You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@directory.apache.org by Kevin Hamilton <kh...@umem.org> on 2012/12/11 19:17:17 UTC

Retrieving Salts

Hello,

I use the SSHA512 Hashing Interceptor to store passwords. I was wondering
if there is any way to retrieve these salts after the fact. Where are they
stored?

Thanks,
Kevin

Re: Retrieving Salts

Posted by Kiran Ayyagari <ka...@apache.org>.

this is indeed the case, one can use the PasswordUtil's methods if needed
for retrieving various parts
of a hash

[1]
http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/shared/ldap/model/password/PasswordUtil.java?view=markup

On Tue, Dec 11, 2012 at 11:58 PM, Linus van Geuns <li...@vangeuns.name>wrote:

> Hey,
>
> I cannot speak from experience with salted userPassword values of ApacheDS,
> but usually they are stored within the attribute userPassword itself.
> Format:
> userPassword: { <algorithm> } <salt> <hash>
>
> e.g. for password "test123":
> userPassword: {SSHA}e8wXXTVuvS5IPd0tueLHnrWYrgJZtL1j
>
> The presence and length of the salt and the length of the hash depend on
> the chosen algorithm.
>
> Regards, Linus
>
>
> On Tue, Dec 11, 2012 at 7:17 PM, Kevin Hamilton <kh...@umem.org>
> wrote:
>
> > Hello,
> >
> > I use the SSHA512 Hashing Interceptor to store passwords. I was wondering
> > if there is any way to retrieve these salts after the fact. Where are
> they
> > stored?
> >
> > Thanks,
> > Kevin
> >
>
>
>
> --
> Linus van Geuns
> IT-Dienstleistungen
>
> Telefon: +49 179 7700683
> E-Mail: <li...@vangeuns.name>
>
> Gartenstr. 56a
> 76133 Karlsruhe
>



-- 
Kiran Ayyagari
http://keydap.com

Re: Retrieving Salts

Posted by Linus van Geuns <li...@vangeuns.name>.

Hey,

I cannot speak from experience with salted userPassword values of ApacheDS,
but usually they are stored within the attribute userPassword itself.
Format:
userPassword: { <algorithm> } <salt> <hash>

e.g. for password "test123":
userPassword: {SSHA}e8wXXTVuvS5IPd0tueLHnrWYrgJZtL1j

The presence and length of the salt and the length of the hash depend on
the chosen algorithm.

Regards, Linus

On Tue, Dec 11, 2012 at 7:17 PM, Kevin Hamilton <kh...@umem.org> wrote:

> Hello,
>
> I use the SSHA512 Hashing Interceptor to store passwords. I was wondering
> if there is any way to retrieve these salts after the fact. Where are they
> stored?
>
> Thanks,
> Kevin
>

-- 
Linus van Geuns
IT-Dienstleistungen

Telefon: +49 179 7700683
E-Mail: <li...@vangeuns.name>

Gartenstr. 56a
76133 Karlsruhe