The idea of salted hash algorithms is to generate a different hash even if the same text is entered. That can be easily seen with dovecotpw: using NON-salted SHA256, same hash is generated for a given password [root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM[root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM[root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM[root at correio ~]# using SALTED SHA256, a different hash is generated for the same given password [root at correio ~]# dovecotpw -s SSHA256 -p 123 {SSHA256}FpJZqafpEVKp2heepp9Z7+OeHaX+DBVpLzd6GKg3BW1XqDS0 [root at correio ~]# dovecotpw -s SSHA256 -p 123 {SSHA256}6lWmvtO3SKG5RMET5n89WMIp0xeCg3U14xH1xnAXbvkr8Yjk [root at correio ~]# dovecotpw -s SSHA256 -p 123 {SSHA256}7fXVjC7Iiu0Ko9SgyBpbDvbwMSkoxMILRjDUE0nNpCHBFaIa [root at correio ~]# This ideia is OK to me ... but i'm having a hard time trying to figure out how my dovecot-sql.conf would be in the case i store salted SHA256 passwords on the database. The idea is to use a RANDOM salt, not a fixed one, just like dovecotpw does. would it be as simple as changing the 'password', which today is plaintext, by something like concat('{SHA256}',password) ??? dont i have to give the salt, somehow ?? Or should i store the salt used in the password, for example first or last N characters .... is there anyone using dovecot with MySQL and SSHA256 passwords that can share me the dovecot-sql.conf file ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, Feb 13, 2010 at 10:09:34PM -0200, Leonardo Rodrigues wrote:> > The idea of salted hash algorithms is to generate a different hash even > if the same text is entered. That can be easily seen with dovecotpw:I don't know about dovecot's algorithm especially, but the idea about salt is that you store the salt along with the password (typically the few first chars, say two). And indeed, if you compare the lengths of your unsalted vs. salted variants: unsalted:> pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuMsalted: > FpJZqafpEVKp2heepp9Z7+OeHaX+DBVpLzd6GKg3BW1XqDS0there seem to be a couple of chars more in the salted variant. The algorithm for checking is just: cut off the salt, merge with provided password, digest (SHA), compare to stored hashed password.> but i'm having a hard time trying to figure out how my dovecot-sql.conf > would be in the case i store salted SHA256 passwords on the database. The > idea is to use a RANDOM salt, not a fixed one, just like dovecotpw does.> would it be as simple as changing the 'password', which today is > plaintext, by something like > > concat('{SHA256}',password) ??? > > dont i have to give the salt, somehow ?? Or should i store the salt > used in the password, for example first or last N characters ....No, just let Dovecot's algorithm do the generation (and later checking) of the password? (I might be misunderstanding your problem, though). Regards - -- tom?s -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFLd54DBcgs9XrR2kYRAnUGAJwOjHhCdhOZCMH/5YkFnQbXq7satQCfTNbn 8v9/1zO1R64StmAFF/vV5so=KbUx -----END PGP SIGNATURE-----
Leonardo Rodrigues wrote:> The idea of salted hash algorithms is to generate a different hash > even if the same text is entered. That can be easily seen with dovecotpw: > > > using NON-salted SHA256, same hash is generated for a given password > > [root at correio ~]# dovecotpw -s SHA256 -p 123 > {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM> [root at correio ~]# dovecotpw -s SHA256 -p 123 > {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM> [root at correio ~]# dovecotpw -s SHA256 -p 123 > {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM> [root at correio ~]# > > using SALTED SHA256, a different hash is generated for the same given > password > > [root at correio ~]# dovecotpw -s SSHA256 -p 123 > {SSHA256}FpJZqafpEVKp2heepp9Z7+OeHaX+DBVpLzd6GKg3BW1XqDS0 > [root at correio ~]# dovecotpw -s SSHA256 -p 123 > {SSHA256}6lWmvtO3SKG5RMET5n89WMIp0xeCg3U14xH1xnAXbvkr8Yjk > [root at correio ~]# dovecotpw -s SSHA256 -p 123 > {SSHA256}7fXVjC7Iiu0Ko9SgyBpbDvbwMSkoxMILRjDUE0nNpCHBFaIa > [root at correio ~]# > > > This ideia is OK to me ... > > but i'm having a hard time trying to figure out how my > dovecot-sql.conf would be in the case i store salted SHA256 passwords > on the database. The idea is to use a RANDOM salt, not a fixed one, > just like dovecotpw does. > > would it be as simple as changing the 'password', which today is > plaintext, by something like > > concat('{SHA256}',password) ??? > > dont i have to give the salt, somehow ?? Or should i store the > salt used in the password, for example first or last N characters .... > > is there anyone using dovecot with MySQL and SSHA256 passwords > that can share me the dovecot-sql.conf file ?How about just putting default_pass_scheme = SSHA256 in your dovecot-sql file? I do it that way for CRAM-MD5. Rgds, N.
Em 31/07/2010 18:51, Patrick Westenberg escreveu:> Leonardo Rodrigues schrieb: >> >> that's all because i already have a account manager system, >> written on PHP, which i had to kept. So i was trying to understand >> how that's work to make it work on my system i couldnt stop using. >> >> but after some tryings i got everything running. All my passwords >> were already migrated from plaintext to Salted-SHA2-256. > > Hi Leonardo, > > can you tell me how you solved your problem with creating salted > passwords via PHP? >Hi .... yes i've acchieved some PHP routines for creating the salted SHA256 password with random salt and also comparing a stored hashed password with a plaintext supplied one. encoded passwords will be exited as: {SSHA256.HEX}acf5ce0f51cca2077e27884a7cec385c430bb402c2f961b02bfa779c18aaf9a373772d99 encoded password strings is 85-char length with the SSHA.256 prefix and 72 without it as i'm storing passwords with the SSHA256.HEX prefix, my dovecot conf has: default_pass_scheme = PLAIN so i can have any dovecot-supported encoded password on the database as well as plaintext ones code may not be very beautiful, i do admit that i'm not good on making beautiful codes .... but its working nice in several places :) http://pastebin.com/fzDGE561 the VerifyHashedPassword routine can receive passwords with the {SSHA256.HEX} string and without as well. That makes easier to just compare database stored passwords as well as the newly generated ones to compare with newly encoded ones based on the plaintext supplied. usage is pretty simple .... something like: $hashedpwd = HashedPassword($plainpwd); and store $hashedpwd whatever you want to store it checking the stored password against a supplied password would be something like: if ( VerifyHashedPassword($hashedpwd,$plainpwd) ) { // supplied plaintext password MATCH with supplied hashed password do whatever you want if passwords matches } else { // supplied plaintext password DO NOT MATCH with supplied hashed password do whatever you want if passwords DO NOT match } Hope this helps you :) -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it