-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does somebody have a Java implementation of the method how "mosquitto_passwd" generates hashes for the "passwd" file...? #2613
Comments
And that here is also "special"... score of -1... https://stackoverflow.com/questions/63265141/mosquitto-password-generation-in-python The problem is that i'n neither a c/c++ nor a python programmer. I understand PHP, but the example from my first post seems to be unusable. And i also (as already writter) understand Java. And also "speak" C# and J# .NET... Maybe somebody can help me? Thank you very very much for your feedback(s). :-) With best regards from Switzerland. |
And somewhere i read it's the same method as /etc/shadow does... but when i look into that file, there is no "$7$ ... " on beginning of the entries, and no "="-charachter at the end... I'm confused, really... :-( |
|
Thank you very very much for your fast feedback!! :-) |
Another question: How is it for version 1.x, concrete version 1.4.15? We also have a server with that version, besides one with v2.0.11... Does v1.x use the same password hash generation method as v2.0.x? Thank you very much for your feedback :-) |
|
What i have to to with the return value from 2.) - "Pass the password, the salt and a number of iterations to ... " ? How to concatenate it? On 4.), i only see username + ...BUT what is with the return value of the pbkdf2 hashing function using the sha512 digest that has 3 input paramters? (salt, password, number of iterations) Test code here: ` import java.security.GeneralSecurityException; import javax.crypto.SecretKeyFactory; public class MosquittoUsrAcctGenTest {
}` |
OUTPUT: user1:$7$101$MGI4ZGM2MmNmYmQ2NGE0MjlhMmI4YmIx$UDRsUDlHZ0QxVmlWMkRYQk1YZ25FbHhHMFRWNk1xTlVXZ2tLYjNNeW5DWUxiKzFaWkNhZFNuR3VlY0pQeHBXUW53MUNEMHdxNXBzQkZSVGMwTUE4VXc9PTBiOGRjNjJjZmJkNjRhNDI5YTJiOGJiMQ== |
solved |
What that guy writes seems to be a lil bit weird...
https://mikini.dk/2017/01/generating-passwords-for-mosquitto-mqtt-broker-using-php
1.) Salt value "spicychilinstuff" will go into the hash code as clear text
2.) Then will try to base64-decode a CLEAR (non-base64 encoded) text
And his example output begins with "$6$ ... " - not with "$7$ ... "
The text was updated successfully, but these errors were encountered: