6 Oct
2017
6 Oct
'17
11:11 p.m.
mws@alpenjodel.de writes:
- select digest('testing123','sha512'); result: ?\x4120117b3190ba5e24044732b0b09aa9ed50eb1567705abcbfa78431a4e0a96b1152ed7f4925966b1c82325e186a8100e692e6d2fcb6702572765820d25c7e9e login fails
I think 2 problems here:
1) the encoding should be some modified base64; and
2) this appears to compute the SHA512 hash, *not* the
SHA512-Crypt hash, which is different. It involves
adding a salt and doing many iterations of SHA512.
A totally different algorithm.
Perusing the PostgreSQL man pages, I think you need something like
crypt(password,gen_salt('sha512'))
I made the 'sha512' up -- I can't find PostgresSQL docs stating whether it supports this value. The docs I found support the older SHA1 ($5$) crypt hashes. If your version doesn't support creating SHA512 ($6$) salts, you can create your own by replacing gen_salt() with "$6$"
- base64(long random value), and feed that to crypt().
Just as long as PostgreSQL uses the system crypt() and not its own implementation, it should produce a usable hash.
Joseph Tam <jtam.home@gmail.com>