Vote count:
0
I would like to have a piece of code that is able to check if a given password match the one stored in the crowd cwd_user table.
The passwords in that table starts with "{PKCS5S2}..." and I found in the link below that crowd is using the PBKDF2 algorithm:
The default is "Atlassian Security", which is currently a dumb wrapper around Bouncy Castle's implementation of PKCS 5 version 2 (aka PBKDF2), using a random 16 byte salt, 10,000 iterations, and generating a 256-bit hash as the final output
Is anybody able to provide me a method I can use to match that password?
For example, if I create a user "toto" with password "1234", I get the following row in my database :
user_name credential
------------- -------------------------------------------------------------------------
toto {PKCS5S2}m+u8ed1RKRew3jjHPilZw0ICL6BG/qyeN+kVRRS9nsO+VK7Q5I0vCK3gLvCFWC3n
I would like a method such that:
public String getHash(String rowPassword){
// ?????
}
where
getHash("1234") returns "{PKCS5S2}m+u8ed1RKRew3jjHPilZw0ICL6BG/qyeN+kVRRS9nsO+VK7Q5I0vCK3gLvCFWC3n"
Thanks for your help!
asked 1 min ago
How to match crowd database passwords?
Aucun commentaire:
Enregistrer un commentaire