Re: calculating the MD5 hash of role passwords in C - Mailing list pgsql-general

From Matthias Apitz
Subject Re: calculating the MD5 hash of role passwords in C
Date
Msg-id 20200122194113.GA2410@c720-r342378
Whole thread Raw
In response to Re: calculating the MD5 hash of role passwords in C  (Christoph Moench-Tegeder <cmt@burggraben.net>)
Responses RE: calculating the MD5 hash of role passwords in C
Re: calculating the MD5 hash of role passwords in C
Re: calculating the MD5 hash of role passwords in C
List pgsql-general
El día miércoles, enero 22, 2020 a las 07:58:47p. m. +0100, Christoph Moench-Tegeder escribió:

> ## Matthias Apitz (guru@unixarea.de):
>
> > sisis71=# select rolname, rolpassword from pg_authid where rolname = 'sisis';
> >  rolname |             rolpassword
> > ---------+-------------------------------------
> >  sisis   | md52f128a1fbbecc4b16462e8fc8dda5cd5
> >
> > I know the clear text password of the role, it is simple 'sisis123', how
> > could I calculate the above MD5 hash from the clear text password, for
> > example in C? Which salt is used for the crypt(3) function?
>
> The documentation on pg_authid has the details:
> "The MD5 hash will be of the user's password concatenated to their user name."
> https://www.postgresql.org/docs/12/catalog-pg-authid.html

Thanks to all who replied.

This is still not exactly what I was looking for. But has an interesting
detail (salting the role password by adding the role name to it). An
implementation with UNIX crypt(3) for MD5 would need an additional salt
like '$1$salt' to encrypt 'sisis123sisis'. For sure the next place to
look is the implementation of the PostgreSQL's md5() function.

Thanks again

    matthias


--
Matthias Apitz, ✉ guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

Deutschland raus aus der NATO! NATO raus aus Deutschland! Frieden mit Russland!
Germany out of NATO! NATO out of Germany! Peace with Russia!
¡Alemania fuera de OTAN! ¡OTAN fuera de Alemania! ¡Paz con Rusia!



pgsql-general by date:

Previous
From: Magnus Hagander
Date:
Subject: Re: Memory usage of pg_basebackup...
Next
From: Igor Neyman
Date:
Subject: RE: calculating the MD5 hash of role passwords in C