Project

General

Profile

Migrating from Prosody and salted SHA1 password hashes

Abmar Barros
Added over 4 years ago

Hi everyone,

I'm currently in the process of migrating the user base of a salted SHA1 backed Prosody to Tigase, and I'm stuck on the migration of the password hashes. Have you guys been through it?

I've been looking at the stored procedures that adds/updates users in https://repository.tigase.org/reps/tigase-server/trunk/database/postgresql-schema-4-sp.sql and your efforts regarding SCRAM https://projects.tigase.org/projects/tigase-server/repository/revisions/4bf9429209fe9f77c12c9cc510243625dc971750 and I was wondering how (if) they fit together.

What are you plans regarding supporting an user base relying on salted SHA1 hashes?


Replies (3)

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

I do not know Prosody's algorithms for passwords encoding so I cannot tell you whether Tigase can support it out of the box. In some cases different passwords encoding can be entirely handled on the DB level. Have a look at the DB schema and stored procedures code with "PlainPw" in their names. You can see how password encoding is handled on the DB level. If you know Prosody algorithm then you will know if this is something that can be implemented on DB level.

Otherwise, please provide more details and someone from out team will tell you how to make it work in Tigase.

Added by Abmar Barros over 4 years ago

Hi Artur, thanks for the prompt reply.

Yes, I've seen these procedures in the schema files. Do you think I should try to edit them in order to support salted SHA1 - which is the hash mechanism Prosody uses?

Thanks

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

You can try, of course. I am afraid I cannot help you too much on this. If you do this on DB level, it would be most effective solution. But it mainly depends on how complicate this hashing algorithm is in Prosody and if this can be implemented in PL/SQL.

    (1-3/3)