We hash at the application side (java) before persisting it into the table. We use
SSHA256. At high level below is the pseudo code of hashing.
Generate 5 byte salt
//Add salt and password to message digest instance
Get Message Digest instance
//hash the content
byte hashedText = new byte[32+salt_length];
messageDigest.digest(hashedText, 0, 32);
// append the salt to the hashed text
System.arraycopy(salt, 0, hashedText, len, saltLength);
Store above byte in base64 format in RDBMS
From: Quanah Gibson-Mount <quanah(a)symas.com>
Sent: Wednesday, November 4, 2020 9:32 PM
To: Thangavel, Parameswaran; openldap-technical(a)openldap.org
Subject: Re: Migration of Password Hash from RDBMs
--On Wednesday, November 4, 2020 3:35 AM +0000 "Thangavel, Parameswaran"
I looking to replace RDBMS with openldap as datastore for one of the
product. One blocker we have is handling the password migration.
The password is stored in hashed format in RDBMS. However, I am not
able to get the password migrated.
What password hash is being used by the RDBMS?
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: