Ns sha1

From AOLserver Wiki
Revision as of 15:15, 3 December 2005 by Caveman (talk | contribs) (additional information on salt usage -- perhaps here not the best place for it)
Jump to navigation Jump to search

Function

ns_sha1 string

Description

Returns a 40-character, hex-encoded string containing the SHA1 hash of the first argument.

Usage

Example 1: 

set sRawPassword "mypassword"
set sPassword [ns_sha1 $sRawPassword]
ns_adp_puts $sPassword
# 04003622EB9D0F788CE7568C7EED23809534365A

Usually this function is used with either a prefixed or postfixed salt, as without a salt it is succeptible to dictionary-based attacks.

Example 2: 

set sSalt "salty"
set sRawPassword "mypassword"
set sPassword [ns_sha1 ${sRawPassword}${sSalt}]
# B48FB74597C11FC609DBE912992085EB07847FB6

Good salts are at least of moderate length and consist of random characters. Take note, however, that you would need to be able to retrieve the same salt to perform a match against the previous hash given the same unsalted input. Hash functions for human-chosen alphanumeric passwords are usually succeptible to dictionary-based attacks.

This function is provided by the nssha1 module, provided as a Debian package among others.

Unfortunately, this implementation does not seem to be immediately compatible with other SHA1 implementations.

Postgresql: 

template1=> select encode(digest('mypassword','SHA1'),'hex');
                  encode
------------------------------------------
 91dfd9ddb4198affc5c194cd8ce6d338fde470e2
(1 row)

SEE ALSO

ns_uuencode, ns_uudecode, ns_crypt, ns_rand
Retrieved from "https://panoptic.com/mediawiki/aolserver/index.php?title=Ns_sha1&oldid=4477"