOptions(rawValue: 0)) let base64Encoded = utf8str!.base64EncodedStringWithOptions(NSDataBase64EncodingOptions(rawValue: 0)) print("Encoded: \(base64Encoded)")But the hashing part return an output the same value as this PHP code :
echo base64_encode(hash('sha512', '8yOrBmkd', false)); // output: YWU1OTZkMmQ2Nzk2NjkwMGFiN2NkNGQ4MzFhZDAyNzA4YjM0OTlmMmU4MWM2MDMyOWViNzdlNzdjMWZhZTdlYWM2MDMzMWQyZmMxNDk2YjJlOWIwNGE2NzMxMTdkNjgwMWJkNGM4Y2Q3YzdlMWNlOGMwYWNmYzhiMmY3ODVlYWU=So I'm looking to use SHA-512 with PBKDF2 to implement Bitcoin BIP-039. I have managed to work out that SHA-512 falls under SHA2 but when I specify that as the hashing function, even with 64 byte output, it still reports as using SHA-256. Am I missing something? I tried adding +512 to the hash_class but that didn't work.
#!/usr/bin/perl#use Crypt::PBKDF2;my $sentence="Hellothere";my $salt="mnemonic";my $pbkdf2 = Crypt::PBKDF2->new( hash_class => 'HMACSHA2', # iterations => 2048, # output_len => 64, # );my $hash = $pbkdf2->generate($sentence,$salt);print "$hash\n";Gives
{X-PBKDF2}HMACSHA2+256:AAAIAA:bW5lbW9uaWM=:NLw67sZbhQYsPhrEYm9e5ruslS6/ivK1vDfICtCN07rb7RuBkQxAoZIyTG7sTmsob30JwoP64Fvzpjx6Cqc+KQ==Please note that by viewing our site you agree to our use of cookies (see خلوت for details). You will only see this message once.