3 Replies Latest reply on Mar 29, 2013 10:35 AM by user9108729

    dbms_crypto hash for SHA-1

    user9108729
      I need to implement Salted SHA {SSHA} passwords by updating LDAP using PL/SQL. These values should be stored in standard Base 64 encoded format. For this I am using DBMS_CRYTO, UTL_ENCODE and DBMS_LDAP.

      However, I am finding issues with RAW values. SHA1 should have hash length of 20bytes (160bit) where as the value I am getting from dbms_crypto is coming out as 40 bytes (probably due to hex representation).

      I would like to know how to prevent this size doubling and store the string properly in the LDAP? These passwords need to be verified by LDAP authentication tools which expect base 64 encoded binary.

      Example:
      SQL>select length(dbms_crypto.hash(utl_raw.cast_to_raw('mypass'),3)) from dual;
      result: 40 (should be 20)

      I appreciate your help.
      Thanks!
      RS