How to use go to verify whether the plaintext password is the same as the salt md5 password?
Question:
Python:
# generate password
ldap_salted_md5.hash("123456")
# verify password
ldap_salted_md5.verify("123456","{SMD5}991RjK3DQCT+ri/yxQB613Yuxdg=")
# return true
shell:
# generate password
slappasswd -h {SMD5} -s "123456"
# return {SMD5}ZmDHoIiZZG/weuCNkLj189sFoPM=
# verify password by python
ldap_salted_md5.verify("123456","{SMD5}ZmDHoIiZZG/weuCNkLj189sFoPM=")
# return True
I want to use go to implement this step of ldap_salted_md5.verify
Answers:
saltPassword := strings.Replace(user.Password, "{SMD5}", "", -1)
decodeSaltPassword, _ := base64.StdEncoding.DecodeString(saltPassword)
checksum := decodeSaltPassword[0:16]
salt := decodeSaltPassword[16:]
md5Ctx := md5.New()
md5Ctx.Write([]byte(bindSimplePw))
md5Ctx.Write(salt)
cipherStr := md5Ctx.Sum(nil)
if !bytes.Equal(checksum, cipherStr) {
return ldap.LDAPResultInvalidCredentials, nil
}
Python:
# generate password
ldap_salted_md5.hash("123456")
# verify password
ldap_salted_md5.verify("123456","{SMD5}991RjK3DQCT+ri/yxQB613Yuxdg=")
# return true
shell:
# generate password
slappasswd -h {SMD5} -s "123456"
# return {SMD5}ZmDHoIiZZG/weuCNkLj189sFoPM=
# verify password by python
ldap_salted_md5.verify("123456","{SMD5}ZmDHoIiZZG/weuCNkLj189sFoPM=")
# return True
I want to use go to implement this step of ldap_salted_md5.verify
saltPassword := strings.Replace(user.Password, "{SMD5}", "", -1)
decodeSaltPassword, _ := base64.StdEncoding.DecodeString(saltPassword)
checksum := decodeSaltPassword[0:16]
salt := decodeSaltPassword[16:]
md5Ctx := md5.New()
md5Ctx.Write([]byte(bindSimplePw))
md5Ctx.Write(salt)
cipherStr := md5Ctx.Sum(nil)
if !bytes.Equal(checksum, cipherStr) {
return ldap.LDAPResultInvalidCredentials, nil
}